Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-10-2014 Ran by XxX at 2014-10-18 11:52:59 Running from C:\Users\XxX\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.) 7 Days To Die version 9.1 (HKLM\...\7 Days To Die_is1) (Version: 9.1 - GMT-MAX.ORG) Adobe AIR (Version: 15.0.0.249 - Adobe Systems Incorporated) Hidden Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{E43B4909-141E-DFF3-8C58-62B5E4D66BBA}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.) ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Cities in Motion (HKLM\...\{0E8DFAD9-DABF-4D4C-977E-D22DB9B09901}) (Version: 1.00.0000 - Paradox Interactive) Civilization III v1.29f (HKLM\...\{31E2413D-8AA1-43EC-8B8D-77B65ADA4611}) (Version: - ) COMODO Antivirus (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.) Craften Terminal 3.5.5 (HKLM\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.5.5 - Craften.de) Crysis® 2 (HKLM\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dawn of War - Dark Crusade (HKLM\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ) Deckadance 2 (HKLM\...\Deckadance 2) (Version: 2.0 - Image-Line) Dev-C++ (HKLM\...\Dev-C++) (Version: 5.6.2 - Bloodshed Software) DLL Suite 2013 (HKLM\...\{885843E7-6CAC-4791-B7BF-1CD516017954}_is1) (Version: - ) Dual-Core Optimizer (HKLM\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) Elevated Installer (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden Emergency 2013 (HKLM\...\Emergency 2013) (Version: - Quadriga Games) Emergency 4 (HKLM\...\{FDB2EB0C-1803-4367-B2F1-9B76C0CD4486}) (Version: 1.00.0000 - sixteen tons entertainment) Enemy Front (HKLM\...\RW5lbXlGcm9udA==_is1) (Version: 1 - ) FIFA 11 (HKLM\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts) FL Studio 10 (HKLM\...\FL Studio 10) (Version: - Image-Line) Galeria fotografii (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Gameforge Live 1.10.1 "Legend" (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.10.1 - Gameforge) GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version: - ) Garmin Express (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden GG (HKCU\...\GG) (Version: 12 - GG Network S.A.) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Heroes of Might and Magic III - Złota Edycja (HKLM\...\Heroes of Might and Magic III - Złota Edycja_is1) (Version: - ) HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Photosmart 5510 series — badanie mające na celu poprawę produktów (HKLM\...\{505A2065-5162-4F31-A8B9-6723EFD16317}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart 5510 series — podstawowe oprogramowanie urządzenia (HKLM\...\{8DFF1FF5-0C33-4EC9-8DE4-AF89DCE98CDA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart 5510 series Pomoc (HKLM\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard) HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) HydraVision (Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden IL Download Manager (HKLM\...\IL Download Manager) (Version: - Image-Line) IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version: - Image-Line) Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - ) Little Fighter 2.5 - v2.0 (HKLM\...\Little Fighter 2.5 - v2.0) (Version: - ) Lock On: Modern Air Combat (HKLM\...\{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}) (Version: 1.00.000 - ) LogMeIn Hamachi (Version: 2.2.0.236 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware wersja 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Metin2 (HKLM\...\Metin2_is1) (Version: - Gameforge 4D GmbH) Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE (HKLM\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation) Microsoft Halo (HKLM\...\Halo) (Version: - Microsoft) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Minecraft Cracked (HKLM\...\Minecraft Cracked) (Version: - ) Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 32.0.3 (x86 pl) (HKLM\...\Mozilla Firefox 32.0.3 (x86 pl)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Nero 8 (HKLM\...\{1CA7ACD6-B21B-4240-AA05-4FC55F6E1045}) (Version: 8.3.465 - Nero AG) neroxml (Version: 1.0.0 - Nero AG) Hidden Notepad++ (HKLM\...\Notepad++) (Version: 6.5.5 - Notepad++ Team) NVIDIA PhysX (HKLM\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) OFICJALNE TESTY EGZAMINACYJNE PWPW (HKLM\...\OFICJALNE TESTY EGZAMINACYJNE PWPW) (Version: - ) OpenGL Extensions Viewer 3.0 (HKLM\...\GLVIEW3) (Version: 311 - ) Oprogramowanie drukarki EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - ) Photo Gallery (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) Podstawowe programy Windows Live (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Praetorians (HKLM\...\{AAC8AF92-DAEC-45D2-B77D-36699E3751A9}) (Version: - Pyro Studios) Predator (HKLM\...\{6BD1CEF5-9479-4540-804E-BD101756794D}) (Version: 2 - Predator-Usb) PrivDog (HKLM\...\PrivDog) (Version: 2.1.0.23 - privdog.com) Razer Game Booster (HKLM\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.) reFX Nexus VSTi RTAS v2.2.0 (HKLM\...\reFX Nexus_is1) (Version: - ) Roboball (HKLM\...\Roboball) (Version: 1.0.0.0 - Alawar Entertainment Inc.) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) SPORE™ (HKLM\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts) The Walking Dead Survival Instinct (c) Activision version 1 (HKLM\...\VGhlIFdhbGtpbmcgRGVhZCBTdXJ2aXZhbCBJbnN0aW5jdCAo~1255DFC2_is1) (Version: 1 - ) Transport Giant Gold (HKLM\...\{59405D76-294A-4E73-9E8B-B6EEE9A9BB11}_is1) (Version: - UIG GmbH) Urban Terror 4.1 (HKLM\...\Urban Terror_is1) (Version: - Frozen Sand LLC) USB Vibration Joystick (HKLM\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - ) VirtualDJ Home FREE (HKLM\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions) VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN) Warspear Online (HKCU\...\Warspear Online) (Version: 4.2.2 - AIGRIND LLC) Windows Live Communications Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Photo Common (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live PIMT Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 5.01 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) World in Conflict (HKLM\...\World in Conflict) (Version: 1.011 - Ubisoft) Worms World Party (HKLM\...\{9A200E68-D5F4-4E70-910F-2871753A0E2B}) (Version: - ) YTD Video Downloader 4.8.5 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.5 - GreenTree Applications SRL) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{0713E8A8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{0713E8D8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{373FF7F4-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{58DA8D93-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{58DA8D96-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{5ACBB955-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{5ACBB956-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{5ACBB957-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{5ACBB958-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{6027C2D4-FB28-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{612A8628-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{62823C20-41A3-11CE-9E8B-0020AF039CA3}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{648A5600-2C6E-101B-82B6-000000000014}\InprocServer32 -> C:\Windows\system32\mscomm32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{648A5604-2C6E-101B-82B6-000000000014}\InprocServer32 -> C:\Windows\system32\mscomm32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{6B7E6393-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{6B7E63A3-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{7EBDAAE0-8120-11CF-899F-00AA00688B10}\InprocServer32 -> C:\Windows\system32\msstkprp.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{7EBDAAE1-8120-11CF-899F-00AA00688B10}\InprocServer32 -> C:\Windows\system32\msstkprp.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{7EBDAAE2-8120-11CF-899F-00AA00688B10}\InprocServer32 -> C:\Windows\system32\msstkprp.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{9ED94444-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{B66834C6-2E60-11CE-8748-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{D0FC8A81-2CB2-101B-82B6-000000000014}\InprocServer32 -> C:\Windows\system32\mscomm32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{E0DC8C80-3486-101B-82B6-000000000014}\InprocServer32 -> C:\Windows\system32\mscomm32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\XxX\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-1298052079-2888746343-427970535-1001_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> D:\Program Files\Ubisoft\Eagle Dynamics\Lock On\Register\comdlg32.ocx (Microsoft Corporation) ==================== Restore Points ========================= 08-10-2014 16:38:45 Zaplanowany punkt kontrolny 15-10-2014 19:55:53 Zaplanowany punkt kontrolny 18-10-2014 09:16:53 ComboFix created restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2014-10-18 11:35 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0D2460CE-9C03-48FE-AA7F-541AE7703A0E} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO) Task: {11E53D68-449C-48C7-9BE0-93192C709E8F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO) Task: {346507AC-FFB1-469E-9738-E19D28A8039F} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO) Task: {355CBCDD-415D-4959-80A1-B18C5F5E6451} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-29] (Adobe Systems Incorporated) Task: {89340996-3480-4AA6-9324-4F2B8A39F36A} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] () Task: {8DAC964E-D83B-49FA-B315-1085F01047BB} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {991A76A7-20A4-491B-B902-AAA6839A4CBB} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1298052079-2888746343-427970535-1001 Task: {9A8413E7-D49C-4292-98B8-316C0B97A726} - System32\Tasks\{B52FF3BB-CA54-415A-8025-8A670338FE49} => D:\Program Files\Heroes of Might and Magic III - Zlota Edycja\Heroes3.exe [2007-05-06] (The 3DO Company) Task: {A54FA249-EE5B-47E0-9849-8398096136C6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-09-25 15:53 - 2014-09-25 15:53 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: CmdAgent => 2 MSCONFIG\Services: cmdvirth => 3 MSCONFIG\Services: Hamachi2Svc => 2 MSCONFIG\Services: LMIGuardianSvc => 2 MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2 MSCONFIG\startupreg: COMODO Internet Security => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" MSCONFIG\startupreg: GG => "C:\Users\XxX\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: NBKeyScan => "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" MSCONFIG\startupreg: PrivDogService => "C:\Program Files\AdTrustMedia\PrivDog\2.1.0.23\trustedadssvc.exe" MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: uTorrent => "C:\Users\XxX\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ========================= Accounts: ========================== Administrator (S-1-5-21-1298052079-2888746343-427970535-500 - Administrator - Disabled) Gość (S-1-5-21-1298052079-2888746343-427970535-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1298052079-2888746343-427970535-1002 - Limited - Enabled) XxX (S-1-5-21-1298052079-2888746343-427970535-1001 - Administrator - Enabled) => C:\Users\XxX ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/18/2014 11:46:12 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (10/18/2014 11:19:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Au_.exe, wersja: 1.0.1.1, sygnatura czasowa: 0x52ba66b2 Nazwa modułu powodującego błąd: LinkuryInstallerUtils.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x53c52e4a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000043ae Identyfikator procesu powodującego błąd: 0xedc Godzina uruchomienia aplikacji powodującej błąd: 0xAu_.exe0 Ścieżka aplikacji powodującej błąd: Au_.exe1 Ścieżka modułu powodującego błąd: Au_.exe2 Identyfikator raportu: Au_.exe3 Error: (10/18/2014 11:11:55 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (10/18/2014 00:55:59 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (10/17/2014 10:42:41 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (10/17/2014 01:35:17 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (10/16/2014 08:31:02 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (10/16/2014 03:29:27 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (10/15/2014 09:49:16 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (10/15/2014 00:12:03 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. System errors: ============= Error: (10/18/2014 11:50:08 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {000C101C-0000-0000-C000-000000000046} Error: (10/18/2014 11:48:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Windows Update zakończyła działanie; wystąpił następujący błąd: %%-2147024891 Error: (10/18/2014 11:46:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Garmin Core Update Service z powodu następującego błędu: %%1053 Error: (10/18/2014 11:46:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Garmin Core Update Service. Error: (10/18/2014 11:46:06 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Pliki trybu offline zakończyła działanie; wystąpił następujący błąd: %%5 Error: (10/18/2014 11:46:03 AM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (10/18/2014 11:46:03 AM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (10/18/2014 11:44:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Garmin Core Update Service z powodu następującego błędu: %%1053 Error: (10/18/2014 11:44:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Garmin Core Update Service. Error: (10/18/2014 11:43:34 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Microsoft Office Sessions: ========================= Error: (10/18/2014 11:46:12 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (10/18/2014 11:19:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Au_.exe1.0.1.152ba66b2LinkuryInstallerUtils.dll0.0.0.053c52e4ac0000005000043aeedc01cfeab48d90aee0C:\Users\XxX\AppData\Local\Temp\~nsu.tmp\Au_.exeC:\Users\XxX\AppData\Local\Temp\nsdA131.tmp\LinkuryInstallerUtils.dllcd60b600-56a7-11e4-a0cf-001fd034cc74 Error: (10/18/2014 11:11:55 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (10/18/2014 00:55:59 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Photosmart 5510 series\DriverStore\Pipeline\amd64\hpinkinsa111.exe Error: (10/17/2014 10:42:41 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (10/17/2014 01:35:17 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (10/16/2014 08:31:02 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (10/16/2014 03:29:27 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (10/15/2014 09:49:16 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Photosmart 5510 series\DriverStore\Pipeline\amd64\hpinkinsa111.exe Error: (10/15/2014 00:12:03 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 ==================== Memory info =========================== Processor: AMD Phenom(tm) 8650 Triple-Core Processor Percentage of memory in use: 45% Total physical RAM: 2047.55 MB Available physical RAM: 1106.35 MB Total Pagefile: 2063.55 MB Available Pagefile: 1040.26 MB Total Virtual: 3071.88 MB Available Virtual: 2943.66 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:48.73 GB) (Free:8.96 GB) NTFS Drive d: () (Fixed) (Total:416.93 GB) (Free:231.56 GB) NTFS Drive j: (Enemy Front) (CDROM) (Total:7.97 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00056310) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=48.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=416.9 GB) - (Type=07 NTFS) ==================== End Of Log ============================