Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-03-2015 01 Ran by xx at 2015-03-05 18:35:00 Run:1 Running from C:\Users\xx\Desktop Loaded Profiles: UpdatusUser & xx (Available profiles: UpdatusUser & xx) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: DisableService: sptd R1 {55685567-4840-4a91-962b-49a412e9485a}Gw64; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys [61112 2014-06-10] (StdLib) R1 {55685567-4840-4a91-962b-49a412e9485a}w64; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys [61112 2014-06-12] (StdLib) R1 {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64; C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112 2014-05-22] (StdLib) R2 Update BringStar; C:\Program Files (x86)\BringStar\updateBringStar.exe [317728 2014-06-11] () R2 Util BringStar; C:\Program Files (x86)\BringStar\bin\utilBringStar.exe [317728 2014-06-11] () Task: {0FD8188F-4C07-4D93-B6C0-611FA2F37051} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION Task: {10AFC872-1F31-405D-A3E8-BDED2FAC54A4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2568246086-2447926606-4193830083-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {332EABD6-129F-4CA2-B824-7743EFEA3F33} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2568246086-2447926606-4193830083-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {4024785F-BE99-46F1-99FD-33D91A9ECFA5} - \VuuPCUpdateLogin No Task File <==== ATTENTION Task: {51750AA7-6CE1-4E14-BC3D-F9C41E4D9AE2} - System32\Tasks\{06AB844F-BB53-4346-A8FD-D2DF973ACBE1} => Iexplore.exe http://ui.skype.com/ui/0/6.3.0.107/pl/abandoninstall?source=lightinstaller&page=tsProgressBar Task: {526DFC45-1EFA-4CA1-88C0-795076A0996E} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION Task: {57E5969D-28F8-43DA-89DA-71F36C57CE8C} - \SaveSense No Task File <==== ATTENTION Task: {608995CB-165D-4583-9ECB-E263B5A9BABE} - System32\Tasks\ReclaimerUpdateFiles_xx => C:\Users\xx\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\12.01\agent\rnupgagent.exe [2015-02-05] (RealNetworks, Inc.) Task: {7158FF08-DA9F-40FD-A020-F8AC52C645E7} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {9AA55A49-9A4E-44C6-9032-E55C35390364} - \VuuPCUpdate No Task File <==== ATTENTION Task: {EB15BBA3-F5A1-40BA-940B-0B2EDD844896} - System32\Tasks\ReclaimerUpdateXML_xx => C:\Users\xx\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\12.01\agent\rnupgagent.exe [2015-02-05] (RealNetworks, Inc.) Task: C:\WINDOWS\Tasks\ReclaimerUpdateFiles_xx.job => C:\Users\xx\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\12.01\agent\rnupgagent.exe Task: C:\WINDOWS\Tasks\ReclaimerUpdateXML_xx.job => C:\Users\xx\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\12.01\agent\rnupgagent.exe Task: C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 -> DefaultScope value is missing. SearchScopes: HKU\S-1-5-21-2568246086-2447926606-4193830083-1002 -> {51BCC7B1-3642-4753-9589-1AB5C0C58671} URL = BHO-x32: BringStar -> {6f0d3dec-9246-4b6f-a5e3-c1c169493eef} -> C:\Program Files (x86)\BringStar\BringStarBHO.dll (BringStar) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File C:\Program Files (x86)\BringStar C:\Program Files (x86)\Real C:\ProgramData\Real C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer C:\Users\xx\AppData\Roaming\Real C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v fst_pl_79 /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v fst_pl_99 /f Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. sptd service was disabled {55685567-4840-4a91-962b-49a412e9485a}Gw64 => Unable to stop service {55685567-4840-4a91-962b-49a412e9485a}Gw64 => Service deleted successfully. {55685567-4840-4a91-962b-49a412e9485a}w64 => Unable to stop service {55685567-4840-4a91-962b-49a412e9485a}w64 => Service deleted successfully. {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64 => Unable to stop service {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64 => Service deleted successfully. Update BringStar => Unable to stop service Update BringStar => Service deleted successfully. Util BringStar => Unable to stop service Util BringStar => Service deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FD8188F-4C07-4D93-B6C0-611FA2F37051}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FD8188F-4C07-4D93-B6C0-611FA2F37051}" => Key deleted successfully. C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSenseLiveUpdateTaskMachineUA" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10AFC872-1F31-405D-A3E8-BDED2FAC54A4}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10AFC872-1F31-405D-A3E8-BDED2FAC54A4}" => Key deleted successfully. C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2568246086-2447926606-4193830083-1002 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2568246086-2447926606-4193830083-1002" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{332EABD6-129F-4CA2-B824-7743EFEA3F33}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{332EABD6-129F-4CA2-B824-7743EFEA3F33}" => Key deleted successfully. C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2568246086-2447926606-4193830083-1002 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeLogonTaskS-1-5-21-2568246086-2447926606-4193830083-1002" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4024785F-BE99-46F1-99FD-33D91A9ECFA5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4024785F-BE99-46F1-99FD-33D91A9ECFA5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VuuPCUpdateLogin" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51750AA7-6CE1-4E14-BC3D-F9C41E4D9AE2}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51750AA7-6CE1-4E14-BC3D-F9C41E4D9AE2}" => Key deleted successfully. C:\Windows\System32\Tasks\{06AB844F-BB53-4346-A8FD-D2DF973ACBE1} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{06AB844F-BB53-4346-A8FD-D2DF973ACBE1}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{526DFC45-1EFA-4CA1-88C0-795076A0996E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{526DFC45-1EFA-4CA1-88C0-795076A0996E}" => Key deleted successfully. C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSenseLiveUpdateTaskMachineCore" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57E5969D-28F8-43DA-89DA-71F36C57CE8C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57E5969D-28F8-43DA-89DA-71F36C57CE8C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSense" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{608995CB-165D-4583-9ECB-E263B5A9BABE}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{608995CB-165D-4583-9ECB-E263B5A9BABE}" => Key deleted successfully. C:\Windows\System32\Tasks\ReclaimerUpdateFiles_xx => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReclaimerUpdateFiles_xx" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7158FF08-DA9F-40FD-A020-F8AC52C645E7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7158FF08-DA9F-40FD-A020-F8AC52C645E7}" => Key deleted successfully. C:\Windows\System32\Tasks\CreateChoiceProcessTask => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateChoiceProcessTask" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9AA55A49-9A4E-44C6-9032-E55C35390364}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AA55A49-9A4E-44C6-9032-E55C35390364}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VuuPCUpdate" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB15BBA3-F5A1-40BA-940B-0B2EDD844896}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB15BBA3-F5A1-40BA-940B-0B2EDD844896}" => Key deleted successfully. C:\Windows\System32\Tasks\ReclaimerUpdateXML_xx => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReclaimerUpdateXML_xx" => Key deleted successfully. C:\WINDOWS\Tasks\ReclaimerUpdateFiles_xx.job => Moved successfully. C:\WINDOWS\Tasks\ReclaimerUpdateXML_xx.job => Moved successfully. C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => Moved successfully. C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => Moved successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. "HKU\S-1-5-21-2568246086-2447926606-4193830083-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{51BCC7B1-3642-4753-9589-1AB5C0C58671}" => Key deleted successfully. HKCR\CLSID\{51BCC7B1-3642-4753-9589-1AB5C0C58671} => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6f0d3dec-9246-4b6f-a5e3-c1c169493eef}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{6f0d3dec-9246-4b6f-a5e3-c1c169493eef}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully. HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found. C:\Program Files (x86)\BringStar => Moved successfully. C:\Program Files (x86)\Real => Moved successfully. C:\ProgramData\Real => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer => Moved successfully. C:\Users\xx\AppData\Roaming\Real => Moved successfully. C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys => Moved successfully. C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys => Moved successfully. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v fst_pl_79 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v fst_pl_99 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Google /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= EmptyTemp: => Removed 371.1 MB temporary data. The system needed a reboot. ==== End of Fixlog 18:37:28 ====