Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-06-2015 01 Ran by CL at 2015-06-23 13:03:41 Running from C:\Documents and Settings Boot Mode: Normal ========================================================= ==================== Accounts: ============================= admin (S-1-5-21-2154615204-4275496255-3731553294-1011 - Limited - Enabled) => %SystemDrive%\Documents and Settings\admin Administrator (S-1-5-21-2154615204-4275496255-3731553294-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator Guest (S-1-5-21-2154615204-4275496255-3731553294-501 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Guest HelpAssistant (S-1-5-21-2154615204-4275496255-3731553294-1005 - Limited - Disabled) SUPPORT_388945a0 (S-1-5-21-2154615204-4275496255-3731553294-1002 - Limited - Disabled) Tomek (S-1-5-21-2154615204-4275496255-3731553294-1007 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Tomek CL (S-1-5-21-2154615204-4275496255-3731553294-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\CL ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) ACDSee Classic (HKLM\...\ACDSee Classic) (Version: - ) Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated) Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - ) Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Reader XI (11.0.03) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated) Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - ) ALLPlayer V2.4 (HKLM\...\ALLPlayer V2.4_is1) (Version: - MarBit COMPUTERS) AOLIcon (Version: 1.00.0000 - Dell) Hidden avast! Free Antivirus (HKLM\...\avast) (Version: 7.0.1474.0 - AVAST Software) Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.7.8981 - ) Avira UnErase Personal (HKLM\...\Avira UnErase Personal) (Version: - ) AviScreen Classic Version 1.3 (HKLM\...\AviScreen Classic (Freeware)_is1) (Version: - Bobyte software) AXIS Media Control Embedded (HKLM\...\AXIS Media Control Embedded) (Version: - ) Broadcom Management Programs (HKLM\...\{26E1BFB0-E87E-4696-9F89-B467F01F81E5}) (Version: 8.65.01 - Broadcom Corporation) calibre (HKLM\...\{7D69BF2B-6C60-4D0A-8A6C-BCFD025D5D84}) (Version: 1.17.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform) Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - ) Corel Paint Shop Pro X (HKLM\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.0 - Corel Inc) Corel Photo Album 6 (HKLM\...\{8A9B8148-DDD7-448F-BD6C-358386D32354}) (Version: 6.00 - Corel, Inc.) Davory (HKLM\...\Davory) (Version: - ) Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation) Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version: - ) Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.) Dell Support 3.1 (HKLM\...\{548EEA8E-8299-497F-8057-811D2D7097DC}) (Version: 5.1.760 - Dell) Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.) Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: - ) Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell) Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc) Disk Investigator 1.5 (HKLM\...\Disk Investigator) (Version: 1.5 - Kevin Solway) EarthLink setup files (HKLM\...\{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}) (Version: 2005.1.47.0 - EarthLink) EasyCleaner (HKLM\...\{F5346614-B7C4-4E94-826A-E2363155233D}) (Version: 2.0.6.380 - ToniArts) ELIcon (Version: 1.00.0000 - Dell) Hidden FastStone Capture 5.3 (HKLM\...\FastStone Capture) (Version: 5.3 - FastStone Soft) Find and Mount 2.31 (HKLM\...\Find and Mount_is1) (Version: 2.31 - A-FF Data Recovery) FLVPlayer4Free Free FLV Player 2.0.0.0 (HKLM\...\FLVPlayer4Free Free FLV Player_is1) (Version: - Simone Tasselli) <==== ATTENTION FreeUndelete (HKLM\...\{A35883BD-9C83-4625-82F3-90F86728C662}) (Version: 2.0 - Recoveronix) FreeUndelete (HKLM\...\FreeUndelete) (Version: - ) Gadu-Gadu 7.6 (HKLM\...\Gadu-Gadu) (Version: - ) Get High Speed Internet! (HKLM\...\{7A3F0566-5E05-4919-9C98-456F6B5CF831}) (Version: 1.00.0000 - Dell) Google Earth (HKLM\...\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}) (Version: 4.1.7076.4458 - Google) Google Earth (HKLM\...\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}) (Version: 4.3.7191.6508 - Google) Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden GPS Photo Tagger V1.2.2 (HKLM\...\GPS Photo Tagger) (Version: V1.2.2 - iTravel Tech, Inc.) GrabIt 1.7.2 Beta 4 (build 997) (HKLM\...\GrabIt_is1) (Version: - Ilan Shemes) Handy Recovery 1.0 (HKLM\...\Handy Recovery 1.0) (Version: - ) Harzing's Publish or Perish 2.5.2969 (HKLM\...\{985556E5-353F-4AA9-9E75-29AB8A5E4E14}) (Version: 2.5.2969 - Tarma Software Research Pty Ltd) High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation) Intel(R) Graphics Media Accelerator Driver for Mobile (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4410 - ) Internal Network Card Power Management (HKLM\...\{1F528948-0E80-4C96-B455-DE4167CB1DF7}) (Version: 1.7.1 - ) Java 7 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle) Juniper Networks Setup Client (HKU\S-1-5-21-2154615204-4275496255-3731553294-1006\...\Juniper_Setup_Client) (Version: 2.2.2.8317 - Juniper Networks) Lagarith Lossless Codec (1.3.27) (HKLM\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - ) Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version: - ) Lizardtech DjVu Control (HKLM\...\{105CFC7C-6992-11D5-BD9D-000102C10FD8}) (Version: - ) MediaCoder 2011 (HKLM\...\MediaCoder) (Version: 2011 - Broad Intelligence) Microsoft .NET Framework 2.0 — pakiet języka polskiego (HKLM\...\Microsoft .NET Framework 2.0 Language Pack - PLK) (Version: - Microsoft Corporation) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation) Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft User-Mode Driver Framework Feature Pack 1.5 (HKLM\...\Wudf01005) (Version: - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version: - Microsoft Corporation) MIKSOFT Mobile Media Converter (HKLM\...\Mobile Media Converter_is1) (Version: - MIKSOFT) MiVue Manager (HKLM\...\{123BDDDC-D02F-4C6E-A011-9CB265E2483E}) (Version: 1.0.17.1 - Mio Technology Corporation) Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 3.01 - BVRP Software) Mozilla Firefox 38.0.5 (x86 pl) (HKLM\...\Mozilla Firefox 38.0.5 (x86 pl)) (Version: 38.0.5 - Mozilla) MP3 Player Utilities (HKLM\...\{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}) (Version: 1.45 - ) MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Musicmatch for Windows Media Player (HKLM\...\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - ) Musicmatch® Jukebox (HKLM\...\{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - ) NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.23 - BVRP Software, Inc) NetZeroInstallers (HKLM\...\{352310C3-E46B-42D3-8F32-54721FDD72D9}) (Version: 1.0.0 - NetZero, Inc.) Odkurzacz 11.3 (HKLM\...\Odkurzacz 11.3_is1) (Version: 11.3 - Franmo Software) oggcodecs 0.72.1838 (HKLM\...\oggcodecs) (Version: 0.72.1838 - illiminable) OpenOffice 4.1.1 (HKLM\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) OpenOffice.org 3.2 (HKLM\...\{8727531E-6C58-4852-A90B-39CF45E269A9}) (Version: 3.2.9502 - OpenOffice.org) Opera 9.62 (HKLM\...\{D9226EB1-C528-48AC-B423-BD9240E1F60B}) (Version: 9.62 - Opera Software ASA) Paint.NET v3.5.8 (HKLM\...\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}) (Version: 3.58.0 - dotPDN LLC) Panda ActiveScan (HKLM\...\Panda ActiveScan) (Version: - Panda Software S.L.) PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - ) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.1 - Google, Inc.) PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: - ) PowerDVD 5.5 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - ) Puran Defrag Free Edition 7.1 (HKLM\...\Puran Defrag Free Edition_is1) (Version: - Puran Software) Qualxserve Service Agreement (HKLM\...\{0F756CD9-4A1E-409B-B101-601DDC4C03AA}) (Version: 1.10.0000 - Dell) QuickSet (HKLM\...\{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 5.8.0 - ) QuickTime (HKLM\...\QuickTime) (Version: - ) QuickTime Alternative 1.77 (HKLM\...\QuicktimeAlt_is1) (Version: 1.77 - ) Real Alternative 1.7.5 Lite (HKLM\...\RealAlt_is1) (Version: 1.7.5 - ) RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform) Registry Mechanic 8.0 (HKLM\...\Registry Mechanic_is1) (Version: 8.0 - PC Tools) SAGEM F@st 800-840 (HKLM\...\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}) (Version: 4.06.000 - SAGEM) Seagate Manager Installer (HKLM\...\InstallShield_{BB6D4A78-4BDB-4FBD-81CB-00DC2FC2BF41}) (Version: 2.01.0076 - Seagate) Seagate Manager Installer (Version: 2.01.0076 - Seagate) Hidden SequoiaView (HKLM\...\SequoiaView) (Version: - ) Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions) Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions) Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions) Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions) Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.0.14.0 - Synaptics) Undelete Plus 2.97 (HKLM\...\UndeletePlus_is1) (Version: - Copyright © 2008 Phoenix Technologies • All Rights Reserved) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) VLC media player 1.1.5 (HKLM\...\VLC media player) (Version: 1.1.5 - VideoLAN) WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version: - ) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Windows Genuine Advantage Validation Tool (HKLM\...\WGA) (Version: - Microsoft Corporation) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - ) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation) WinHTTrack Website Copier 3.43-9C (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.43.9 - HTTrack) WordPerfect Office 12 (HKLM\...\{AF19F291-F22F-4798-9662-525305AE9E48}) (Version: 12.01 - Corel Corporation) XviD MPEG-4 Video Codec (HKLM\...\XviD_is1) (Version: XviD-1.1.0-Beta2-04042005 - XviD Team (Koepi)) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\CL\Application Data\Dropbox\bin\Dropbox.exe /autoplay No File CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> No Filepath CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{1796A329-04C1-4C07-B28E-E4A807935C06}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{1A239250-B650-4B63-B4CF-7FCC4DC07DC6}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{1AEDB68D-18A7-4CA9-B41B-3CE7E59FAB24}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> No Filepath CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{42DF0D46-7D49-4AE5-8EF6-9CA6E41EFEC1}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{63E6BE14-A742-4EEA-8AF3-0EC39F10F850}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{645EEE5A-BD51-4C05-A6AF-6F2CF8950AAB}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{77C4C807-E257-43AD-BB3F-7CA88760BD29}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{8097D7E9-DB9E-4AEF-9B28-61D82A1DF784}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{9059C329-4661-49B2-9984-8753C45DB7B9}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{A2D4475B-C9AA-48E2-A029-1DB829DACF7B}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{A4F65992-5738-475B-9C16-CF102BCDE153}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{AFD07A5E-3E20-4D77-825C-2F6D1A50BE5B}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{B153D707-447A-4538-913E-6146B3FDEE02}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> No Filepath CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> No Filepath CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{CBD4FB70-F00B-4963-B249-4B056E6A981A}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> No Filepath CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> No Filepath CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{D93BF052-FC68-4DB6-A4F8-A4DC9BEEB1C0}\localserver32 -> C:\Program Files\Google\Google Earth\googleearth.exe (Google) CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\CL\Application Data\Dropbox\bin\Dropbox.exe /wiacallback No File CustomCLSID: HKU\S-1-5-21-2154615204-4275496255-3731553294-1006_Classes\CLSID\{F4F7B301-7C59-4851-BA97-C51F110B590F}\InprocServer32 -> C:\Program Files\Google\Google Earth\earthps.dll () ==================== Restore Points ========================= 20-06-2015 18:01:46 System Checkpoint ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2004-08-10 20:51 - 2009-04-18 14:26 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\CL\APPLIC~1\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-2154615204-4275496255-3731553294-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-2154615204-4275496255-3731553294-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe ==================== Loaded Modules (Whitelisted) ============== 2015-06-23 00:03 - 2015-06-22 21:03 - 02924032 _____ () C:\Program Files\AVAST Software\Avast\defs\15062205\algo.dll 2009-04-17 19:55 - 2007-02-13 16:20 - 01205840 _____ () C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe 2009-04-17 19:55 - 2006-11-27 14:20 - 00094208 _____ () C:\Program Files\SAGEM\SAGEM F@st 800-840\Languages\Polish.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9 AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\13476158.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\13476158.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2154615204-4275496255-3731553294-1006\Control Panel\Desktop\\Wallpaper -> ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: MMTray => "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) StandardProfile\AuthorizedApplications: [C:\Program Files\VideoLAN\VLC\vlc.exe] => Enabled:VLC media player StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox) DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004 DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005 DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001 DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002 StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004 StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005 StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001 StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002 StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007 StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008 StandardProfile\GloballyOpenPorts: [4411:UDP] => Enabled:Windows Media Format SDK (screamer.exe) StandardProfile\GloballyOpenPorts: [4410:UDP] => Enabled:Windows Media Format SDK (screamer.exe) StandardProfile\GloballyOpenPorts: [4413:UDP] => Enabled:Windows Media Format SDK (screamer.exe) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/20/2015 04:59:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application plugin-container.exe, version 38.0.5.5623, faulting module mozalloc.dll, version 38.0.5.5623, fault address 0x00001aa1. Processing media-specific event for [plugin-container.exe!ws!] Error: (06/18/2015 08:02:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application opera.exe, version 9.62.10467.0, faulting module unknown, version 0.0.0.0, fault address 0x1013cd6c. Processing media-specific event for [opera.exe!ws!] Error: (06/17/2015 01:08:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application plugin-container.exe, version 38.0.5.5623, faulting module mozalloc.dll, version 38.0.5.5623, fault address 0x00001aa1. Processing media-specific event for [plugin-container.exe!ws!] Error: (06/15/2015 06:01:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application opera.exe, version 9.62.10467.0, faulting module unknown, version 0.0.0.0, fault address 0x10200e6d. Processing media-specific event for [opera.exe!ws!] Error: (06/15/2015 05:54:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application opera.exe, version 9.62.10467.0, faulting module unknown, version 0.0.0.0, fault address 0x10200e6d. Processing media-specific event for [opera.exe!ws!] Error: (06/15/2015 00:50:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application opera.exe, version 9.62.10467.0, faulting module unknown, version 0.0.0.0, fault address 0x102246b8. Processing media-specific event for [opera.exe!ws!] Error: (06/15/2015 00:30:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application opera.exe, version 9.62.10467.0, faulting module unknown, version 0.0.0.0, fault address 0x101e0e6d. Processing media-specific event for [opera.exe!ws!] Error: (06/15/2015 00:16:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application opera.exe, version 9.62.10467.0, faulting module , version 0.0.0.0, fault address 0x00000000. Processing media-specific event for [opera.exe!ws!] Error: (06/15/2015 00:01:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application opera.exe, version 9.62.10467.0, faulting module unknown, version 0.0.0.0, fault address 0x101e0e6d. Processing media-specific event for [opera.exe!ws!] Error: (06/15/2015 00:57:25 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application plugin-container.exe, version 38.0.5.5623, faulting module mozalloc.dll, version 38.0.5.5623, fault address 0x00001aa1. Processing media-specific event for [plugin-container.exe!ws!] System errors: ============= Error: (06/23/2015 00:51:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The General Purpose USB Driver (adildr.sys) service failed to start due to the following error: %%1058 Error: (06/23/2015 00:34:00 PM) (Source: Schedule) (EventID: 7901) (User: ) Description: The At1.job command failed to start due to the following error: %%2147942403 Error: (06/23/2015 11:34:04 AM) (Source: Schedule) (EventID: 7901) (User: ) Description: The At1.job command failed to start due to the following error: %%2147942403 Error: (06/23/2015 10:34:01 AM) (Source: Schedule) (EventID: 7901) (User: ) Description: The At1.job command failed to start due to the following error: %%2147942403 Error: (06/23/2015 09:34:02 AM) (Source: Schedule) (EventID: 7901) (User: ) Description: The At1.job command failed to start due to the following error: %%2147942403 Error: (06/23/2015 08:34:00 AM) (Source: Schedule) (EventID: 7901) (User: ) Description: The At1.job command failed to start due to the following error: %%2147942403 Error: (06/23/2015 08:26:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The General Purpose USB Driver (adildr.sys) service failed to start due to the following error: %%1058 Error: (06/23/2015 01:34:00 AM) (Source: Schedule) (EventID: 7901) (User: ) Description: The At1.job command failed to start due to the following error: %%2147942403 Error: (06/23/2015 00:34:00 AM) (Source: Schedule) (EventID: 7901) (User: ) Description: The At1.job command failed to start due to the following error: %%2147942403 Error: (06/22/2015 11:34:00 PM) (Source: Schedule) (EventID: 7901) (User: ) Description: The At1.job command failed to start due to the following error: %%2147942403 Microsoft Office: ========================= Error: (06/20/2015 04:59:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe38.0.5.5623mozalloc.dll38.0.5.562300001aa1 Error: (06/18/2015 08:02:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe9.62.10467.0unknown0.0.0.01013cd6c Error: (06/17/2015 01:08:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe38.0.5.5623mozalloc.dll38.0.5.562300001aa1 Error: (06/15/2015 06:01:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe9.62.10467.0unknown0.0.0.010200e6d Error: (06/15/2015 05:54:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe9.62.10467.0unknown0.0.0.010200e6d Error: (06/15/2015 00:50:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe9.62.10467.0unknown0.0.0.0102246b8 Error: (06/15/2015 00:30:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe9.62.10467.0unknown0.0.0.0101e0e6d Error: (06/15/2015 00:16:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe9.62.10467.00.0.0.000000000 Error: (06/15/2015 00:01:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe9.62.10467.0unknown0.0.0.0101e0e6d Error: (06/15/2015 00:57:25 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe38.0.5.5623mozalloc.dll38.0.5.562300001aa1 ==================== Memory info =========================== Processor: Intel(R) Celeron(R) M processor 1.40GHz Percentage of memory in use: 90% Total physical RAM: 503.37 MB Available physical RAM: 46.53 MB Total Pagefile: 1228.19 MB Available Pagefile: 669.7 MB Total Virtual: 2047.88 MB Available Virtual: 1933.42 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:34.21 GB) (Free:5.85 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 37.3 GB) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=34.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=3 GB) - (Type=DB) ==================== End of log ============================