Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015 Ran by user at 2015-01-09 21:58:33 Running from C:\Users\user\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC} FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.2 - ) 2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation) 7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{331C520E-D8C3-4AB9-ADF7-A666A3561922}) (Version: 1.3.17.25001 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.3.17.25001 - Alcor Micro Corp.) Hidden ArcSoft TotalMedia Backup & Record (HKLM-x32\...\{EF6F70D0-C242-4047-946B-98EA8208481A}) (Version: - ArcSoft) ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS) ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0013 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.22 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.18 - asus) ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK) ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0052 - ASUS) ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS) ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0006 - ASUS) CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev) Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) COMODO Internet Security Premium (HKLM\...\{18F14F4B-D8A9-4309-817E-3BC0B7664E53}) (Version: 8.0.0.4344 - COMODO Security Solutions Inc.) Core Temp version 0.99.8 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.8 - Arthur Liberman) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKU\S-1-5-21-3948689686-701338284-1942790856-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.) Dyn Updater (HKLM-x32\...\DynUpdater) (Version: 4.1.10 - Dyn, Inc.) EaseUS Partition Master 10.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) ETDWare PS/2-x64 7.0.5.7_WHQL (HKLM\...\Elantech) (Version: - ) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation) Gadu-Gadu 10 (HKLM-x32\...\Gadu-Gadu 10) (Version: - GG Network S.A.) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Gastro Szef (HKLM-x32\...\{F4063C95-C3EA-11D4-803A-F49143197918}) (Version: 6.X - Przedsiębiorstwo Usług Komputerowych "SOFTECH BIS") Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.05) (Version: 9.05 - Artifex Software Inc.) HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.24.5 - HTC) IMM4 VCM Codec 1.0.0.10 (HKLM-x32\...\IMM4 Codec_is1) (Version: - ) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.27 - Irfan Skiljan) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Mega Codec Pack 6.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.2.0 - ) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework 2.0 Core Components (x86) ENU (HKLM-x32\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Sync Framework 2.0 Provider Services (x86) ENU (HKLM-x32\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 34.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 pl)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.1 - Mozilla) Mozilla Thunderbird 31.3.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 pl)) (Version: 31.3.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation) OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PrivDog (HKLM-x32\...\PrivDog) (Version: 2.2.0.14 - privdog.com) Pro Surveillance System (HKLM-x32\...\{B28C9804-BFCE-4ADB-8C18-1DD9DA1C530A}) (Version: 4.0.0 - DH) Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - ) Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: - Samsung Electronics Co., Ltd.) Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.1200 - SRS Labs, Inc.) SyncToy 2.1 (x86) (HKLM-x32\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft) System Requirements Lab for Intel (HKLM-x32\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - ) USB 2.0 UVC 1.3M WebCam (HKLM\...\USB 2.0 UVC 1.3M WebCam) (Version: - ) Video Server E (HKLM-x32\...\Video Server E) (Version: 1.0.5.3 - ) VLC media player 1.1.0 (HKLM-x32\...\VLC media player) (Version: 1.1.0 - VideoLAN) VNC Free Edition 4.1.2 (HKLM-x32\...\RealVNC_is1) (Version: 4.1.2 - RealVNC Ltd.) Windows Live Sync (HKLM-x32\...\{E580DFEA-3F1D-4B56-9115-984217032FF5}) (Version: 14.0.8117.416 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 09-01-2015 02:09:46 Installing COMODO Internet Security Premium 09-01-2015 02:11:15 Instalacja pakietu sterownika urządzenia: COMODO Usługa sieciowa 09-01-2015 09:58:25 Removed GeekBuddy. 09-01-2015 19:27:17 Zainstalowano: OpenOffice 4.1.1 09-01-2015 21:26:58 SPTD setup V1.86 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-03-09 17:53 - 2010-05-20 12:26 - 00001798 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 adobe.activate.com 127.0.0.1 adobeereg.com 127.0.0.1 www.adobeereg.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 125.252.224.90 127.0.0.1 125.252.224.91 127.0.0.1 hl2rcv.adobe.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0B0B6EF7-E30D-410B-B6FA-201E09CD2182} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.) Task: {11D0A059-940D-4968-849D-D4EB5A384D91} - System32\Tasks\{27DE5F21-101D-4D83-96DC-6FA694A75594} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {13AB1BFF-1F46-4570-AB77-BD65D2CE0098} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-08-28] (ATK) Task: {19E18FDF-9E3A-452D-B5B7-019AA91F4747} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-08-11] (TODO: ) Task: {3B2080A2-D3A8-44E9-8BA5-95A9FCAE5320} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09] (COMODO) Task: {4BE29AAE-36B4-49F7-A97F-855FE4DDFC04} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO) Task: {8E9AEE17-3B34-4C61-8437-460FE9C7DC4F} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO) Task: {D7F20141-66F5-4508-94EC-243E6F96EA6C} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO) Task: {E1C77AC4-FCA4-4946-8884-8A31312D6214} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO) Task: {E2F70CA7-C5AB-49E9-BBA7-AA0677DC4FF1} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK) Task: {FDCE33E6-1BA6-4018-AC3B-5511690C4EF3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2009-11-23 17:58 - 2007-08-08 00:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe 2007-06-15 10:28 - 2007-06-15 10:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll 2007-06-01 16:52 - 2007-06-01 16:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll 2011-01-27 07:32 - 2011-01-27 07:32 - 00027648 _____ () C:\Windows\System32\ssb7mlm.dll 2011-06-21 06:42 - 2011-06-21 06:42 - 00034304 _____ () C:\Windows\System32\sst3cl6.dll 2006-12-04 00:26 - 2006-12-04 00:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll 2009-08-28 15:00 - 2009-08-28 15:00 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll 2009-08-28 11:43 - 2009-08-28 11:43 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll 2009-11-23 17:58 - 2007-03-09 18:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll 2008-08-13 20:59 - 2008-08-13 20:59 - 00301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe 2008-09-30 23:02 - 2008-09-30 23:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2014-08-06 13:42 - 2014-08-06 13:42 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe 2014-04-12 13:27 - 2014-02-13 14:37 - 00254024 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe 2013-04-15 17:39 - 2013-04-15 17:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2014-08-06 13:40 - 2014-08-06 13:40 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll 2014-08-06 13:41 - 2014-08-06 13:41 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll 2014-08-06 13:41 - 2014-08-06 13:41 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll 2014-08-06 13:41 - 2014-08-06 13:41 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll 2014-08-06 13:42 - 2014-08-06 13:42 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll 2014-08-06 13:44 - 2014-08-06 13:44 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll 2014-08-06 13:46 - 2014-08-06 13:46 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll 2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-01-09 21:34 - 2015-01-09 21:34 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxkcis9.dll 2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libEGL.dll 2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2014-04-12 13:27 - 2014-02-13 14:27 - 00222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\traynet.dll 2014-04-12 13:27 - 2014-02-13 14:27 - 00275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\libcurl.dll 2014-04-12 13:27 - 2014-02-13 14:27 - 00113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\zlib1.dll 2014-04-12 13:27 - 2014-02-13 14:27 - 00249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\uexper.dll 2014-12-09 21:38 - 2014-12-09 21:39 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2007-06-15 10:28 - 2007-06-15 10:28 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll 2007-06-01 17:08 - 2007-06-01 17:08 - 00143360 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID AlternateDataStreams: C:\Users\user\Downloads\01kiqgqd.exe:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_pl.exe:$CmdTcID AlternateDataStreams: C:\Users\user\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_pl.exe:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\EE76EDFF807928E7AA96E50007CE457E2AD33272.torrent:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\faktura(3).pdf:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\faktura(4).pdf:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\faktura(5).pdf:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\faktura(6).pdf:$CmdTcID AlternateDataStreams: C:\Users\user\Downloads\faktura(6).pdf:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\faktura(7).pdf:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\FRST64.exe:$CmdTcID AlternateDataStreams: C:\Users\user\Downloads\FRST64.exe:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\mbam-setup-2.0.4.1028.exe:$CmdTcID AlternateDataStreams: C:\Users\user\Downloads\mbam-setup-2.0.4.1028.exe:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\OTL.com:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\OTL.exe:$CmdTcID AlternateDataStreams: C:\Users\user\Downloads\OTL.exe:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\SPTDinst-v186-x64(1).exe:$CmdTcID AlternateDataStreams: C:\Users\user\Downloads\SPTDinst-v186-x64(1).exe:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\SPTDinst-v186-x64.exe:$CmdZnID ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) HKU\S-1-5-21-3948689686-701338284-1942790856-1000\Software\Classes\.exe: => <===== ATTENTION! ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-3948689686-701338284-1942790856-500 - Administrator - Disabled) ASPNET (S-1-5-21-3948689686-701338284-1942790856-1002 - Limited - Enabled) Gość (S-1-5-21-3948689686-701338284-1942790856-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3948689686-701338284-1942790856-1004 - Limited - Enabled) user (S-1-5-21-3948689686-701338284-1942790856-1000 - Administrator - Enabled) => C:\Users\user ==================== Faulty Device Manager Devices ============= Name: Karta wirtualnego miniportu WiFi firmy Microsoft Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (01/09/2015 06:40:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: AcroRd32.exe, wersja: 11.0.10.32, sygnatura czasowa: 0x547e9779 Nazwa modułu powodującego błąd: IA32.api_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x547e960b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x736a6d28 Identyfikator procesu powodującego błąd: 0x117c Godzina uruchomienia aplikacji powodującej błąd: 0xAcroRd32.exe0 Ścieżka aplikacji powodującej błąd: AcroRd32.exe1 Ścieżka modułu powodującego błąd: AcroRd32.exe2 Identyfikator raportu: AcroRd32.exe3 Error: (01/09/2015 00:17:02 PM) (Source: MsiInstaller) (EventID: 1024) (User: DAGRASSO) Description: Produkt: Adobe Reader XI - Polish - nie można zainstalować aktualizacji '{AC76BA86-7AD7-0000-2550-7A8C40011010}'. Kod błędu 1625. Instalator Windows może tworzyć dzienniki, aby ułatwić rozwiązywanie problemów z instalowaniem pakietów oprogramowania. Użyj następującego łącza, aby uzyskać instrukcje dotyczące włączania obsługi rejestrowania: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (01/09/2015 09:54:06 AM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisStatusChangeCisStatusChange//./root/cis Error: (01/09/2015 09:54:06 AM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisNotificationCisNotification//./root/cis Error: (01/09/2015 09:54:06 AM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM FwAlertFwAlert//./root/cis Error: (01/09/2015 09:54:06 AM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM DfAlertDfAlert//./root/cis Error: (01/09/2015 09:54:06 AM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM AvAlertAvAlert//./root/cis Error: (01/09/2015 09:54:06 AM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisAlertCisAlert//./root/cis Error: (01/09/2015 09:54:06 AM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisEventCisEvent//./root/cis Error: (01/09/2015 09:54:06 AM) (Source: WinMgmt) (EventID: 24) (User: ) Description: SELECT * FROM CisStatusChangeCisStatusChange//./root/cis System errors: ============= Error: (01/09/2015 09:35:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft .NET Framework NGEN v4.0.30319_X86. Error: (01/09/2015 09:32:47 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (01/09/2015 09:31:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft .NET Framework NGEN v4.0.30319_X86. Error: (01/09/2015 09:28:04 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (01/09/2015 06:40:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft .NET Framework NGEN v4.0.30319_X86. Error: (01/09/2015 00:37:22 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (01/09/2015 00:17:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft .NET Framework NGEN v4.0.30319_X86. Error: (01/09/2015 00:13:52 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (01/09/2015 09:56:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft .NET Framework NGEN v4.0.30319_X86. Error: (01/09/2015 02:28:36 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Microsoft Office Sessions: ========================= Error: (09/08/2013 08:42:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1440 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2014-12-14 13:44:03.168 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 13:32:56.955 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 13:12:09.155 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 13:06:48.219 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 11:46:15.651 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 10:45:03.048 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-13 21:28:39.750 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-10 20:52:54.037 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\user\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-10 20:52:53.007 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\user\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-10 20:52:51.588 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz Percentage of memory in use: 48% Total physical RAM: 4095.27 MB Available physical RAM: 2093.51 MB Total Pagefile: 8188.72 MB Available Pagefile: 5841.52 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:128.8 GB) (Free:66.82 GB) NTFS Drive d: () (Fixed) (Total:103.98 GB) (Free:57.11 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 3D82E436) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=128.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=104 GB) - (Type=07 NTFS) ==================== End Of Log ============================