Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01 Ran by grzegorz at 2014-10-28 21:15:56 Running from C:\Users\grzegorz\Desktop\logi Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton Internet Security (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.) AVG PC TuneUp 2014 (HKLM-x32\...\AVG PC TuneUp) (Version: 14.0.1001.215 - AVG) AVG PC TuneUp 2014 (pl-PL) (x32 Version: 14.0.1001.215 - AVG) Hidden AVG PC TuneUp 2014 (x32 Version: 14.0.1001.215 - AVG) Hidden BitComet 1.34 (HKLM-x32\...\BitComet) (Version: 1.34 - CometNetwork) Claro toolbar (HKLM-x32\...\claro) (Version: 1.8.8.5 - Claro LTD) <==== ATTENTION Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.) CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) fillUp 1.1.10 (HKLM-x32\...\{D4A8DDEF-CE67-4466-9A68-9C93D7322CEB}_is1) (Version: - e-file sp. z o.o.) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden GG (HKCU\...\GG) (Version: 11 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM\...\{FE9F1C2A-F17B-47A8-A7CA-9E529BE66F89}) (Version: 4.2.5.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company) HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard) HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company) HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard) HP Software Framework (HKLM-x32\...\{04352528-0DBF-400F-980C-9BF40E66EE19}) (Version: 4.6.8.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company) HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard) HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT) IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden Internet Explorer Toolbar 4.6 by SweetPacks (HKLM-x32\...\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}) (Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION ipla 2.8 (HKLM-x32\...\ipla) (Version: 2.8 - Redefine Sp z o.o.) Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle) Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION Mozilla Firefox 32.0.3 (x86 pl) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 pl)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden Nero Burning Core (x32 Version: 15.0.25001 - Nero AG) Hidden Nero Burning ROM (x32 Version: 15.0.25001 - Nero AG) Hidden Nero Burning ROM 2014 (HKLM-x32\...\{DEFD8F31-C266-4ED3-91DF-5B222C050827}) (Version: 15.0.03900 - Nero AG) Nero Burning ROM Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden Nero Core Components (x32 Version: 11.0.23200 - Nero AG) Hidden Nero SharedVideoCodecs (x32 Version: 1.0.15005 - Nero AG) Hidden Nero Update (x32 Version: 11.0.13300.42.0 - Nero AG) Hidden Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.5.0.28 - Symantec Corporation) PC Performer (HKLM-x32\...\PC Performer_is1) (Version: 11.10 - PerformerSoft LLC) <==== ATTENTION PC Tools Registry Mechanic 11.1 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.1 - PC Tools) PIT Format 2012 (HKLM-x32\...\PIT Format 2012_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Plus Internet 2.4 (HKLM-x32\...\Plus Internet_is1) (Version: - Polkomtel S.A.) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden Program PIT 2012-2013 (HKLM-x32\...\{7C4E9C61-EDB9-4308-849E-654A9A88017C}) (Version: 1.3.7 - Podatnik.info Sp z o.o.) Ralink Bluetooth Stack64 (HKLM\...\{58BC91D0-42E7-125D-F9B6-F2F5C0CDB096}) (Version: 9.0.715.0 - Nazwa firmy) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.) RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION SaveSense (HKCU\...\SaveSense) (Version: - ) <==== ATTENTION SaveSense (remove only) (HKLM-x32\...\SaveSense) (Version: 5.3.0.6 - SaveSense) <==== ATTENTION SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION SweetIM for Messenger 3.7 (HKLM-x32\...\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}) (Version: 3.7.0007 - SweetIM Technologies Ltd.) <==== ATTENTION SweetPacks bundle uninstaller (HKLM-x32\...\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}) (Version: 1.0.0001 - SweetIM Technologies Ltd.) <==== ATTENTION swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3534941372-2854263721-3486358908-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\grzegorz\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= 12-10-2014 11:05:33 Zaplanowany punkt kontrolny 16-10-2014 16:33:39 Windows Update 20-10-2014 17:02:22 Windows Update 25-10-2014 19:56:46 Removed Bonjour ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {167E64F8-B174-482C-AC7E-875CF9BFDD63} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3534941372-2854263721-3486358908-1001Core => C:\Users\grzegorz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-27] (Facebook Inc.) Task: {18383FB4-45BA-4AE1-9F68-13B45B02BC62} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company) Task: {18C70C03-CCD1-411A-80D8-17BDFA2958A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {1FB9CADC-B936-4C98-AE87-A0F5FBC96A31} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [2014-04-29] (Symantec Corporation) Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {30C4D870-02A6-474D-A993-BB7F65E11FE2} - System32\Tasks\RMSchedule => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe [2013-03-13] (PC Tools) Task: {342FD99F-F9D0-4777-88AC-2CB15D096044} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3534941372-2854263721-3486358908-1001UA => C:\Users\grzegorz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-27] (Facebook Inc.) Task: {39B2E3A4-3C50-4F79-8486-E469E87D2DB3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-20] (Microsoft Corporation) Task: {39E23AF2-50E6-43F4-AAFE-34B15B207AAE} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink) Task: {3D8EC5C8-9605-47E4-B01C-DC8168A79F91} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-01-15] (SaveSense) <==== ATTENTION Task: {465AD9FC-DF67-45CA-9BC5-90BA38B99AFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company) Task: {49BCF955-C2D9-416A-873A-03CBF903387A} - System32\Tasks\PC Performer_UPDATES => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2012-03-14] (PerformerSoft LLC) <==== ATTENTION Task: {4C690382-41D9-4612-BC7E-B9C7697DF5EE} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2012-01-20] (Systweak Inc) <==== ATTENTION Task: {58BC3A66-8D20-4DE4-912F-79A37578F2EE} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation) Task: {6818B22F-A22B-4995-9661-4BDE87BA82C8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated) Task: {68C3389E-0C3F-486A-8EFE-B988AFD73179} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company) Task: {720781B6-D2A8-408F-A638-AED786F22C21} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink) Task: {772CFC86-0A03-4683-B956-CBE57E0DC852} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation) Task: {89726DC0-6915-4622-81B1-55EFA35A5DF9} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation) Task: {8AC4C39E-AE38-4302-B1D2-7A42D97D4C97} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION Task: {9F139910-7E35-4923-98A3-7A29A22744AD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.) Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {A7942B8C-843A-40A1-881D-3A11339834FF} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG PC TuneUp 2014\OneClick.exe [2013-10-12] (AVG) Task: {C5471A6B-B07E-4681-8A8C-AC2DBC961A20} - System32\Tasks\RMAutoUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe [2013-03-13] (PC Tools) Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {CD38C8E3-CF2A-4E6E-8078-8755CBD97AE8} - System32\Tasks\PC Performer => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2012-03-14] (PerformerSoft LLC) <==== ATTENTION Task: {CE873327-F1FB-46C3-8CC4-B2EB2388C083} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2012-01-20] (Systweak Inc) <==== ATTENTION Task: {D7CA539F-AFD5-427D-A69A-DA2176C57E92} - System32\Tasks\PC Performer_DEFAULT => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2012-03-14] (PerformerSoft LLC) <==== ATTENTION Task: {DFFF37F0-DBD8-40FC-AAE7-5C44AEC509D0} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-01-15] (SaveSense) <==== ATTENTION Task: {E0D2EE4F-9DD2-4B20-9EE0-E9CB0E4C7732} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2012-01-20] (Systweak Inc) <==== ATTENTION Task: {E26F6DB7-83D9-443D-81C2-75425C83F501} - System32\Tasks\SaveSense => C:\Users\grzegorz\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {F6F45B1E-BC27-4231-99FC-84EDE5870C84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3534941372-2854263721-3486358908-1001Core.job => C:\Users\grzegorz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3534941372-2854263721-3486358908-1001UA.job => C:\Users\grzegorz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\PC Performer_DEFAULT.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION Task: C:\Windows\Tasks\PC Performer_UPDATES.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION Task: C:\Windows\Tasks\RMAutoUpdate.job => C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe Task: C:\Windows\Tasks\RMSchedule.job => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe Task: C:\Windows\Tasks\SaveSense.job => C:\Users\grzegorz\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2013-10-12 02:01 - 2013-10-12 02:01 - 00757048 _____ () C:\Program Files (x86)\AVG PC TuneUp 2014\avgrepliba.dll 2012-07-10 17:11 - 2012-07-10 17:11 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll 2012-08-08 06:17 - 2012-08-08 06:17 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-01-15 19:45 - 2014-01-15 20:01 - 00766656 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe 2014-02-26 16:51 - 2014-02-26 16:51 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll 2012-07-10 17:09 - 2012-07-10 17:09 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll 2012-07-10 17:11 - 2012-07-10 17:11 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll 2012-07-10 17:11 - 2012-07-10 17:11 - 00052736 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll 2012-07-10 17:14 - 2012-07-10 17:14 - 00072192 _____ () C:\Windows\SYSTEM32\BsProfilefunc.dll 2012-07-27 13:51 - 2012-07-27 13:51 - 00346112 _____ () C:\Windows\SYSTEM32\BsExtendFunc.dll 2012-09-14 01:37 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2014-01-15 20:02 - 2014-01-15 20:01 - 00061440 _____ () C:\Program Files (x86)\Mobogenie\Device.dll 2014-01-15 20:02 - 2014-01-15 20:01 - 00471040 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll 2014-05-02 08:19 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.5.0.28\wincfi39.dll 2012-09-14 01:15 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKCU\...\StartupApproved\Run: => "IPLA!" ========================= Accounts: ========================== Administrator (S-1-5-21-3534941372-2854263721-3486358908-500 - Administrator - Disabled) Gość (S-1-5-21-3534941372-2854263721-3486358908-501 - Limited - Disabled) grzegorz (S-1-5-21-3534941372-2854263721-3486358908-1001 - Administrator - Enabled) => C:\Users\grzegorz ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (10/28/2014 08:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (10/28/2014 08:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (10/28/2014 08:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (10/28/2014 00:31:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: svchost.exe_SSDPSRV, wersja: 6.2.9200.16420, sygnatura czasowa: 0x505a9a4e Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.2.9200.17046, sygnatura czasowa: 0x53b4864c Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000000069dc Identyfikator procesu powodującego błąd: 0xaf4 Godzina uruchomienia aplikacji powodującej błąd: 0xsvchost.exe_SSDPSRV0 Ścieżka aplikacji powodującej błąd: svchost.exe_SSDPSRV1 Ścieżka modułu powodującego błąd: svchost.exe_SSDPSRV2 Identyfikator raportu: svchost.exe_SSDPSRV3 Pełna nazwa pakietu powodującego błąd: svchost.exe_SSDPSRV4 Identyfikator aplikacji względem pakietu powodującego błąd: svchost.exe_SSDPSRV5 Error: (10/27/2014 00:09:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (10/27/2014 00:09:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (10/27/2014 00:09:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (10/22/2014 02:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5089188 Error: (10/22/2014 02:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5089188 Error: (10/22/2014 02:54:29 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (10/28/2014 09:12:36 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 20:37:35 na ‎2014-‎10-‎28 było nieoczekiwane. Error: (10/28/2014 08:37:35 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 19:42:50 na ‎2014-‎10-‎28 było nieoczekiwane. Error: (10/28/2014 03:36:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070002: Synaptics - Other hardware - Synaptics PS/2 Port TouchPad. Error: (10/28/2014 00:31:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Połącz teraz w systemie Windows — Rejestrator konfiguracji niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/28/2014 00:31:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Broker czasu niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/28/2014 00:31:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Odnajdywanie SSDP niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 100 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/28/2014 00:31:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Publikacja zasobów odnajdowania funkcji niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/27/2014 03:34:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070002: Synaptics - Other hardware - Synaptics PS/2 Port TouchPad. Error: (10/27/2014 00:42:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070002: Synaptics - Other hardware - Synaptics PS/2 Port TouchPad. Error: (10/25/2014 08:54:26 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 21:25:54 na ‎2014-‎10-‎25 było nieoczekiwane. Microsoft Office Sessions: ========================= Error: (10/28/2014 08:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: WmiApRplWmiApRpl8F2030000E5050000 Error: (10/28/2014 08:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Performance163707000000000000000000008F020000 Error: (10/28/2014 08:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Performance163707000000000000000000008F020000 Error: (10/28/2014 00:31:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: svchost.exe_SSDPSRV6.2.9200.16420505a9a4entdll.dll6.2.9200.1704653b4864cc000000500000000000069dcaf401cff08d87857707C:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllf0657889-5e95-11e4-bf9f-28924a542b3b Error: (10/27/2014 00:09:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: WmiApRplWmiApRpl8F2030000E5050000 Error: (10/27/2014 00:09:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Performance163707000000000000000000008F020000 Error: (10/27/2014 00:09:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Performance163707000000000000000000008F020000 Error: (10/22/2014 02:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5089188 Error: (10/22/2014 02:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5089188 Error: (10/22/2014 02:54:29 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second CodeIntegrity Errors: =================================== Date: 2014-10-28 21:14:31.267 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-28 21:14:28.909 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-28 21:14:04.063 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-28 20:46:52.789 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-28 20:45:23.383 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-28 19:10:21.494 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-28 19:10:11.046 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-28 19:08:32.344 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-28 19:07:21.340 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2014-10-28 19:07:12.867 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz Percentage of memory in use: 28% Total physical RAM: 3986.27 MB Available physical RAM: 2853.29 MB Total Pagefile: 4882.27 MB Available Pagefile: 3756.66 MB Total Virtual: 8192 MB Available Virtual: 8191.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:280.69 GB) (Free:222.75 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:16.63 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: CD66F5BE) Partition: GPT Partition Type. ==================== End Of Log ============================