Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013 Ran by admin at 2013-10-03 11:29:45 Running from H:\wirusy Boot Mode: Normal ========================================================== ==================== Security Center ======================== AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.0.0) Adobe After Effects CS4 Third Party Content (Version: 9) Adobe AIR (Version: 3.1.0.4880) Adobe Anchor Service CS4 (Version: 2.0) Adobe Bridge CS4 (Version: 3) Adobe CMaps CS4 (Version: 2.0) Adobe Color - Photoshop Specific CS4 (Version: 2.0) Adobe Color EU Extra Settings CS4 (Version: 2.0) Adobe Color JA Extra Settings CS4 (Version: 2.0) Adobe Color NA Recommended Settings CS4 (Version: 2.0) Adobe Color Video Profiles CS CS4 (Version: 2.0) Adobe Creative Suite 4 Master Collection (Version: 4.0) Adobe CSI CS4 (Version: 1) Adobe Default Language CS4 (Version: 2.0) Adobe Encore CS4 Codecs (Version: 4) Adobe ExtendScript Toolkit CS4 (Version: 3.0.0) Adobe Extension Manager CS4 (Version: 2.0) Adobe Flash Player 11 ActiveX (Version: 11.1.102.55) Adobe Fonts All (Version: 2.0) Adobe Illustrator CS4 (Version: 14.0) Adobe InDesign CS4 (Version: 6.0) Adobe InDesign CS4 Application Feature Set Files (Roman) (Version: 6.0) Adobe InDesign CS4 Common Base Files (Version: 6.0) Adobe InDesign CS4 Icon Handler (Version: 6.0) Adobe Linguistics CS4 (Version: 4.0.0) Adobe Media Encoder CS4 Exporter (Version: 1.0) Adobe Media Encoder CS4 Importer (Version: 1.0) Adobe Output Module (Version: 2.0) Adobe PDF Library Files CS4 (Version: 9.0) Adobe Photoshop CS4 (Version: 11.0) Adobe Photoshop CS4 Support (Version: 11.0) Adobe Premiere Pro CS4 Third Party Content (Version: 4) Adobe Reader X (10.1.1) (Version: 10.1.1) Adobe Search for Help (Version: 1.0) Adobe Service Manager Extension (Version: 1.0) Adobe Setup (Version: 2.0) Adobe SGM CS4 (Version: 3.0) Adobe SING CS4 (Version: 2.0) Adobe Soundbooth CS4 Codecs (Version: 2) Adobe Type Support CS4 (Version: 9.0) Adobe Update Manager CS4 (Version: 6.0.0) Adobe WinSoft Linguistics Plugin (Version: 1.1) Adobe XMP Panels CS4 (Version: 2.0) AdobeColorCommonSetCMYK (Version: 2.0) AdobeColorCommonSetRGB (Version: 2.0) Apple Software Update (Version: 2.1.3.127) BioAPI Framework (Version: 1.0.1) Brother MFL-Pro Suite (Version: 1.00) Connect (Version: 1.0.0.1) Dell ControlVault Host Components Installer (Version: 1.7.459.360) Dell Security Device Driver Pack (Version: 1.4.055) Dell Touchpad (Version: 7.1207.101.108) FileZilla Client 3.5.0 (Version: 3.5.0) Google Chrome (HKCU Version: 30.0.1599.66) Google Toolbar for Internet Explorer (Version: 1.0.0) Google Toolbar for Internet Explorer (Version: 7.5.4413.1752) Google Update Helper (Version: 1.3.21.153) IDT Audio (Version: 1.0.6274.0) Intel PROSet Wireless Intel(R) Network Connections Drivers (Version: 16.1) iPlus manager 2.3 Java Auto Updater (Version: 2.0.2.4) Java(TM) 6 Update 22 (Version: 6.0.220) Kan OZC - Deinstalacja programu (Version: wersja 4.0) K-Lite Codec Pack 6.0.4 (Basic) (Version: 6.0.4) kuler (Version: 2.0) Microsoft Silverlight (Version: 5.1.10411.0) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Mozilla Maintenance Service (Version: 17.0.8) Mozilla Thunderbird 17.0.8 (x86 pl) (Version: 17.0.8) Nero 7 Essentials (Version: 7.02.3907) NVIDIA Drivers (Version: 1.10.61.39) NVIDIA nView Desktop Manager (Version: 6.14.10.12154) Obsługa programów Apple (Version: 2.3) OpenOffice.org 3.3 (Version: 3.3.9567) Oprogramowanie Intel(R) PROSet/Wireless WiFi (Version: 13.03.0000) Pakiet sterowników systemu Windows - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (Version: 09/11/2009 1.0.1.6) PaperPort Image Printer (Version: 1.00.0000) PDF Settings CS4 (Version: 9.0) Photoshop Camera Raw (Version: 5.0) QuickTime (Version: 7.73.80.64) RICOH R5U241 / R5C847 Media Driver ver.2.04.01.00 (Version: 2.04.01.00) Savensharee (Version: 3.0.0.1391) ScanSoft PaperPort 11 (Version: 11.1.0000) Suite Shared Configuration CS4 (Version: 1.0) UPEK TouchChip Fingerprint Reader (Version: 1.2.0) WinRAR 4.11 (32-bitowy) (Version: 4.11.0) Xvid Video Codec (Version: 1.3.2) ==================== Restore Points ========================= 03-09-2013 07:23:59 Zaplanowany punkt kontrolny 15-09-2013 11:23:04 Zaplanowany punkt kontrolny ==================== Hosts content: ========================== 2006-11-02 12:23 - 2013-10-03 02:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {0CAB7B68-718C-40E0-B83B-89DDF7007DC8} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\pla.dll [2008-01-21] (Microsoft Corporation) Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] () Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {2BD77E67-1A19-4509-BFDA-826D5BA105B0} - System32\Tasks\Leader Technologies\PowerRegister\Seagate 2GHN5039 Product Registration (admin) => C:\Users\admin\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GHN5039 Product Registration.exe [2009-01-16] (Leader Technologies/Seagate) Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {778267ED-7879-4507-AEC5-4F0270544C1C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-23] (Google Inc.) Task: {7EC7BC5A-B6E2-443D-854C-36F49C21DF83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-23] (Google Inc.) Task: {8ED828EC-E867-4AEE-8E43-56A1F2E46066} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-211883320-545247881-625460645-1000Core => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-23] (Google Inc.) Task: {96FB1033-CA6D-4CBE-BA0A-C6437CFD25B6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-211883320-545247881-625460645-1000UA => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-23] (Google Inc.) Task: {DBBC4AC3-228C-48BE-A385-3A1CE0B492A0} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-211883320-545247881-625460645-1000Core.job => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-211883320-545247881-625460645-1000UA.job => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2009-08-11 21:18 - 2009-08-11 21:18 - 00497664 _____ () C:\Windows\system32\ac3filter.acm 2011-05-22 19:21 - 2011-05-22 19:21 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2013-09-21 11:05 - 2013-09-17 05:21 - 04053456 _____ () C:\Users\admin\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll 2013-09-21 11:05 - 2013-09-17 05:21 - 00410576 _____ () C:\Users\admin\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll 2013-09-21 11:05 - 2013-09-17 05:20 - 01604560 _____ () C:\Users\admin\AppData\Local\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll 2013-09-21 11:05 - 2013-09-17 05:20 - 00709584 _____ () C:\Users\admin\AppData\Local\Google\Chrome\Application\29.0.1547.76\libglesv2.dll 2013-09-21 11:05 - 2013-09-17 05:20 - 00099792 _____ () C:\Users\admin\AppData\Local\Google\Chrome\Application\29.0.1547.76\libegl.dll 2013-08-08 15:35 - 2013-08-08 15:35 - 02244504 _____ () C:\Program Files\Mozilla Thunderbird\mozjs.dll 2013-08-08 15:35 - 2013-08-08 15:35 - 00158104 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll 2013-08-08 15:35 - 2013-08-08 15:35 - 00022424 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll 2011-01-17 17:19 - 2012-01-05 00:17 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll 2010-11-19 19:45 - 2012-01-05 00:17 - 00170496 _____ () C:\Program Files\OpenOffice.org 3\program\libxslt.dll 2007-03-07 09:58 - 2010-11-26 00:42 - 01097728 _____ () C:\Program Files\iPlus\NDISAPI.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/03/2013 09:34:10 AM) (Source: Application Error) (User: ) Description: Aplikacja powodująca błąd iPlusChecker.exe, wersja 0.0.0.0, sygnatura czasowa 0x4ceee262, moduł powodujący błąd ntdll.dll, wersja 6.0.6001.18538, sygnatura czasowa 0x4cb733dc, kod wyjątku 0xc0000005, przesunięcie błędu 0x00068011, identyfikator procesu 0x173c, godzina rozpoczęcia aplikacji 0xiPlusChecker.exe0. Error: (10/03/2013 02:16:10 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 02:05:17 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 02:04:41 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 01:55:43 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 01:52:43 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 01:47:01 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 00:56:19 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 00:46:37 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 00:15:39 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Microsoft Office Sessions: ========================= Error: (10/03/2013 09:34:10 AM) (Source: Application Error)(User: ) Description: iPlusChecker.exe0.0.0.04ceee262ntdll.dll6.0.6001.185384cb733dcc000000500068011173c01cebfd9046d54b4 Error: (10/03/2013 02:16:10 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 02:05:17 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 02:04:41 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 01:55:43 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 01:52:43 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 01:47:01 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 00:56:19 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 00:46:37 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2013 00:15:39 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2013-10-03 11:28:48.410 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-03 11:28:48.279 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-03 11:28:48.116 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-03 11:28:47.936 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-03 11:28:47.811 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-03 11:28:47.702 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-03 11:28:47.584 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-03 11:28:47.418 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-03 02:26:52.569 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-03 02:26:52.460 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 59% Total physical RAM: 2035.19 MB Available physical RAM: 823.52 MB Total Pagefile: 4307.41 MB Available Pagefile: 2356.93 MB Total Virtual: 2047.88 MB Available Virtual: 1910.19 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:58.59 GB) (Free:24.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:90.32 GB) (Free:86.62 GB) NTFS Drive f: (iPlus) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS Drive h: (KLUDI) (Removable) (Total:3.76 GB) (Free:0.3 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: DD1CDD1C) Partition 1: (Not Active) - (Size=133 MB) - (Type=DE) Partition 2: (Active) - (Size=59 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=90 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: F6326D29) Partition 1: (Active) - (Size=4 GB) - (Type=0C) ==================== End Of Log ============================