Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-11-2014 01 Ran by HP at 2014-11-08 19:11:41 Running from C:\Users\HP\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7 Wonders II (x32 Version: 2.2.0.98 - WildTangent) Hidden Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden AMD Catalyst Install Manager (HKLM\...\{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.) AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies) AVG 2015 (Version: 15.0.4189 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft) Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite) Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Crazy Chicken Soccer (x32 Version: 2.2.0.98 - WildTangent) Hidden CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.) CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.) Cyfrowy Polsat E3276 (HKLM-x32\...\Cyfrowy Polsat E3276) (Version: 23.009.11.02.618 - Huawei Technologies Co.,Ltd) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard) F2400 (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Happy Cloud Client (HKCU\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM\...\{9F92182D-24EB-4A4E-A318-E3E8011EF638}) (Version: 4.2.9.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP) HP Documentation (HKLM-x32\...\{0750AEFA-BCAA-4CAF-BA44-1CA58FF243F8}) (Version: 1.1.0.0 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife) HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company) HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard) HP Software Framework (HKLM-x32\...\{6975FEB2-7CBF-4150-A067-F2E2D2E03839}) (Version: 4.6.10.1 - Hewlett-Packard Company) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard) HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Huawei E3272 (HKLM-x32\...\Huawei E3272) (Version: 22.001.22.00.1202 - Huawei Technologies Co.,Ltd) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT) Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden K-Lite Codec Pack 9.9.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - ) Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden Malwarebytes Anti-Malware wersja 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) MyDriveConnect 3.3.0.1318 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1318 - TomTom) Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Obsługa programów Apple (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd) QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden Ralink Bluetooth Stack64 (HKLM\...\{3DA4255C-E376-83BE-72B4-B060F7124CC8}) (Version: 9.0.720.5 - Ralink Corporation) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek) Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden ReadMe (HKLM-x32\...\{58374AB6-B624-4358-A8BF-25AC2E1D3F28}) (Version: 1.00.0000 - Dixons Retail) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27025 - Realtek Semiconductor Corp.) RedApp 1.0 (HKLM-x32\...\RedApp) (Version: 1.0 - Redefine Sp z o.o.) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden StartW8 1.1.34.0 (HKLM-x32\...\{B6ADD537-BDC9-4D2B-B135-01C261D675BC}) (Version: 1.1.34.0 - SODATSW spol. s r. o.) Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated) TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Nazwa firmy) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.0.4 - uvnc bvba) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH) Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 18-10-2014 12:02:10 Installed AVG 2015 28-10-2014 08:48:10 Scheduled Checkpoint 06-11-2014 19:31:47 Scheduled Checkpoint 08-11-2014 16:52:55 Removed Java 7 Update 67 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 06:26 - 2013-10-16 13:29 - 00001050 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 static3.cdn.ubi.com 127.0.0.1 ubisoft-orbit.s3.amazonaws.com 127.0.0.1 onlineconfigservice.ubi.com 127.0.0.1 orbitservice.ubi.com 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {10003137-7D2D-4D4A-8081-A8DBFEC76FEE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {1A98CE31-2127-479B-913B-CAC34127A896} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {2804836E-F744-4A9C-9B5D-DFF9CB44D159} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {45C4E9B3-A2E8-47FE-A3AB-DF7AAE49504D} - System32\Tasks\HPCeeScheduleForHP => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {50AFE8F8-D59E-4A6B-BE86-00E529F034BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-09] (Google Inc.) Task: {5B7B2D25-113D-4A5B-91FB-3DB7AFBE274A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {6E29178C-3FD8-494B-82CC-9222860FC0BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard) Task: {72082F75-6997-491A-875C-19B68EF3B423} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-09] (Google Inc.) Task: {78F81FDD-EE35-462E-8AC1-1DCA836A4651} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.) Task: {9A0FDA28-00C9-409B-AD74-67082CD34DC6} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink) Task: {9BDEE58F-8D76-4C5A-92A7-6328CB793B6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP SoftPaq Installer => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Tasks.exe [2013-11-04] (Hewlett-Packard Company) Task: {9CA06C95-E570-4DF7-909D-E1E0933506BA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-15] (Microsoft Corporation) Task: {9D3F069F-E89F-4A7A-BFF4-47045A262D1F} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-25] (Synaptics Incorporated) Task: {B89FADB6-4941-455C-9601-182E98EB671C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN37H1650W => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard) Task: {BD7B04DB-112F-4280-B5C3-3CF8B4971CF4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {C287EB97-0DDC-409E-B399-9AC75F25476F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {CCBC58A3-9905-4F05-94FB-5E5654516A89} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard) Task: {CFD0D782-88E7-492F-9BB6-EF5E35AA0E42} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForHP.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Loaded Modules (whitelisted) ============= 2012-08-08 10:36 - 2012-08-08 10:36 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2014-03-02 10:41 - 2013-01-23 15:32 - 00650240 _____ () C:\ProgramData\Cyfrowy Polsat E3276\OnlineUpdate\ouc.exe 2014-09-14 10:20 - 2013-12-03 07:09 - 00240720 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2012-09-03 11:50 - 2012-09-03 11:50 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll 2012-08-08 10:36 - 2012-08-08 10:36 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2014-03-02 10:41 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\Cyfrowy Polsat E3276\OnlineUpdate\mingwm10.dll 2014-03-02 10:41 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\Cyfrowy Polsat E3276\OnlineUpdate\libgcc_s_dw2-1.dll 2014-03-02 10:41 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\Cyfrowy Polsat E3276\OnlineUpdate\QtCore4.dll 2014-03-02 10:41 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\Cyfrowy Polsat E3276\OnlineUpdate\QtNetwork4.dll 2014-03-02 10:41 - 2013-01-23 15:32 - 00843264 _____ () C:\ProgramData\Cyfrowy Polsat E3276\OnlineUpdate\QueryStrategy.dll 2014-03-02 10:41 - 2012-10-31 10:11 - 00398336 _____ () C:\ProgramData\Cyfrowy Polsat E3276\OnlineUpdate\QtXml4.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "StartW8Button" HKCU\...\StartupApproved\Run: => "Skype" HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite" ========================= Accounts: ========================== Administrator (S-1-5-21-3213480392-2879305173-3249302376-500 - Administrator - Disabled) => C:\Users\Administrator Guest (S-1-5-21-3213480392-2879305173-3249302376-501 - Limited - Disabled) HP (S-1-5-21-3213480392-2879305173-3249302376-1002 - Administrator - Enabled) => C:\Users\HP ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/08/2014 07:09:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ztjwdrng.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83 Nazwa modułu powodującego błąd: ztjwdrng.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000011aa Identyfikator procesu powodującego błąd: 0x618 Godzina uruchomienia aplikacji powodującej błąd: 0xztjwdrng.exe0 Ścieżka aplikacji powodującej błąd: ztjwdrng.exe1 Ścieżka modułu powodującego błąd: ztjwdrng.exe2 Identyfikator raportu: ztjwdrng.exe3 Pełna nazwa pakietu powodującego błąd: ztjwdrng.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: ztjwdrng.exe5 Error: (11/08/2014 07:05:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: BlueSoleilCS.exe, wersja: 9.0.718.0, sygnatura czasowa: 0x504426e6 Nazwa modułu powodującego błąd: tl_filter.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x5029b6ce Kod wyjątku: 0xc0000094 Przesunięcie błędu: 0x0000d53d Identyfikator procesu powodującego błąd: 0x878 Godzina uruchomienia aplikacji powodującej błąd: 0xBlueSoleilCS.exe0 Ścieżka aplikacji powodującej błąd: BlueSoleilCS.exe1 Ścieżka modułu powodującego błąd: BlueSoleilCS.exe2 Identyfikator raportu: BlueSoleilCS.exe3 Pełna nazwa pakietu powodującego błąd: BlueSoleilCS.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: BlueSoleilCS.exe5 Error: (11/08/2014 06:30:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ztjwdrng.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83 Nazwa modułu powodującego błąd: ztjwdrng.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000011aa Identyfikator procesu powodującego błąd: 0x19cc Godzina uruchomienia aplikacji powodującej błąd: 0xztjwdrng.exe0 Ścieżka aplikacji powodującej błąd: ztjwdrng.exe1 Ścieżka modułu powodującego błąd: ztjwdrng.exe2 Identyfikator raportu: ztjwdrng.exe3 Pełna nazwa pakietu powodującego błąd: ztjwdrng.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: ztjwdrng.exe5 Error: (11/08/2014 06:16:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: BlueSoleilCS.exe, wersja: 9.0.718.0, sygnatura czasowa: 0x504426e6 Nazwa modułu powodującego błąd: tl_filter.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x5029b6ce Kod wyjątku: 0xc0000094 Przesunięcie błędu: 0x0000d53d Identyfikator procesu powodującego błąd: 0x7e4 Godzina uruchomienia aplikacji powodującej błąd: 0xBlueSoleilCS.exe0 Ścieżka aplikacji powodującej błąd: BlueSoleilCS.exe1 Ścieżka modułu powodującego błąd: BlueSoleilCS.exe2 Identyfikator raportu: BlueSoleilCS.exe3 Pełna nazwa pakietu powodującego błąd: BlueSoleilCS.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: BlueSoleilCS.exe5 Error: (11/08/2014 03:26:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: BlueSoleilCS.exe, wersja: 9.0.718.0, sygnatura czasowa: 0x504426e6 Nazwa modułu powodującego błąd: tl_filter.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x5029b6ce Kod wyjątku: 0xc0000094 Przesunięcie błędu: 0x0000d53d Identyfikator procesu powodującego błąd: 0x8c8 Godzina uruchomienia aplikacji powodującej błąd: 0xBlueSoleilCS.exe0 Ścieżka aplikacji powodującej błąd: BlueSoleilCS.exe1 Ścieżka modułu powodującego błąd: BlueSoleilCS.exe2 Identyfikator raportu: BlueSoleilCS.exe3 Pełna nazwa pakietu powodującego błąd: BlueSoleilCS.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: BlueSoleilCS.exe5 Error: (11/08/2014 10:03:08 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2” w wierszu C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Error: (11/08/2014 08:47:12 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2875 Error: (11/08/2014 08:47:12 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2875 Error: (11/08/2014 08:47:12 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/08/2014 07:19:09 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 System errors: ============= Error: (11/08/2014 07:05:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa BlueSoleilCS niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/08/2014 07:05:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Cyfrowy Polsat E3276. OUC z powodu następującego błędu: %%1053 Error: (11/08/2014 07:05:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Cyfrowy Polsat E3276. OUC. Error: (11/08/2014 07:04:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AppEx Networks Accelerator LWF z powodu następującego błędu: %%31 Error: (11/08/2014 07:04:59 PM) (Source: APXACC) (EventID: 1003) (User: ) Description: The NDIS6 LWF initialization has failed. (0xC0000001) Error: (11/08/2014 07:04:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi StartW8Service z powodu następującego błędu: %%2 Error: (11/08/2014 07:03:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa BlueSoleilCS niespodziewanie zakończyła pracę. Wystąpiło to razy: 3. Error: (11/08/2014 07:03:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa uvnc_service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/08/2014 07:03:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Presentation Foundation Font Cache 3.0.0.0 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (11/08/2014 07:03:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa HP Support Assistant Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Microsoft Office Sessions: ========================= Error: (11/08/2014 07:09:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: ztjwdrng.exe2.1.19357.052e7ea83ztjwdrng.exe2.1.19357.052e7ea83c0000005000011aa61801cffb7ed881ada8C:\Users\HP\Desktop\ztjwdrng.exeC:\Users\HP\Desktop\ztjwdrng.exe5a713de8-6772-11e4-bedc-083e8e40f4f4 Error: (11/08/2014 07:05:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BlueSoleilCS.exe9.0.718.0504426e6tl_filter.dll_unloaded0.0.0.05029b6cec00000940000d53d87801cffb7e83c416e4C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exetl_filter.dllcc5012ab-6771-11e4-bedc-083e8e40f4f4 Error: (11/08/2014 06:30:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: ztjwdrng.exe2.1.19357.052e7ea83ztjwdrng.exe2.1.19357.052e7ea83c0000005000011aa19cc01cffb79b8387b45C:\Users\HP\Desktop\ztjwdrng.exeC:\Users\HP\Desktop\ztjwdrng.exefddcd08b-676c-11e4-bedb-083e8e40f4f4 Error: (11/08/2014 06:16:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BlueSoleilCS.exe9.0.718.0504426e6tl_filter.dll0.0.0.05029b6cec00000940000d53d7e401cffb77bf0c34e4C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exeC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dllfe985947-676a-11e4-bedb-083e8e40f4f4 Error: (11/08/2014 03:26:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BlueSoleilCS.exe9.0.718.0504426e6tl_filter.dll_unloaded0.0.0.05029b6cec00000940000d53d8c801cffb5ff1f1e6b6C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exetl_filter.dll3b2ebd40-6753-11e4-bedb-083e8e40f4f4 Error: (11/08/2014 10:03:08 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files (x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe Error: (11/08/2014 08:47:12 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2875 Error: (11/08/2014 08:47:12 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2875 Error: (11/08/2014 08:47:12 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/08/2014 07:19:09 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 CodeIntegrity Errors: =================================== Date: 2014-01-08 21:43:32.475 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements. Date: 2014-01-08 21:43:32.428 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements. Date: 2014-01-08 12:55:41.824 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements. Date: 2014-01-08 12:55:41.624 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements. Date: 2014-01-02 18:16:10.636 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements. Date: 2014-01-02 18:16:10.574 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements. Date: 2013-12-31 15:55:07.814 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements. Date: 2013-12-31 15:55:07.751 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements. Date: 2013-12-31 15:39:45.077 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements. Date: 2013-12-31 15:39:45.014 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== Processor: AMD A6-4455M APU with Radeon(tm) HD Graphics Percentage of memory in use: 17% Total physical RAM: 7642.26 MB Available physical RAM: 6311.37 MB Total Pagefile: 9050.26 MB Available Pagefile: 7655.82 MB Total Virtual: 131072 MB Available Virtual: 131071.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:445.78 GB) (Free:338.49 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:18.87 GB) (Free:2.33 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: B9AD8046) Partition: GPT Partition Type. ==================== End Of Log ============================