Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2015 Ran by PiotrC at 2015-04-25 20:18:24 Running from C:\Users\PiotrC\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2562658416-2256838758-2862498726-500 - Administrator - Disabled) Guest (S-1-5-21-2562658416-2256838758-2862498726-501 - Limited - Disabled) PiotrC (S-1-5-21-2562658416-2256838758-2862498726-1000 - Administrator - Enabled) => C:\Users\PiotrC ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 4.0 (Enabled - Up to date) {CB0F8167-5331-BA19-698E-64816B6801A5} AS: ESET NOD32 Antivirus 4.0 (Enabled - Up to date) {706E6083-750B-B597-533E-5FF310EF4B18} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2562658416-2256838758-2862498726-1000\...\uTorrent) (Version: 3.4.2.39710 - BitTorrent Inc.) Action! (HKLM-x32\...\{7A9DEE45-1F8D-4D1A-A9EA-F0108DAE6FEC}) (Version: 1.9.0 - Mirillis) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1479, 06.02.2015 - AIMP DevTeam) ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo) Counter-Strike Global Offensive No-Steam (HKLM-x32\...\Counter-Strike Global Offensive_is1) (Version: 1.34.7.1 - Valve Software) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) DreamScene Seven version 1.8 (HKLM-x32\...\{2367FAB6-057A-4973-875F-F57F7BBBA363}_is1) (Version: 1.8 - DREAMSCENESEVEN.COM) Dropbox (HKU\S-1-5-21-2562658416-2256838758-2862498726-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.) EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts) ESET NOD32 Antivirus (HKLM\...\{4183655A-5FC6-4A23-A804-7764145EC57C}) (Version: 4.0.468.0 - ESET, spol s r. o.) Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software) FIFA 15 Ultimate Team Edition version 1.0 (HKLM-x32\...\{32C4CF13-4052-488F-90B0-C5A15C5E2E0E}_is1) (Version: 1.0 - ) Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Microsoft .NET Framework 4.5.3 (HKLM\...\{9F6EA3D4-B2FA-3120-8DF8-07396231AFB4}) (Version: 4.5.53315 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team) Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2.1 r2386 - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.90.826.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7399 - Realtek Semiconductor Corp.) Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes) Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games) Stardock WindowBlinds (HKLM-x32\...\Stardock WindowBlinds) (Version: 8.1 - Stardock Software, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2562658416-2256838758-2862498726-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\PiotrC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2562658416-2256838758-2862498726-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2562658416-2256838758-2862498726-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2562658416-2256838758-2862498726-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2562658416-2256838758-2862498726-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2562658416-2256838758-2862498726-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2562658416-2256838758-2862498726-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2562658416-2256838758-2862498726-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2562658416-2256838758-2862498726-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2562658416-2256838758-2862498726-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 21-04-2015 17:42:06 Installed DirectX 25-04-2015 13:34:03 Installed ESET NOD32 Antivirus ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-04-25 17:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05979A34-8B23-46EA-8A49-F0B0C311D107} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd) Task: {9DE34A05-15FA-4990-8634-5707ED37A2A7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc ==================== Loaded Modules (whitelisted) ============== 2010-01-09 21:17 - 2010-01-09 21:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-01-21 02:40 - 2010-01-21 02:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2015-02-17 12:46 - 2015-03-10 08:37 - 00775680 _____ () D:\Gry\Steam\SDL2.dll 2015-02-17 12:46 - 2014-12-02 02:29 - 05002752 _____ () D:\Gry\Steam\v8.dll 2015-02-17 12:46 - 2014-12-02 02:29 - 01612800 _____ () D:\Gry\Steam\icui18n.dll 2015-02-17 12:46 - 2014-12-02 02:29 - 01210368 _____ () D:\Gry\Steam\icuuc.dll 2015-02-17 12:46 - 2015-04-14 01:44 - 02371776 _____ () D:\Gry\Steam\video.dll 2015-02-17 12:46 - 2014-12-01 23:31 - 02396672 _____ () D:\Gry\Steam\libavcodec-56.dll 2015-02-17 12:46 - 2014-12-01 23:31 - 00442880 _____ () D:\Gry\Steam\libavutil-54.dll 2015-02-17 12:46 - 2014-12-01 23:31 - 00479744 _____ () D:\Gry\Steam\libavformat-56.dll 2015-02-17 12:46 - 2014-12-01 23:31 - 00332800 _____ () D:\Gry\Steam\libavresample-2.dll 2015-02-17 12:46 - 2014-12-01 23:31 - 00485888 _____ () D:\Gry\Steam\libswscale-3.dll 2015-02-17 12:46 - 2015-04-14 01:44 - 00702656 _____ () D:\Gry\Steam\bin\chromehtml.DLL 2015-02-17 12:46 - 2015-02-25 03:58 - 34641288 _____ () D:\Gry\Steam\bin\libcef.dll 2010-01-09 21:18 - 2010-01-09 21:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-01-21 02:34 - 2010-01-21 02:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-11-27 15:42 - 2014-11-27 15:42 - 00879808 _____ () D:\Programy\Comodo\Dragon\libglesv2.dll 2014-11-27 15:33 - 2014-11-27 15:33 - 00134848 _____ () D:\Programy\Comodo\Dragon\libegl.dll 2015-02-17 13:21 - 2015-02-17 13:21 - 00218112 _____ () D:\ProgramyAIMP3\System\libsoxr.dll 2015-02-17 13:21 - 2015-02-17 13:21 - 00220672 _____ () D:\ProgramyAIMP3\System\Encoders\MACDll.dll 2015-02-17 13:21 - 2015-02-17 13:21 - 00467968 _____ () D:\ProgramyAIMP3\System\Encoders\libFLAC.dll 2015-02-17 13:21 - 2015-02-17 13:21 - 01733120 _____ () D:\ProgramyAIMP3\System\Encoders\aimp_libvorbis.dll 2015-02-17 13:21 - 2015-02-17 13:21 - 00100424 _____ () D:\ProgramyAIMP3\Plugins\aimp_cdda\aimp_cdda.dll 2015-02-17 13:21 - 2015-02-17 13:21 - 00159232 _____ () D:\ProgramyAIMP3\Plugins\aimp_sacd\libsacd.dll 2015-02-17 13:21 - 2015-02-17 13:21 - 00026624 _____ () D:\ProgramyAIMP3\Plugins\Aorta\Aorta.dll 2015-02-17 13:21 - 2015-02-17 13:21 - 00237568 _____ () D:\ProgramyAIMP3\Plugins\OptimFROG\OptimFROG.dll 2015-02-17 13:21 - 2015-02-17 13:21 - 00152648 _____ () D:\ProgramyAIMP3\Plugins\PandemicAnalogMeter\PandemicAnalogMeter.dll 2015-02-17 12:32 - 2015-02-17 12:32 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll 2014-11-27 15:34 - 2014-11-27 15:34 - 00956608 _____ () D:\Programy\Comodo\Dragon\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2562658416-2256838758-2862498726-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: UX Launcher => C:\Program Files (x86)\UX Pack\uxlaunch.exe ==================== Faulty Device Manager Devices ============= Name: PCI Device Description: PCI Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/18/2015 10:43:11 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2015 06:11:53 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2015 01:28:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2015 10:43:16 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2015 07:52:38 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/16/2015 08:09:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/16/2015 05:00:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/16/2015 03:33:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/15/2015 06:13:55 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/15/2015 05:32:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: GTAVLauncher.exe, version: 1.0.323.1, time stamp: 0x5527eec6 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x000000023f6452d3 Faulting process id: 0xb84 Faulting application start time: 0xGTAVLauncher.exe0 Faulting application path: GTAVLauncher.exe1 Faulting module path: GTAVLauncher.exe2 Report Id: GTAVLauncher.exe3 System errors: ============= Error: (04/25/2015 05:24:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/25/2015 05:24:24 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (04/25/2015 05:22:32 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/25/2015 04:45:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The ESET Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (04/18/2015 10:41:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The atksgt service failed to start due to the following error: %%1275 Error: (04/18/2015 10:41:17 AM) (Source: Application Popup) (EventID: 875) (User: ) Description: Driver atksgt.sys has been blocked from loading. Error: (04/17/2015 06:32:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The COMODO Dragon Update Service service terminated unexpectedly. It has done this 1 time(s). Error: (04/17/2015 06:10:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The atksgt service failed to start due to the following error: %%1275 Error: (04/17/2015 06:10:00 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Driver atksgt.sys has been blocked from loading. Error: (04/17/2015 01:26:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The atksgt service failed to start due to the following error: %%1275 Microsoft Office Sessions: ========================= Error: (04/18/2015 10:43:11 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2015 06:11:53 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2015 01:28:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2015 10:43:16 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2015 07:52:38 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/16/2015 08:09:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/16/2015 05:00:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/16/2015 03:33:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/15/2015 06:13:55 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/15/2015 05:32:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: GTAVLauncher.exe1.0.323.15527eec6unknown0.0.0.000000000c0000005000000023f6452d3b8401d077915977b083D:\Grand Theft Auto V\GTAVLauncher.exeunknown9a0136f7-e384-11e4-bd0b-448a5b25b5cb CodeIntegrity Errors: =================================== Date: 2015-04-25 17:24:24.227 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-25 17:24:24.157 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: AMD A8-5600K APU with Radeon(tm) HD Graphics Percentage of memory in use: 41% Total physical RAM: 6369.81 MB Available physical RAM: 3702.41 MB Total Pagefile: 12737.8 MB Available Pagefile: 9899.93 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:55.8 GB) (Free:21.04 GB) NTFS Drive d: (gry i costam) (Fixed) (Total:170 GB) (Free:19.42 GB) NTFS Drive e: (download) (Fixed) (Total:62.88 GB) (Free:9.06 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 7EB0E285) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=55.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 000B1972) Partition 1: (Not Active) - (Size=170 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=62.9 GB) - (Type=07 NTFS) ==================== End Of Log ============================