Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-10-2014 01 Ran by Łukasz at 2014-10-08 20:36:46 Running from C:\Users\Łukasz\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Aktualizacje NVIDIA 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden Ares 2.2.8 (HKLM\...\Ares) (Version: 2.2.8-Build#3052 - Seekar Ltd) Bandicam (HKLM\...\Bandicam) (Version: 1.9.2.454 - Bandisoft.com) BitComet 1.35 (HKLM\...\BitComet) (Version: 1.35 - CometNetwork) Burnout Paradise - The Ultimate Box (HKLM\...\Burnout Paradise - The Ultimate Box_is1) (Version: - ) Call of Duty(R) 2 (HKLM\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision) Call of Duty(R) 2 (Version: 1.00.0000 - Activision) Hidden Call of Duty(R) 2 Patch 1.3 (Version: 1.3 - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision) Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (Version: 1.6 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version: 1.7 - Activision) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform) Centrum obsługi urządzeń z systemem Windows Mobile — aktualizacja sterowników (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation) CPUID HWMonitor 1.17 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) CWK (Czasowy Wyłącznik Komputera) (HKLM\...\CWK) (Version: 2.52.3.43 - Damian Pasternak) Cyfrowy Polsat MF821 (HKLM\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: PCW_PLSPOLLV1.0.0B12 - ZTE Corporation) DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.0.0316.0317 - DT Soft Ltd) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) eCom (HKLM\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.18.1209.102 - Sonix) Enable S3 for USB Device (HKLM\...\Enable S3 for USB Device) (Version: - ) ESET Antivirus License Finder (MiNODLogin) (HKLM\...\MiNODLogin) (Version: 4.0.1.63 - GuillerSoft) ESET NOD32 Antivirus (HKLM\...\{8F7236B4-81D2-45AD-B6B1-052E1351991B}) (Version: 7.0.302.26 - ESET, spol s r. o.) FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - ) Flashtool (HKLM\...\Flashtool) (Version: 0.9.9.0 - Androxyde) Fraps (remove only) (HKLM\...\Fraps) (Version: - ) Free YouTube Download version 3.1.41.1130 (HKLM\...\Free YouTube Download_is1) (Version: 3.1.41.1130 - DVDVideoSoft Ltd.) GameRanger (HKCU\...\GameRanger) (Version: - GameRanger Technologies) Google Earth Plug-in (HKLM\...\{33286280-8617-11E1-8FF6-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google) Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden Grand Theft Auto IV (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden HP Support Solutions Framework (HKLM\...\{D2F04839-0AD0-4F06-A6B5-6DFF05E27B67}) (Version: 11.50.0019 - Hewlett-Packard Company) Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation) IObit Apps Toolbar v7.0 (HKLM\...\{4ED7341F-1942-4623-A27C-9C4F3838172F}) (Version: 7.0 - Spigot, Inc.) <==== ATTENTION Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java(TM) 7 Update 5 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217005F0}) (Version: 7.0.50 - Oracle) JDownloader (HKLM\...\JDownloader) (Version: - AppWork UG (haftungsbeschränkt)) Kalendarz XP v29.85 (HKLM\...\Kalendarz XP) (Version: - ) K-Lite Codec Pack 6.0.4 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 6.0.4 - ) League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (Version: 3.0.1 - Riot Games) Hidden Media Go Video Playback Engine 1.88.107.12050 (HKLM\...\{7FA1DAFD-AF55-E915-FD92-F269443A2ADF}) (Version: 1.88.107.12050 - Sony) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile PLK Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended PLK Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Office Access MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Proofing (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden MKLOL (HKCU\...\MKLOL) (Version: - ) MKV Player 2.1.3 (HKLM\...\MKV Player_is1) (Version: - ) Mozilla Firefox 32.0.3 (x86 pl) (HKLM\...\Mozilla Firefox 32.0.3 (x86 pl)) (Version: 32.0.3 - Mozilla) Multimedia Keyboard Driver (HKLM\...\{0FCCC22A-4667-49BC-AE94-B2901AD7ADF6}) (Version: - ) Nero 8 Lite (HKLM\...\Nero8Lite_is1) (Version: 8.3.20.0 - UpdatePack.nl) neroxml (Version: 1.0.0 - Nero AG) Hidden NetWorx 5.1.5 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research) NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation) NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Sterownik 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA Sterownik graficzny 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden Odkurzacz (HKLM\...\Odkurzacz 13.5_is1) (Version: 13.5.0.1911 - FranmoSoftware - Maciej Opaliński) Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) Panel sterowania NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden PlayStation(R)Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.) PlayStation(R)Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.8.1.14440 - Sony Computer Entertainment Inc.) PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Q-Share Ver.1.1 (HKLM\...\{F308B531-AB20-4A79-8F5E-83071FE5BE60}) (Version: 1.1 - GIGABYTE) Real Alternative 1.49 (HKLM\...\RealAlt_is1) (Version: 1.49 - ) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5874 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.8.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden Renesas Electronics USB 3.0 Host Controller Driver (Version: 3.0.8.0 - Renesas Electronics Corporation) Hidden Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.7.201405202226 - Sony Mobile Communications AB) Sony PC Companion 2.10.211 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH) tools-freebsd (Version: 9.6.2.1895310 - VMware, Inc.) Hidden tools-linux (Version: 9.6.2.1895310 - VMware, Inc.) Hidden tools-netware (Version: 9.6.2.1895310 - VMware, Inc.) Hidden tools-solaris (Version: 9.6.2.1895310 - VMware, Inc.) Hidden tools-windows (Version: 9.6.2.1895310 - VMware, Inc.) Hidden tools-winPre2k (Version: 9.6.2.1895310 - VMware, Inc.) Hidden Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) VMware Workstation (HKLM\...\VMware_Workstation) (Version: 10.0.3 - VMware, Inc) VMware Workstation (Version: 10.0.3 - VMware, Inc.) Hidden Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation) WinRAR 5.10 beta 4 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{010833F3-751A-402F-9FCC-C365B6A12E41}\localserver32 -> C:\Users\Łukasz\Desktop\BESTplayer.exe (Karol Winnicki) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-72358669-1429459929-3882325455-1001_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) ==================== Restore Points ========================= 28-09-2014 15:38:20 Scheduled Checkpoint 29-09-2014 19:27:19 Removed Adobe Reader XI (11.0.09) - Polish. 01-10-2014 17:01:04 Zainstalowany program DirectX ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2014-08-16 12:11 - 00000895 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.google-analytics.com 127.0.0.1 google-analytics.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0355E690-1DD2-43AC-AF8D-1F5F33ED1D9C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {0D7AC3C3-9895-476B-A622-278B6D07FAC7} - System32\Tasks\{9AE375D3-794A-439F-AA89-BBDA9C4ADE7C} => D:\Program Files\Aliens vs. Predator\AvP_Launcher.exe Task: {2211AD28-33DE-4FAE-BFD7-546CF6CFAE45} - System32\Tasks\{2D758E3B-B57C-4EA0-B558-95F623E74093} => D:\Program Files\Aliens vs. Predator\AvP_Launcher.exe Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION Task: {40568230-5FE2-4DF9-AF05-C56AA2751117} - System32\Tasks\Funmoods => C:\Users\UKASZ~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {4840EB2C-EBC3-4A0D-B4E0-A6FB07543D78} - System32\Tasks\Odkurzacz => C:\Program Files\Odkurzacz\odkurzacz.exe [2014-09-07] (FranmoSoftware) Task: {4F1A0845-824B-4A45-B5C7-AF4A0C8A47B2} - System32\Tasks\{C72E291E-944D-4245-B095-5716F9B51539} => C:\Program Files\ToonCar\ToonCar.exe Task: {5E1BC12B-0404-4F2F-89FA-A793C7569BD4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-29] (Adobe Systems Incorporated) Task: {9AC7795A-92BC-4EA0-ADAC-5A3004169408} - System32\Tasks\{07400950-FB0D-4C98-A46A-45854E653EA8} => C:\Users\Łukasz\Downloads\aresregular217_installer.exe Task: {AC69DD16-EEA6-4E3A-AF5D-0FCD37AC9446} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-23] (Google Inc.) Task: {E4F8177C-0F44-443A-A95F-5BC1A81B9D19} - System32\Tasks\{D9150BAC-2F13-4840-B0C2-F2CEFFBD5249} => C:\Program Files\ToonCar\ToonCar.exe Task: {F0DB6BC8-F9F6-47FB-8632-7184B25A7CF1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd) Task: {F9026B40-1533-4B3E-AE16-7E504AD9EE53} - System32\Tasks\{134ECFDF-E5AD-4AB4-BAAB-A1DCCB6D3467} => C:\Program Files\Ares\Ares.exe [2014-03-28] (Seekar Ltd) Task: {F96A7502-D4DF-412E-9857-3F4822C85C55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-23] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-11-06 14:43 - 2014-07-02 21:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2013-02-07 19:50 - 2010-04-25 11:48 - 00459264 _____ () C:\Program Files\NetWorx\sqlite.dll 2012-01-21 23:37 - 2014-04-21 22:29 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe 2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () C:\Program Files\VMware\VMware Workstation\libxml2.dll 2014-09-25 20:44 - 2014-09-25 20:44 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2014-06-12 17:44 - 2014-06-12 17:44 - 14407384 _____ () C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe 2014-10-08 20:32 - 2014-09-26 19:18 - 01092296 _____ () E:\Program Files\MKJogo\MKLOL\Bin\axcdc.exe 2014-07-16 00:26 - 2014-07-16 00:26 - 00799232 _____ () E:\Program Files\MKJogo\MKLOL\Bin\sqlite3.dll 2014-07-16 00:26 - 2014-07-16 00:25 - 01721856 _____ () E:\Program Files\MKJogo\MKLOL\Bin\RLib.dll 2014-07-16 00:26 - 2014-07-16 00:25 - 01191936 _____ () E:\Program Files\MKJogo\MKLOL\Bin\ACE.dll 2014-07-16 00:26 - 2014-09-26 19:18 - 00797896 _____ () E:\Program Files\MKJogo\MKLOL\LOL\AddonSkin-LOL.dll 2014-04-17 13:44 - 2014-07-04 02:04 - 01294336 _____ () E:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe 2014-05-11 04:51 - 2014-05-11 04:51 - 03089488 _____ () C:\Program Files\Pando Networks\Media Booster\PMB.exe 2014-07-04 02:05 - 2014-09-25 15:12 - 02453496 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.223\deploy\LoLLauncher.exe 2014-07-16 00:26 - 2014-09-26 19:18 - 00108744 _____ () E:\Program Files\MKJogo\MKLOL\LOL\LauncherTransit.dll 2014-09-25 15:13 - 2014-09-25 15:13 - 04081656 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe 2014-09-25 15:13 - 2014-09-25 15:13 - 01636856 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\RiotLauncher.dll 2014-09-10 19:51 - 2014-09-10 19:51 - 42975744 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\libcef.dll 2014-09-10 19:51 - 2014-09-10 19:51 - 01559552 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\icui18n.dll 2014-09-10 19:51 - 2014-09-10 19:51 - 01241088 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\icuuc.dll 2014-09-10 19:51 - 2014-09-10 19:51 - 04945408 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\v8.dll 2014-09-25 15:13 - 2014-09-25 15:13 - 01712640 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\RiotRadsIO.dll 2014-07-30 14:05 - 2014-07-16 11:55 - 00074752 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\LolClient.exe 2014-07-16 00:26 - 2014-09-26 19:18 - 00461000 _____ () E:\Program Files\MKJogo\MKLOL\LOL\AirTransit.dll 2014-07-30 14:04 - 2014-07-04 02:12 - 04774248 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll 2014-09-25 15:49 - 2014-09-25 15:49 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2013-10-06 10:56 - 2013-09-30 09:16 - 00268968 _____ () C:\Windows\system32\sqlite3.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8 AlternateDataStreams: C:\Users\Public\DRM:احتضان ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update ESET's license.lnk => C:\Windows\pss\Update ESET's license.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Łukasz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk => C:\Windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: CancelAutoPlay.exe => "C:\Program Files\Cyfrowy Polsat\MF821\Bin\CancelAutoPlay.exe" MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun MSCONFIG\startupreg: FileHippo.com => "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background MSCONFIG\startupreg: GGeasy Sync => "C:\Users\Łukasz\Downloads\GGeasySync.exe" MSCONFIG\startupreg: Onet.pl AutoUpdate => "C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexetsr MSCONFIG\startupreg: snpstd3 => C:\Windows\vsnpstd3.exe MSCONFIG\startupreg: Tiny download manager => "C:\Users\Łukasz\AppData\Local\DM\TinyDM.exe" /M MSCONFIG\startupreg: vmware-tray => "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe" MSCONFIG\startupreg: zLoader.exe => "C:\Program Files\Cyfrowy Polsat\MF821\Bin\zLoader.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-72358669-1429459929-3882325455-500 - Administrator - Disabled) Guest (S-1-5-21-72358669-1429459929-3882325455-501 - Limited - Disabled) Łukasz (S-1-5-21-72358669-1429459929-3882325455-1001 - Administrator - Enabled) => C:\Users\Łukasz ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/08/2014 08:37:13 PM) (Source: vmauthd) (EventID: 1000) (User: ) Description: 2014-10-08T20:37:13.580+02:00| vthread-5| E105: Malformed perfmon object, index=5 Error: (10/08/2014 08:37:13 PM) (Source: vmauthd) (EventID: 1000) (User: ) Description: 2014-10-08T20:37:13.564+02:00| vthread-5| E105: Malformed perfmon object, index=4 Error: (10/08/2014 08:37:13 PM) (Source: vmauthd) (EventID: 1000) (User: ) Description: 2014-10-08T20:37:13.549+02:00| vthread-5| E105: Malformed perfmon object, index=3 Error: (10/08/2014 08:37:13 PM) (Source: vmauthd) (EventID: 1000) (User: ) Description: 2014-10-08T20:37:13.533+02:00| vthread-5| E105: Malformed perfmon object, index=2 Error: (10/08/2014 08:37:13 PM) (Source: vmauthd) (EventID: 1000) (User: ) Description: 2014-10-08T20:37:13.517+02:00| vthread-5| E105: Malformed perfmon object, index=1 Error: (10/08/2014 08:37:13 PM) (Source: vmauthd) (EventID: 1000) (User: ) Description: 2014-10-08T20:37:13.502+02:00| vthread-5| E105: Malformed perfmon object, index=0 Error: (10/08/2014 08:37:08 PM) (Source: vmauthd) (EventID: 1000) (User: ) Description: 2014-10-08T20:37:08.479+02:00| vthread-5| E105: Malformed perfmon object, index=5 Error: (10/08/2014 08:37:08 PM) (Source: vmauthd) (EventID: 1000) (User: ) Description: 2014-10-08T20:37:08.463+02:00| vthread-5| E105: Malformed perfmon object, index=4 Error: (10/08/2014 08:37:08 PM) (Source: vmauthd) (EventID: 1000) (User: ) Description: 2014-10-08T20:37:08.447+02:00| vthread-5| E105: Malformed perfmon object, index=3 Error: (10/08/2014 08:37:08 PM) (Source: vmauthd) (EventID: 1000) (User: ) Description: 2014-10-08T20:37:08.432+02:00| vthread-5| E105: Malformed perfmon object, index=2 System errors: ============= Error: (10/08/2014 01:23:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa SecureUpdate niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/08/2014 01:22:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: prodrv06 prohlp02 prosync1 sfhlp01 Error: (10/08/2014 01:21:48 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik prodrv06.sys został zablokowany dla ładowania. Error: (10/08/2014 01:21:44 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik prohlp02.sys został zablokowany dla ładowania. Error: (10/08/2014 01:21:44 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik prosync1.sys został zablokowany dla ładowania. Error: (10/08/2014 01:21:44 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik sfhlp01.sys został zablokowany dla ładowania. Error: (10/07/2014 00:52:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa SecureUpdate niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/07/2014 00:51:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: prodrv06 prohlp02 prosync1 sfhlp01 Error: (10/07/2014 00:51:01 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik prodrv06.sys został zablokowany dla ładowania. Error: (10/07/2014 00:50:57 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik prohlp02.sys został zablokowany dla ładowania. Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz Percentage of memory in use: 51% Total physical RAM: 3326.49 MB Available physical RAM: 1627.11 MB Total Pagefile: 6651.26 MB Available Pagefile: 4574.98 MB Total Virtual: 2047.88 MB Available Virtual: 1894.25 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:242.16 GB) (Free:45.29 GB) NTFS Drive d: (Nowy) (Fixed) (Total:112.17 GB) (Free:83.42 GB) NTFS Drive e: (Nowy) (Fixed) (Total:111.33 GB) (Free:76.9 GB) NTFS Drive h: (AUTOMAPA_6.16_14) (CDROM) (Total:0.51 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 54A6E99A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=242.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=112.2 GB) - (Type=OF Extended) ==================== End Of Log ============================