Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by PireLLi at 2015-04-10 10:42:52
Running from C:\Users\PireLLi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-245168551-1320362384-138990718-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.24.2 - Mirillis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.149 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASRock eXtreme Tuner v0.1.248 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
Autodesk 3ds Max 2013 32-bit (HKLM-x32\...\Autodesk 3ds Max 2013 32-bit) (Version: 15.0.0.347 - Autodesk)
Autodesk 3ds Max 2013 32-bit (x32 Version: 15.0.0.347 - Autodesk) Hidden
Autodesk Backburner 2013.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2013.0.0 - Autodesk, Inc.)
Autodesk Essential Skills Movies for 3ds Max 2013 32-bit (HKLM-x32\...\{5061ACBA-7A0A-42FE-93FF-403B2099D200}) (Version: 1.0.0.1 - Autodesk)
Autodesk FBX Plug-in 2013.1 - 3ds Max 2013 (HKLM-x32\...\Autodesk FBX Plug-in 2013.1 - 3ds Max 2013) (Version:  - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2013 32-bit (HKLM-x32\...\{696BB53C-28E6-1632-974E-D42FFF5B8E04}) (Version: 15.0 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2013 (HKLM-x32\...\{58760EEC-8B6A-43F4-81AA-696E381DFADD}) (Version: 3.0.13 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 2: Deluxe Edition (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Battlelog.co Launcher version 1.5 (HKLM-x32\...\{995DB38C-4E46-4407-B636-2986F2DE9A36}_is1) (Version: 1.5 - Blue Entertainment)
BF2Hub Client (HKLM-x32\...\bf2hub) (Version:  - BF2Hub Systems)
Brother MFL-Pro Suite DCP-J125 (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
BurnAware Free 7.6 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
CCleaner wersja 4.17.4808 (HKLM\...\CCleaner_is1) (Version: 4.17.4808 - )
Composite 2013 (HKLM-x32\...\{92203FA0-7C43-429F-857C-0AE197D8199C}) (Version: 8.0.0 - Autodesk)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
DRAGON BALL XENOVERSE (HKLM-x32\...\Steam App 323470) (Version:  - DIMPS)
ESET Smart Security (HKLM\...\{A9550052-52AD-414B-AB58-74F0D7DC8188}) (Version: 8.0.304.2 - ESET, spol s r. o.)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.4 R3 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.4 R3 Alpha - ETS2MP Team)
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015PL_is1) (Version: 1.2.0.0 - GIANTS Software)
foobar2000 v1.3.5 (HKLM-x32\...\foobar2000) (Version: 1.3.5 - Peter Pawlowski)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Sony Online Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2857 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{12ABC13D-6540-483D-92B9-30CE1667B002}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mumble 1.2.8 (HKLM-x32\...\{71EE2EC3-AF95-4907-BBC4-7A9A867765DD}) (Version: 1.2.8 - Thorvald Natvig)
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
Opera Stable 28.0.1750.51 (HKLM-x32\...\Opera 28.0.1750.51) (Version: 28.0.1750.51 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
Panel sterowania NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)
Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.2 - Project Reality)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Vegas Pro 11.0 (64-bit) (HKLM\...\{43EBA222-8DF7-11E1-862B-F04DA23A5C58}) (Version: 11.0.683 - Sony)
VirtualDJ PRO Full (HKLM-x32\...\{C515E2A3-4878-4C85-A519-52630C7AB08B}) (Version: 7.3 - Atomix Productions)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

04-04-2015 18:20:40 Windows Update
09-04-2015 20:45:01 ComboFix created restore point
10-04-2015 10:26:32 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-09 20:54 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0DEDB6E9-8FA3-4D5A-AE58-20E4421E99FE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2015-02-02] ()
Task: {280A4E0F-30F3-4EB3-8EAF-2D70E53A60F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-10] (Google Inc.)
Task: {2E317E3C-0D99-4147-95D3-A45B7D0FAA9E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {31645C51-3ED3-4965-B1EB-A3D322F4501B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {4294193B-A123-4B24-BDB4-5F0A8E0060EE} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-14] (globalUpdate) <==== ATTENTION
Task: {87124F24-5A6B-4301-A19D-0426AFEFE008} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {9297B060-BA49-4D75-BD1D-BE847C94A733} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {9D21C84E-095B-4DA8-8BB1-43B49A613B25} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [2015-02-02] ()
Task: {A6994F13-9593-4FD0-8352-E6C23AAD49E9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {A8801B9A-3397-457C-9B1B-A2C3534CF00F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {AF7EFEE9-E673-4228-9E61-54CF8FCF2B34} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D9AD6ECB-0DF4-40C9-BF55-BCB07A0ED273} - System32\Tasks\M1NtYjHqAxzoX5E => C:\Program Files (x86)\globalUpdate\Update\Install\{71C8E3EF-70C6-4945-9664-ECB359B73A37}\setup.exe
Task: {DAC7B8E5-3A70-45CB-BF5B-4506674F039C} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-14] (globalUpdate) <==== ATTENTION
Task: {DD0853FA-A565-48D4-A2D9-2469C166FC31} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-25] (Adobe Systems Incorporated)
Task: {EA4124B4-9BA9-4D16-971D-C1263B8C5233} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-12-04] (@ByELDI)
Task: {EC6A1957-55B0-4675-96C1-2902B1FA0F9D} - System32\Tasks\Opera scheduled Autoupdate 1417359443 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-07] (Opera Software)
Task: {EE3C0DBB-51AD-48B6-AA10-0422DA6F593D} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {FF22B103-B02D-4519-84CC-3763CF13FFA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-10] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-10 12:55 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-02-09 17:26 - 2012-02-09 17:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 17:26 - 2012-02-09 17:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2011-09-15 02:19 - 2011-09-15 02:19 - 00086016 _____ () C:\Program Files (x86)\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe
2014-11-14 18:48 - 2015-03-30 20:54 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-11-10 12:06 - 2012-09-17 10:23 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-31 22:25 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-11-10 13:01 - 2012-10-23 21:26 - 00002560 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2014-12-13 23:36 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-05-04 13:57 - 2013-05-04 13:57 - 00095712 _____ () C:\Program Files (x86)\foobar2000\zlib1.dll
2014-10-29 15:50 - 2014-10-29 15:50 - 00159184 _____ () C:\Program Files (x86)\foobar2000\shared.dll
2014-10-29 00:48 - 2014-10-29 00:48 - 00199680 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
2014-10-29 15:50 - 2014-10-29 15:50 - 01391080 _____ () C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
2014-10-29 00:47 - 2014-10-29 00:47 - 00289280 _____ () C:\Program Files (x86)\foobar2000\components\foo_fileops.dll
2014-10-29 00:48 - 2014-10-29 00:48 - 00351232 _____ () C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
2014-10-29 00:47 - 2014-10-29 00:47 - 00301568 _____ () C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
2014-10-29 00:48 - 2014-10-29 00:48 - 00198656 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_eq.dll
2014-10-29 00:48 - 2014-10-29 00:48 - 00306176 _____ () C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
2014-10-29 00:47 - 2014-10-29 00:47 - 00530944 _____ () C:\Program Files (x86)\foobar2000\components\foo_converter.dll
2014-10-29 15:50 - 2014-10-29 15:50 - 01083368 _____ () C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
2014-10-29 00:47 - 2014-10-29 00:47 - 00257024 _____ () C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
2014-10-29 10:42 - 2014-10-29 10:42 - 00356864 _____ () C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
2015-04-04 17:28 - 2015-03-30 23:07 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-04 17:28 - 2015-03-30 23:07 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
2014-11-10 12:13 - 2012-07-18 07:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-04-04 17:29 - 2015-03-30 23:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-245168551-1320362384-138990718-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PireLLi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: BF2Hub Client => C:\Program Files (x86)\BF2Hub Client\bf2hub.exe
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: XFastUSB => "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-245168551-1320362384-138990718-500 - Administrator - Disabled)
Gość (S-1-5-21-245168551-1320362384-138990718-501 - Limited - Disabled)
PireLLi (S-1-5-21-245168551-1320362384-138990718-1000 - Administrator - Enabled) => C:\Users\PireLLi

==================== Faulty Device Manager Devices =============

Name: TAP-Win32 Adapter V9 (Tunngle)
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/10/2015 10:33:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: hjjo8e7c.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83
Nazwa modułu powodującego błąd: hjjo8e7c.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0008d900
Identyfikator procesu powodującego błąd: 0x1438
Godzina uruchomienia aplikacji powodującej błąd: 0xhjjo8e7c.exe0
Ścieżka aplikacji powodującej błąd: hjjo8e7c.exe1
Ścieżka modułu powodującego błąd: hjjo8e7c.exe2
Identyfikator raportu: hjjo8e7c.exe3

Error: (04/10/2015 10:22:31 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (04/09/2015 09:46:24 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (04/09/2015 09:46:24 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (04/09/2015 09:46:23 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (04/09/2015 09:46:15 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (04/09/2015 08:52:58 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (04/09/2015 08:49:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: GoogleUpdate.exe, wersja: 1.3.25.0, sygnatura czasowa: 0x53592941
Nazwa modułu powodującego błąd: urlmon.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x54e68687
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x7592e160
Identyfikator procesu powodującego błąd: 0x1050
Godzina uruchomienia aplikacji powodującej błąd: 0xGoogleUpdate.exe0
Ścieżka aplikacji powodującej błąd: GoogleUpdate.exe1
Ścieżka modułu powodującego błąd: GoogleUpdate.exe2
Identyfikator raportu: GoogleUpdate.exe3

Error: (04/09/2015 08:31:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be
Nazwa modułu powodującego błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000004e920f
Identyfikator procesu powodującego błąd: 0xba4
Godzina uruchomienia aplikacji powodującej błąd: 0xNvStreamNetworkService.exe0
Ścieżka aplikacji powodującej błąd: NvStreamNetworkService.exe1
Ścieżka modułu powodującego błąd: NvStreamNetworkService.exe2
Identyfikator raportu: NvStreamNetworkService.exe3

Error: (04/09/2015 08:31:08 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


System errors:
=============
Error: (04/09/2015 08:52:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie.

Error: (04/09/2015 08:52:06 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie.

Error: (04/09/2015 08:51:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika.

Error: (04/09/2015 08:49:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie.

Error: (04/09/2015 08:46:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa mental ray 3.10 Satellite for Autodesk 3ds Max 2013 32-bit niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (04/09/2015 07:55:34 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Usługa Asystent zgodności programów, ale ta akcja nie powiodła się przy następującym błędzie: 
%%1056.

Error: (04/09/2015 07:54:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Autokonfiguracja sieci WLAN niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/09/2015 07:54:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Host systemu diagnostyki niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (04/09/2015 07:54:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Menedżer sesji Menedżera okien pulpitu niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/09/2015 07:54:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Klient śledzenia łączy rozproszonych niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.


Microsoft Office Sessions:
=========================
Error: (04/10/2015 10:33:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: hjjo8e7c.exe2.1.19357.052e7ea83hjjo8e7c.exe2.1.19357.052e7ea83c00000050008d900143801d07368ac5fd226C:\Users\PireLLi\Desktop\hjjo8e7c.exeC:\Users\PireLLi\Desktop\hjjo8e7c.exe32eae386-df5c-11e4-9d19-bc5ff47ecc70

Error: (04/10/2015 10:22:31 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (04/09/2015 09:46:24 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (04/09/2015 09:46:24 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (04/09/2015 09:46:23 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (04/09/2015 09:46:15 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (04/09/2015 08:52:58 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (04/09/2015 08:49:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.25.053592941urlmon.dll_unloaded0.0.0.054e68687c00000057592e160105001d072f5d778fdaeC:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exeurlmon.dll1f081d96-dee9-11e4-a122-bc5ff47ecc70

Error: (04/09/2015 08:31:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920fba401d072f35c8b1c6dC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exea5118d2d-dee6-11e4-a122-bc5ff47ecc70

Error: (04/09/2015 08:31:08 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


CodeIntegrity Errors:
===================================
  Date: 2015-04-09 20:51:42.233
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-09 20:51:42.203
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-14 21:29:03.142
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-14 21:29:03.142
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 28%
Total physical RAM: 8076.86 MB
Available physical RAM: 5753.82 MB
Total Pagefile: 16151.9 MB
Available Pagefile: 13863.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:615.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 86E06D93)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================