Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-09-2014 Ran by CONSTANSGC at 2014-09-18 19:19:35 Running from C:\Users\CONSTANSGC\Desktop Boot Mode: Safe Mode (with Networking) ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: COMODO Antivirus (Enabled - Up to date) {458BB331-2324-0753-3D5F-1472EB102AC0} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D} FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 8.1.4 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation) Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated) Adobe AIR (Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player 9 ActiveX (HKLM\...\ShockwaveFlash) (Version: 9 - Adobe Systems Incorporated) Adobe Reader X (10.1.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated) Application Installer 4.00.B13 (HKLM\...\{70CEFEBA-F757-4DBE-8A21-027C326137CE}) (Version: 4.00.B13 - Hewlett-Packard Company) Asystent Agenta 5.3 (HKLM\...\{47ADA041-20D0-4BD9-B120-B5D06C03294F}) (Version: 7.12.0 - Compensa) Audacity 2.0 (HKLM\...\Audacity_is1) (Version: - Audacity Team) Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.25.4 - Broadcom Corporation) Business Contact Manager dla programu Outlook 2007 (HKLM\...\Business Contact Manager dla programu Outlook 2007) (Version: 3.0.5828.0 - Microsoft Corporation) Business Contact Manager dla programu Outlook 2007 (Version: 3.0.5828.0 - Microsoft Corporation) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform) Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 15.0 - COMODO) COMODO GeekBuddy (HKLM\...\COMODO GeekBuddy) (Version: 3.3.217083.59 - COMODO) COMODO Internet Security (HKLM\...\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}) (Version: 5.9.25057.2197 - COMODO Security Solutions Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.36.7.61 - Conexant) Defraggler (HKLM\...\Defraggler) (Version: 2.13 - Piriform) Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.) ERGO Hestia - Kalkulator OCPD (HKLM\...\EHKalkulatorOCPD) (Version: - ) ESU for Microsoft Vista (HKLM\...\{E5348123-24F7-4FF5-A344-BA16783A4704}) (Version: 1.0.19.1 - Hewlett-Packard) FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski) Fuse Drivers (HKLM\...\{A2C59F3C-4039-4B92-B2DD-704A7C5F9DC0}) (Version: 11.35.0 - Nokia) Google Drive (HKLM\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.) Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: - ) HDI Kalkulatory (HKLM\...\HDIOnAIR) (Version: 3.0 - Adam ADAMCZYK) HDI Kalkulatory (Version: 3.0 - Adam ADAMCZYK) Hidden Hewlett-Packard Active Check (Version: 1.1.7.0 - Hewlett-Packard) Hidden Hewlett-Packard Asset Agent for Health Check (Version: 2.0.59.7 - HP) Hidden HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) HP Active Support Library (Version: 2.0.13.1 - Hewlett-Packard) Hidden HP Active Support Library 32 bit components (Version: 2.1.0 - Hewlett-Packard) Hidden HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 5.3.0.2325 - Hewlett-Packard) HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.01.0005 - Hewlett-Packard) HP Easy Setup - Frontend (HKLM\...\{BBE5C83E-4DC5-494F-8A23-3AAE242E94C2}) (Version: 5.3.0.2325 - Hewlett-Packard) HP Help and Support (HKLM\...\{584B0895-8EF3-4175-8E80-1B68BFA04636}) (Version: 1.2.2 - Hewlett-Packard) HP Notebook Accessories Product Tour (HKLM\...\{521F72F4-FFE4-4959-AA88-EED06125211F}) (Version: 13.0.0 - Hewlett-Packard) HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company) HP Update (HKLM\...\{8C6027FD-53DC-446D-BB75-CACD7028A134}) (Version: 4.000.005.007 - Hewlett-Packard) HP User Guides 0077 (HKLM\...\{B51C3024-333B-4FB6-B1EC-49ECE2DE6056}) (Version: 1.02.0000 - Hewlett-Packard) HP Wireless Assistant (HKLM\...\{D32067CD-7409-4792-BFA0-1469BCD8F0C8}) (Version: 3.00 F1 - Hewlett-Packard) Instalator Menedżera Kopii Zapasowej i Odzyskiwania HP (HKLM\...\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}) (Version: 3.0.17 - Hewlett-Packard Company) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - ) Intel(R) PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - ) InterVideo DVD Check (HKLM\...\{5D97A4A7-C274-4B63-86D9-07A33435F505}) (Version: - ) InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden InterVideo WinDVD (HKLM\...\{3912A629-0020-0005-3131-2FBA74D4DF0A}) (Version: - ) InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.1166 - InterVideo Inc.) Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Kalkulator taryf (HKLM\...\{4B97AFE4-060F-4C90-97CC-C2C3FE85DDFC}) (Version: 3.48.1032 - PTU SA) K-Lite Codec Pack 9.8.5 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 9.8.5 - ) Lexmark 2500 Series (HKLM\...\Lexmark 2500 Series) (Version: - Lexmark International, Inc.) Malwarebytes Anti-Malware wersja 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.0.207.4 - McAfee, Inc.) Microsoft .NET Framework 1.1 Polish Language Pack (HKLM\...\{64CB2553-C109-4132-AA51-1F421B515FD1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 3.5 Language Pack SP1 - plk (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile PLK Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended PLK Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Office 2003 Web Components (HKLM\...\{90A40415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation) Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Standard Edition 2003 (HKLM\...\{91120415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.1.2047.00 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 R2 (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 R2 (Version: - Microsoft Corporation) Hidden Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{185292F7-7C0A-4F72-B2CC-CBEBD40B050E}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.51.2500.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{48B08845-0CB0-45EC-893C-15319ADDA312}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server Browser (HKLM\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}) (Version: 9.00.2047.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.2047.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Motorola CoreScanner Driver (HKLM\...\InstallShield_{38CC9E7D-09E8-4528-BFFC-3162AECA02A6}) (Version: 1.00.0019 - Motorola Solutions, Inc) Motorola CoreScanner Driver (Version: 1.00.0019 - Motorola Solutions, Inc) Hidden Mozilla Firefox 32.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 32.0.1 (x86 pl)) (Version: 32.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 17.0.8 (x86 pl) (HKLM\...\Mozilla Thunderbird 17.0.8 (x86 pl)) (Version: 17.0.8 - Mozilla) MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia) Nokia Flashing Cable Driver (HKLM\...\{2A0A6470-FD0F-4F45-9B11-85F3167DB943}) (Version: 8.23.0.0 - Nokia) Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia) Nokia PC Suite (Version: 7.1.180.94 - Nokia) Hidden Oprogramowanie drukarki EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Pakiet sterowników systemu Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia) Pakiet sterowników systemu Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia) Pakiet sterowników systemu Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia) Pakiet sterowników systemu Windows - Philips (SPC1030) Image (06/11/2008 5.8.8.042) (HKLM\...\45BC8B5D6014058D45855440C588F87C62D70673) (Version: 06/11/2008 5.8.8.042 - Philips) Pakiet sterowników systemu Windows - Philips CL (phaudlwr) MEDIA (06/02/2008 1.0.5.12) (HKLM\...\10F7630C78CC9B1F315B5FA216ECB493C3ACD3E5) (Version: 06/02/2008 1.0.5.12 - Philips CL) Pakiet zgodności dla systemu Office 2007 (HKLM\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation) PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia) Philips SPC1030NC Webcam (HKLM\...\{26216D96-B03D-4B8A-9979-D91C71241B70}) (Version: 1.00.000 - Philips) Phoenix Service Software (HKLM\...\{6D3A29DA-26DA-4E50-A3C1-70F11C4784AB}) (Version: 2012.16.004.48159 - Nokia) Phoenix Service Software 2012.16.004.48159 (HKLM\...\Phoenix Service Software 2012.04.003.47798_is1) (Version: - Seidea.com) PicPick (HKLM\...\PicPick) (Version: 3.1.4 - NTeWORKS) PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.2.10 - Prolific Technology INC) QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden QPrinter Bookmaker 2 (HKLM\...\{44C29075-93A3-4B7F-8208-021DBB65E3B3}_is1) (Version: - QPrint) Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.0.8.0 - Ralink) RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - ) Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio) Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio) Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio) Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio) Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio) Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Roxio) Service Pack 1 for SQL Server 2008 R2 (KB2528583) (HKLM\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation) Składniki łączności pakietu Microsoft Office Small Business (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation) Skype™ 6.1 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.) Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - ) Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.20 - Safer-Networking Ltd.) SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0 - Microsoft Corporation) Hidden Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.0.7.0 - Synaptics) TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer) TitusPlus (HKLM\...\InstallShield_{96B3740E-EE63-412E-ACE8-709A0E75A630}) (Version: 2.8.6.3 - VSoft) TitusPlus (Version: 2.8.6.3 - VSoft) Hidden Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) Vista Default Settings (HKLM\...\{3577EF87-A4AE-4D4B-86EC-A5DF197D7F2A}) (Version: 1.00 A1 - Hewlett-Packard) Vodafone Mobile Broadband Lite (HKLM\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.2.302.33178 - Vodafone) Voyager.com Polisa - Agent (HKLM\...\{B75EA1DD-8882-4D92-B8C4-3CBB4598B8A6}) (Version: 1.04.0011.0404 - Voyager.com) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1175997802-332614115-1566058861-1006_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\CONSTANSGC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1175997802-332614115-1566058861-1006_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CONSTANSGC\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1175997802-332614115-1566058861-1006_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CONSTANSGC\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1175997802-332614115-1566058861-1006_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CONSTANSGC\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1175997802-332614115-1566058861-1006_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CONSTANSGC\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1175997802-332614115-1566058861-1006_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CONSTANSGC\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1175997802-332614115-1566058861-1006_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CONSTANSGC\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1175997802-332614115-1566058861-1006_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CONSTANSGC\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1175997802-332614115-1566058861-1006_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CONSTANSGC\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 10-09-2014 10:51:43 Zaplanowany punkt kontrolny 12-09-2014 07:30:28 Zaplanowany punkt kontrolny 12-09-2014 21:33:54 Zaplanowany punkt kontrolny 13-09-2014 20:57:24 Zaplanowany punkt kontrolny 14-09-2014 08:57:54 Zaplanowany punkt kontrolny 17-09-2014 16:43:23 Zaplanowany punkt kontrolny ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05F4F058-00D1-43A9-8BCD-E08251C341E3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-08] (Adobe Systems Incorporated) Task: {0CDC7D9C-CEBE-497C-B661-15C81FCBE6A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-04] (Google Inc.) Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {297C794A-5CF3-4BEC-9AAF-A8AC17342C58} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd) Task: {2D2DEC4F-74BB-4FB5-9626-21B3A60365F1} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries Task: {39B79AF2-03F5-465F-B7C1-84E59F012B0D} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-06-05] (Hewlett-Packard) Task: {4FCF9882-122A-4158-BCC4-9BE4AD3AE0A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-04] (Google Inc.) Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] () Task: {71AA1794-1201-45D3-9BDF-E5950C441A4F} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {90AE64D8-E7D8-40D6-9FF7-39CB5DFA7B25} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {996AB793-9FE0-4D08-A8E6-12B357B159A8} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation) Task: {DA83AAF9-1111-4CB1-BBF6-D1E6D51C0C99} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-18] (Microsoft Corporation) Task: {ED11C6EC-5C22-4D23-842A-F8098D313BFF} - System32\Tasks\Registration => C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe [2007-06-15] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-09-12 22:45 - 2014-09-12 22:45 - 03716720 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CLPSLS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\Windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk => C:\Windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk => C:\Windows\pss\DVD Check.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AutoEJCD_0ACE20FF => C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE /VID=0ACE /PID=20FF MSCONFIG\startupreg: COMODO => C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe MSCONFIG\startupreg: CPA => C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe MSCONFIG\startupreg: Desk 365 => "C:\Program Files\Desk 365\desk365.exe" /autorun MSCONFIG\startupreg: EPSON Stylus DX7400 Series => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_S3938.tmp" /EF "HKCU" MSCONFIG\startupreg: EPSON Stylus DX7400 Series (Kopia 1) => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_S2A89.tmp" /EF "HKCU" MSCONFIG\startupreg: GG => "C:\Users\CONSTANSGC\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: Google Update => "C:\Users\CONSTANSGC\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe MSCONFIG\startupreg: HP Software Update => c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpWirelessAssistant => %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: lollipop => "c:\users\constansgc\appdata\local\lollipop\lollipop.exe" lollipop MSCONFIG\startupreg: lxddamon => "C:\Program Files\Lexmark 2500 Series\lxddamon.exe" MSCONFIG\startupreg: lxddmon.exe => "C:\Program Files\Lexmark 2500 Series\lxddmon.exe" MSCONFIG\startupreg: Malwarebytes Anti-Malware => C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent MSCONFIG\startupreg: MobileBroadband => C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent MSCONFIG\startupreg: MobileConnect => %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray MSCONFIG\startupreg: PCSpeedUp => C:\Program Files\Przyspiesz Komputer\PCSUNotifier.exe MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: ProXmar Memo => C:\Program Files\ProXmar MEMO\pxmemo.exe /tray MSCONFIG\startupreg: QlbCtrl => %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: spc1030 => C:\Windows\vspc1030.exe MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: WAWifiMessage => %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide MSCONFIG\startupreg: Windows Mobile-based device management => %windir%\WindowsMobile\wmdSync.exe MSCONFIG\startupreg: WindowsWelcomeCenter => rundll32.exe oobefldr.dll,ShowWelcomeCenter ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/18/2014 07:08:52 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c Error: (09/18/2014 06:46:02 PM) (Source: VmbService) (EventID: 0) (User: ) Description: conflictManagerTypeValue Error: (09/18/2014 05:48:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: ) Description: Details: Could not query the status of the EventSystem service. System Error: Trwa proces zamykania systemu. Error: (09/18/2014 05:48:13 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania na woluminie (Proces = C:\Users\CONSTANSGC\Desktop\mbar\mbar\mbar.exe ; Opis = Malwarebytes Anti-Rootkit Restore Point; Hr = 0x8007043c). Error: (09/18/2014 05:48:13 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania na woluminie (Proces = C:\Users\CONSTANSGC\Desktop\mbar\mbar\mbar.exe ; Opis = Malwarebytes Anti-Rootkit Restore Point; Hr = 0x8007043c). Error: (09/18/2014 04:48:48 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c Error: (09/18/2014 04:43:23 PM) (Source: VmbService) (EventID: 0) (User: ) Description: conflictManagerTypeValue Error: (09/18/2014 04:36:00 PM) (Source: VmbService) (EventID: 0) (User: ) Description: conflictManagerTypeValue Error: (09/18/2014 03:52:59 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c Error: (09/18/2014 03:40:37 PM) (Source: VmbService) (EventID: 0) (User: ) Description: conflictManagerTypeValue System errors: ============= Error: (09/18/2014 07:09:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: cmdGuard spldr Wanarpv6 Error: (09/18/2014 07:09:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Przeglądarka komputeraSerwer%%1068 Error: (09/18/2014 07:09:13 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (09/18/2014 07:08:52 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (09/18/2014 07:08:43 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC} Error: (09/18/2014 07:07:56 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 19:06:18 na 2014-09-18 było nieoczekiwane. Error: (09/18/2014 06:58:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: cmdGuard spldr Wanarpv6 Error: (09/18/2014 06:58:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Przeglądarka komputeraSerwer%%1068 Error: (09/18/2014 06:57:18 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 18:55:34 na 2014-09-18 było nieoczekiwane. Error: (09/18/2014 06:46:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: lxddCATSCustConnectService%%1053 Microsoft Office Sessions: ========================= Error: (09/18/2014 07:08:52 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c Error: (09/18/2014 06:46:02 PM) (Source: VmbService) (EventID: 0) (User: ) Description: conflictManagerTypeValue Error: (09/18/2014 05:48:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: ) Description: Details: Could not query the status of the EventSystem service. System Error: Trwa proces zamykania systemu. Error: (09/18/2014 05:48:13 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Users\CONSTANSGC\Desktop\mbar\mbar\mbar.exe Malwarebytes Anti-Rootkit Restore Point0x8007043c Error: (09/18/2014 05:48:13 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Users\CONSTANSGC\Desktop\mbar\mbar\mbar.exe Malwarebytes Anti-Rootkit Restore Point0x8007043c Error: (09/18/2014 04:48:48 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c Error: (09/18/2014 04:43:23 PM) (Source: VmbService) (EventID: 0) (User: ) Description: conflictManagerTypeValue Error: (09/18/2014 04:36:00 PM) (Source: VmbService) (EventID: 0) (User: ) Description: conflictManagerTypeValue Error: (09/18/2014 03:52:59 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c Error: (09/18/2014 03:40:37 PM) (Source: VmbService) (EventID: 0) (User: ) Description: conflictManagerTypeValue CodeIntegrity Errors: =================================== Date: 2014-09-18 19:19:24.159 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-18 19:19:24.065 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-18 19:19:23.956 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-18 19:19:23.831 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-18 17:38:24.892 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-18 17:38:24.783 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-18 17:38:24.690 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-18 17:38:24.580 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-18 17:33:49.412 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-18 17:33:49.318 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) Duo CPU T2600 @ 2.16GHz Percentage of memory in use: 52% Total physical RAM: 2038.66 MB Available physical RAM: 962.01 MB Total Pagefile: 4312.59 MB Available Pagefile: 3579.12 MB Total Virtual: 2047.88 MB Available Virtual: 1921.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:97.66 GB) (Free:31.32 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (HP_RECOVERY) (Fixed) (Total:7.81 GB) (Free:1.19 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (OS_TOOLS) (Fixed) (Total:6.32 GB) (Free:3.4 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 111.8 GB) (Disk ID: A07973C2) Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=7.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=6.3 GB) - (Type=07 NTFS) ==================== End Of Log ============================