Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014 Ran by Torunscy at 2014-10-17 20:29:36 Running from C:\Users\Torunscy\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.2627 - CyberLink Corp.) CyberLink PowerDVD 12 (x32 Version: 12.0.1.2627 - CyberLink Corp.) Hidden CyberLink Webcam Sharing Manager 4 (HKLM-x32\...\InstallShield_{296F7F3B-C75A-45e9-AD22-CC19DF86E9D3}) (Version: 4.2.1.1419 - CyberLink Corp.) CyberLink Webcam Sharing Manager 4 (x32 Version: 4.2.1.1419 - CyberLink Corp.) Hidden ESET NOD32 Antivirus (HKLM\...\{C78F2980-5905-44E0-BE02-BDFC3DD6FBB9}) (Version: 7.0.302.26 - ESET, spol s r. o.) Evernote v. 5.5.2 (HKLM-x32\...\{16730E6C-1114-11E4-9120-00163E98E7D0}) (Version: 5.5.2.4187 - Evernote Corp.) Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM-x32\...\{84663FDA-1374-4048-9869-DD4A8784785A}) (Version: 6.0.16.1 - Hewlett-Packard Company) HP Connection Manager (HKLM-x32\...\{8A04375C-7BA8-4213-8703-C15ADE80F112}) (Version: 4.6.10.1 - Hewlett-Packard Company) HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden HP ESU for Microsoft Windows 7 (HKLM-x32\...\{240B2BF7-E7E6-425C-A2A4-A3149189BF7F}) (Version: 2.3.1 - Hewlett-Packard Company) HP HD Webcam Driver (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10242 - Realtek Semiconductor Corp.) HP Hotkey Support (HKLM-x32\...\{7F7E2060-7212-4A53-9875-55173E4BA3F0}) (Version: 5.0.21.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company) HP System Default Settings (HKLM-x32\...\{3A61A282-4F08-4D43-920C-DC30ECE528E8}) (Version: 2.6.1 - Hewlett-Packard Company) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation) Hidden Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.670 - Oracle) Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden LEGO® Batman™ 2: DC Super Heroes DEMO (HKLM-x32\...\{C2A58219-DA75-4A46-B3C9-B24EA13F07C5}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Lync Web App Plug-in (HKLM\...\{00D59A66-8FA2-4A17-905A-72099082741B}) (Version: 15.8.8883.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 32.0.3 (x86 pl) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 pl)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 pl)) (Version: 24.6.0 - Mozilla) MPC-HC 1.7.5 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.5 - MPC-HC Team) OpenOffice 4.1.0 (HKLM-x32\...\{7EB1185B-6319-42D7-B103-707570BFB0D8}) (Version: 4.10.9764 - Apache Software Foundation) PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 21.005.11.05.264 - Huawei Technologies Co.,Ltd) Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - ) Ralink Bluetooth Stack64 (HKLM\...\{9041BE08-21DA-4916-EC0B-9375C5B624D9}) (Version: 11.0.737.1 - Nazwa firmy) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.21.0 - Mediatek) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.68.201.2013 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.7 - Realtek Semiconductor Corp.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated) Validity Fingerprint Sensor Driver (HKLM\...\{88AF04A0-6A10-4428-A972-E010873A6CBC}) (Version: 4.5.117.0 - Validity Sensors, Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 17-10-2014 17:37:05 Scheduled Checkpoint ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-10-15 20:44 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {A77E1960-8738-45B9-9978-FFD65984E829} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {C1F6095A-D5CA-422F-968F-D4D9A3D6E6CB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {E36A585E-2841-4ADB-A863-8A2075A66ECA} - System32\Tasks\HPCeeScheduleForTorunscy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {F0D4E2A6-D967-4A22-9198-8D249AA38D24} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: C:\Windows\Tasks\HPCeeScheduleForTorunscy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2014-05-06 22:51 - 2014-05-06 22:51 - 00246112 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe 2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll 2013-01-10 13:30 - 2013-01-10 13:30 - 00022528 _____ () C:\Windows\system32\BsTrace.dll 2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-03-16 19:42 - 2014-03-16 19:42 - 02611808 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe 2014-05-06 22:51 - 2014-05-06 22:51 - 00514048 _____ () C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe 2013-02-22 15:05 - 2013-02-22 15:05 - 00387936 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll 2011-07-05 10:53 - 2011-07-05 10:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00011362 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\mingwm10.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00043008 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 02415104 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtCore4.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 01148416 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00384512 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QueryStrategy.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00398336 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtXml4.dll 2012-05-16 21:01 - 2012-05-16 21:01 - 00140800 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll 2014-03-14 12:11 - 2014-03-14 12:11 - 00250368 _____ () C:\Program Files (x86)\Rainlendar2\libical.dll 2014-03-16 19:42 - 2014-03-16 19:42 - 00060512 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll 2014-03-14 12:11 - 2014-03-14 12:11 - 00065024 _____ () C:\Program Files (x86)\Rainlendar2\libicalss.dll 2012-06-17 15:22 - 2012-06-17 15:22 - 00012800 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll 2014-07-21 14:17 - 2014-07-21 14:17 - 00436576 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll 2014-07-21 14:17 - 2014-07-21 14:17 - 00318304 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll 2013-01-31 17:04 - 2013-01-31 17:04 - 00080120 _____ () C:\Windows\system32\BsProfilefunc.dll 2013-01-10 11:25 - 2013-01-10 11:25 - 00364544 _____ () C:\Windows\system32\BsExtendFunc.dll 2014-10-16 19:25 - 2014-10-16 19:25 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll 2014-06-02 22:13 - 2012-02-02 02:25 - 00059904 ____R () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2013-06-05 11:35 - 2013-06-05 11:35 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll 2014-06-02 22:12 - 2012-10-22 10:22 - 01199648 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00428032 _____ () C:\Program Files (x86)\PLAY ONLINE\core.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00261632 _____ () C:\Program Files (x86)\PLAY ONLINE\sdk.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00011362 _____ () C:\Program Files (x86)\PLAY ONLINE\mingwm10.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00043008 _____ () C:\Program Files (x86)\PLAY ONLINE\libgcc_s_dw2-1.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 02415104 _____ () C:\Program Files (x86)\PLAY ONLINE\QtCore4.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 09515520 _____ () C:\Program Files (x86)\PLAY ONLINE\QtGui4.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00381952 _____ () C:\Program Files (x86)\PLAY ONLINE\Proxy.DLL 2014-05-06 22:51 - 2014-05-06 22:51 - 00218112 _____ () C:\Program Files (x86)\PLAY ONLINE\Common.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00135168 _____ () C:\Program Files (x86)\PLAY ONLINE\Trace.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00545280 _____ () C:\Program Files (x86)\PLAY ONLINE\PluginContainer.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00238080 _____ () C:\Program Files (x86)\PLAY ONLINE\AtCodec.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00301056 _____ () C:\Program Files (x86)\PLAY ONLINE\DeviceSrvPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00235008 _____ () C:\Program Files (x86)\PLAY ONLINE\NetSrvPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00133120 _____ () C:\Program Files (x86)\PLAY ONLINE\OSDialup.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00159232 _____ () C:\Program Files (x86)\PLAY ONLINE\XCodec.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00157184 _____ () C:\Program Files (x86)\PLAY ONLINE\DataServicePlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00176128 _____ () C:\Program Files (x86)\PLAY ONLINE\CallSrvPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00264704 _____ () C:\Program Files (x86)\PLAY ONLINE\AddrBookSrvPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00217600 _____ () C:\Program Files (x86)\PLAY ONLINE\SmsSrvPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00142336 _____ () C:\Program Files (x86)\PLAY ONLINE\USSDSrvPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00156672 _____ () C:\Program Files (x86)\PLAY ONLINE\STKSrvPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00338432 _____ () C:\Program Files (x86)\PLAY ONLINE\DeviceAppPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00065536 _____ () C:\Program Files (x86)\PLAY ONLINE\OSPowerMgr.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00106496 _____ () C:\Program Files (x86)\PLAY ONLINE\Win7Support.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 01077248 _____ () C:\Program Files (x86)\PLAY ONLINE\AddrBookPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00670720 _____ () C:\Program Files (x86)\PLAY ONLINE\SmsAppPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00550400 _____ () C:\Program Files (x86)\PLAY ONLINE\CallAppPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00547840 _____ () C:\Program Files (x86)\PLAY ONLINE\CallLogSrvPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00158720 _____ () C:\Program Files (x86)\PLAY ONLINE\NetConnectSrvPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00211968 _____ () C:\Program Files (x86)\PLAY ONLINE\DialUpPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00101376 _____ () C:\Program Files (x86)\PLAY ONLINE\OSAdapt.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00180224 _____ () C:\Program Files (x86)\PLAY ONLINE\NDISPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00131072 _____ () C:\Program Files (x86)\PLAY ONLINE\OSNDIS.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 01101824 _____ () C:\Program Files (x86)\PLAY ONLINE\NDISAPI.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00278528 _____ () C:\Program Files (x86)\PLAY ONLINE\NetInfoSrvPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00062976 _____ () C:\Program Files (x86)\PLAY ONLINE\OSCall.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00495104 _____ () C:\Program Files (x86)\PLAY ONLINE\DeviceMgrUIPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00190464 _____ () C:\Program Files (x86)\PLAY ONLINE\XFramePlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00123392 _____ () C:\Program Files (x86)\PLAY ONLINE\ATR2SMgr.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00308224 _____ () C:\Program Files (x86)\PLAY ONLINE\StatusBarMgrPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00118272 _____ () C:\Program Files (x86)\PLAY ONLINE\LayoutPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00427008 _____ () C:\Program Files (x86)\PLAY ONLINE\DialupUIPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00334848 _____ () C:\Program Files (x86)\PLAY ONLINE\MainpagePlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 01148416 _____ () C:\Program Files (x86)\PLAY ONLINE\QtNetwork4.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00093184 _____ () C:\Program Files (x86)\PLAY ONLINE\NotifyServicePlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00333312 _____ () C:\Program Files (x86)\PLAY ONLINE\NetConnectPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00249344 _____ () C:\Program Files (x86)\PLAY ONLINE\MenuMgrPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00384512 _____ () C:\Program Files (x86)\PLAY ONLINE\USSDUIPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00483328 _____ () C:\Program Files (x86)\PLAY ONLINE\NetInfoUIExPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00808960 _____ () C:\Program Files (x86)\PLAY ONLINE\SMSUIPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00739328 _____ () C:\Program Files (x86)\PLAY ONLINE\AddrBookUIPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00269824 _____ () C:\Program Files (x86)\PLAY ONLINE\LiveUpdateInterface.DLL 2014-05-06 22:51 - 2014-05-06 22:51 - 00240128 _____ () C:\Program Files (x86)\PLAY ONLINE\ToolBarMgrPlugin.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00082944 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qgif4.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00081920 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qico4.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00192000 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qjpeg4.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00350720 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qmng4.dll 2014-05-06 22:51 - 2014-05-06 22:51 - 00370176 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qtiff4.dll 2014-09-25 19:47 - 2014-09-25 19:47 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-07-30 19:40 - 2014-07-30 19:40 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-3897440679-2220513392-781578114-500 - Administrator - Disabled) Dzieci (S-1-5-21-3897440679-2220513392-781578114-1001 - Limited - Enabled) => C:\Users\Dzieci Guest (S-1-5-21-3897440679-2220513392-781578114-501 - Limited - Disabled) Torunscy (S-1-5-21-3897440679-2220513392-781578114-1000 - Administrator - Enabled) => C:\Users\Torunscy ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/17/2014 07:30:21 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (10/17/2014 07:30:12 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (10/17/2014 05:35:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/16/2014 10:04:17 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/16/2014 09:09:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/16/2014 09:02:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/16/2014 06:32:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/16/2014 08:47:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/16/2014 08:30:33 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/15/2014 09:06:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (10/17/2014 07:32:12 PM) (Source: volsnap) (EventID: 36) (User: ) Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (10/17/2014 05:35:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The PLAY ONLINE. OUC service failed to start due to the following error: %%1053 Error: (10/17/2014 05:35:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the PLAY ONLINE. OUC service to connect. Error: (10/16/2014 10:04:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The PLAY ONLINE. OUC service failed to start due to the following error: %%1053 Error: (10/16/2014 10:04:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the PLAY ONLINE. OUC service to connect. Error: (10/16/2014 09:09:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The PLAY ONLINE. OUC service failed to start due to the following error: %%1053 Error: (10/16/2014 09:09:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the PLAY ONLINE. OUC service to connect. Error: (10/16/2014 09:09:00 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (10/16/2014 09:02:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The PLAY ONLINE. OUC service failed to start due to the following error: %%1053 Error: (10/16/2014 09:02:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the PLAY ONLINE. OUC service to connect. Microsoft Office Sessions: ========================= Error: (10/17/2014 07:30:21 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe Error: (10/17/2014 07:30:12 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsSMSEditor.exe Error: (10/17/2014 05:35:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/16/2014 10:04:17 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/16/2014 09:09:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/16/2014 09:02:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/16/2014 06:32:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/16/2014 08:47:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/16/2014 08:30:33 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/15/2014 09:06:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2014-10-15 20:38:39.929 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-10-15 20:38:39.882 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Percentage of memory in use: 29% Total physical RAM: 8040.56 MB Available physical RAM: 5694.33 MB Total Pagefile: 16079.3 MB Available Pagefile: 13620.07 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:85.37 GB) (Free:7.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (DANE) (Fixed) (Total:24.02 GB) (Free:3.9 GB) NTFS Drive e: (201) (CDROM) (Total:2.63 GB) (Free:0 GB) UDF Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.97 GB) FAT32 Drive g: (PLAY ONLINE) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 6EE3981B) Partition 1: (Active) - (Size=85.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=2 GB) - (Type=0C) Partition 3: (Not Active) - (Size=24 GB) - (Type=07 NTFS) ==================== End Of Log ============================