Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01 Ran by Merlin-hs (administrator) on I7-2600K on 11-08-2014 21:19:15 Running from C:\Users\Merlin-hs\Desktop\Diagonostyka systemowa Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.exe (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe (BitTorrent Inc.) C:\Users\Merlin-hs\AppData\Roaming\uTorrent\uTorrent.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe (fischerwerke Gmbh & Co. KG) C:\Program Files (x86)\fischer\Update\fischerUpdateService.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Barracuda Networks, Inc.) C:\Users\Merlin-hs\AppData\Roaming\Copy\CopyAgent.exe ( ) C:\Program Files (x86)\ChomikBox\chomikbox.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Agito d.o.o.) C:\Program Files (x86)\Hilti\PROFIS AutoUpdate\Hilti.AutoUpdate.Service.exe () C:\Brother\BPRSP\resources\BrSupSsp.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Fabio Martin) C:\Program Files (x86)\7 Sticky Notes\7StickyNotes.exe (FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe (Dropbox, Inc.) C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\Dropbox.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe () C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () C:\Program Files (x86)\Portrait Displays\Pivot Software\Floater.exe (Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display\dthtml.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (fischerwerke Gmbh & Co. KG) C:\Program Files (x86)\fischer\Update\fischerUpdate.exe (Agito d.o.o.) C:\Program Files (x86)\Hilti\PROFIS AutoUpdate\Hilti.AutoUpdate.Tray.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Software Security System) C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekag20nt.exe () C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor) HKLM\...\Run: [VIRTU MVP] => C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe [3006240 2012-03-12] () HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH) HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [855608 2007-09-27] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-03-13] (Copyright 2013 SAMSUNG) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation) HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2013-06-01] (FNet Co., Ltd.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [THX TruStudio NB Settings] => C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe [694824 2009-03-03] () HKLM-x32\...\Run: [DT HPC] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [123688 2013-01-10] (Portrait Displays, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.) HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] () HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2011-10-07] (Brother Industries, Ltd.) HKLM-x32\...\Run: [fischer Live Update] => C:\Program Files (x86)\fischer\Update\fischerUpdate.exe [2082304 2014-03-26] (fischerwerke Gmbh & Co. KG) HKLM-x32\...\Run: [PROFIS AutoUpdate] => C:\Program Files (x86)\Hilti\PROFIS AutoUpdate\Hilti.AutoUpdate.Tray.exe [497152 2013-05-07] (Agito d.o.o.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [ASRockXTU] => [X] HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [zASRockInstantBoot] => [X] HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google) HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [chromium] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.) HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.) HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [uTorrent] => C:\Users\Merlin-hs\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-02] (BitTorrent Inc.) HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1753280 2014-07-16] (Valve Corporation) HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [Copy] => C:\Users\Merlin-hs\AppData\Roaming\Copy\CopyAgent.exe [15367824 2014-08-04] (Barracuda Networks, Inc.) HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.) HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [ChomikBox] => C:\Program Files (x86)\ChomikBox\chomikbox.exe [6033408 2014-03-11] ( ) HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\Policies\Explorer: [] HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\MountPoints2: {f16d9c8f-cbad-11e3-9594-0015830cbfeb} - G:\AutoRun.exe HKU\S-1-5-21-2651791677-126434903-354596880-1000\...\MountPoints2: {f16d9c9e-cbad-11e3-9594-0015830cbfeb} - G:\AutoRun.exe AppInit_DLLs: C:\Windows\system32\appinit_dll.dll => C:\Windows\system32\appinit_dll.dll [172320 2012-03-12] (Lucidlogix Inc.) AppInit_DLLs-x32: c:\windows\syswow64\appinit_dll.dll => c:\windows\syswow64\appinit_dll.dll [148256 2012-03-12] (Lucidlogix Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Brother PORPB.lnk ShortcutTarget: Brother PORPB.lnk -> C:\Windows\Installer\{8040527F-DD74-4B45-8A06-C4BF145B6C76}\BrSupSsp.exe_44686FC076524EF5975EF92EE48E2958.exe (Flexera Software LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.) Startup: C:\Users\Merlin-hs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7 Sticky Notes.lnk ShortcutTarget: 7 Sticky Notes.lnk -> C:\Program Files (x86)\7 Sticky Notes\7StickyNotes.exe (Fabio Martin) Startup: C:\Users\Merlin-hs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: 1aCopyShExtError -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\Merlin-hs\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 2aCopyShExtSynced -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\Merlin-hs\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 3aCopyShExtSyncing -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\Merlin-hs\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 4aCopyShExtSyncingProg1 -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\Merlin-hs\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 5aCopyShExtSyncingProg2 -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\Merlin-hs\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 6aCopyShExtSyncingProg3 -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\Merlin-hs\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 7aCopyShExtSyncingProg4 -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\Merlin-hs\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 8aCopyShExtSyncingProg5 -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\Merlin-hs\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers-x32: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Merlin-hs\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: 01InsyncSynced -> {79168b3f-9ed7-4209-a2ef-835c56a4c0dc} => No File ShellIconOverlayIdentifiers-x32: 02InsyncSyncing -> {8896d747-f2a9-4527-928d-df152fdf73d7} => No File ShellIconOverlayIdentifiers-x32: 03InsyncError -> {06E10739-B8D0-41A4-B4A1-A9A4220003B2} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{958C3FE8-88BF-4344-AC47-CEEBC9E62FE3}: [NameServer]193.41.112.18 193.41.112.14 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Merlin-hs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) Chrome: ======= CHR HomePage: hxxp://www.google.com CHR Extension: (Dysk Google) - C:\Users\Merlin-hs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-01] CHR Extension: (YouTube) - C:\Users\Merlin-hs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-24] CHR Extension: (Adblock Plus) - C:\Users\Merlin-hs\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-24] CHR Extension: (Szukaj w Google) - C:\Users\Merlin-hs\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-24] CHR Extension: (AdBlock) - C:\Users\Merlin-hs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-24] CHR Extension: (avast! Online Security) - C:\Users\Merlin-hs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-24] CHR Extension: (Google Keep – notatki i listy) - C:\Users\Merlin-hs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-07-24] CHR Extension: (Google Wallet) - C:\Users\Merlin-hs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-07] CHR Extension: (Desktop) - C:\Users\Merlin-hs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafkcccccfmnjkhhndjfffifnflhkpdo [2014-07-24] CHR Extension: (Gmail) - C:\Users\Merlin-hs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-24] CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MERLIN~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-06-08] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed] R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-24] (AVAST Software) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed] R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH) R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [140072 2013-01-10] (Portrait Displays, Inc.) R2 fischerUpdateSvc; C:\Program Files (x86)\fischer\Update\fischerUpdateService.exe [2892800 2014-03-26] (fischerwerke Gmbh & Co. KG) [File not signed] R2 Hilti PROFIS AutoUpdate Service; C:\Program Files (x86)\Hilti\PROFIS AutoUpdate\Hilti.AutoUpdate.Service.exe [212480 2013-05-07] (Agito d.o.o.) [File not signed] R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] () S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation) R2 MSSQL$ELISOFT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation) S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2014-04-24] () S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [621632 2011-03-04] () R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-03-13] (Copyright 2013 SAMSUNG) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc) R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology) R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-24] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-24] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-24] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-24] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-25] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-25] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-25] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-24] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-05] (Disc Soft Ltd) R3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-08-06] (FNet Co., Ltd.) R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2013-06-01] (FNet Co., Ltd.) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [223744 2014-04-24] (Huawei Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] () R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] () R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [36904 2013-06-01] (Feitian Technologies Co., Ltd.) S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [105160 2012-12-20] (WIBU-SYSTEMS AG) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-08-11] () S3 HRMACPI; SYSTEM32\DRIVERS\HRMACPI.SYS [X] S3 MSICDSetup; \??\D:\CDriver64.sys [X] S3 SOFTUSBTESTHUB; SYSTEM32\DRIVERS\SOFTUSBTESTHUB.SYS [X] S3 SOFTWADP; SYSTEM32\DRIVERS\SOFTWADP.SYS [X] S3 WSOFTUSBK; SYSTEM32\DRIVERS\WSOFTUSBK.SYS [X] U3 pxldrpob; \??\C:\Users\MERLIN~1\AppData\Local\Temp\pxldrpob.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-11 21:18 - 2014-08-11 21:19 - 00000000 ____D () C:\FRST 2014-08-11 20:40 - 2014-08-11 21:19 - 00000000 ____D () C:\Users\Merlin-hs\Desktop\Diagonostyka systemowa 2014-08-11 16:01 - 2014-08-11 16:01 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2014-08-11 16:01 - 2014-08-11 16:01 - 00000000 ____H () C:\ProgramData\cm-lock 2014-08-09 21:16 - 2014-08-09 21:16 - 00001168 _____ () C:\Users\Public\Desktop\SMath Studio Desktop.lnk 2014-08-07 19:34 - 2014-08-07 19:34 - 00000798 _____ () C:\Users\Merlin-hs\AppData\Local\recently-used.xbel 2014-08-07 19:28 - 2014-08-07 19:28 - 00059342 _____ () C:\Users\Merlin-hs\Downloads\io_import_dxf_0.8.4.zip 2014-08-07 19:27 - 2014-08-07 19:27 - 00611073 _____ () C:\Users\Merlin-hs\Downloads\ACad2Obj4Blender_v2.01.zip 2014-08-07 19:27 - 2014-08-07 19:27 - 00611073 _____ () C:\Users\Merlin-hs\Downloads\ACad2Obj4Blender_v2.01 (1).zip 2014-08-05 21:36 - 2014-08-05 21:36 - 00001546 _____ () C:\Users\Merlin-hs\Desktop\PS.lnk 2014-08-04 23:59 - 2014-08-05 00:05 - 00000000 ____D () C:\Users\Merlin-hs\RayPump 2014-08-04 23:58 - 2014-08-04 23:58 - 10357672 _____ () C:\Users\Merlin-hs\Downloads\raypumpii_v1170_windows.zip 2014-08-04 19:29 - 2014-08-04 19:29 - 00005823 _____ () C:\Users\Merlin-hs\Downloads\ui_layer_manager152.py.zip 2014-08-04 19:13 - 2014-06-03 13:09 - 00039482 _____ () C:\Users\Merlin-hs\Downloads\BoolTool.py 2014-08-04 19:12 - 2014-08-04 19:12 - 00008289 _____ () C:\Users\Merlin-hs\Downloads\BoolTool 0.2.rar 2014-08-04 18:04 - 2014-08-04 18:04 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Roaming\Unity 2014-08-04 18:01 - 2014-08-04 18:01 - 01080480 _____ (Unity Technologies ApS) C:\Users\Merlin-hs\Downloads\UnityWebPlayer.exe 2014-08-04 18:01 - 2014-08-04 18:01 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Local\Unity 2014-08-02 12:06 - 2014-08-02 12:09 - 27039268 _____ () C:\Users\Merlin-hs\Downloads\demo_level_final.blend 2014-07-29 23:00 - 2014-07-29 23:10 - 00004608 _____ () C:\Users\Merlin-hs\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-07-28 22:24 - 2014-08-04 18:16 - 00002050 _____ () C:\Users\Public\Desktop\Blender 2.71.lnk 2014-07-28 22:24 - 2014-07-28 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation 2014-07-28 22:22 - 2014-07-28 22:24 - 58448062 _____ () C:\Users\Merlin-hs\Downloads\blender-2.71-windows64.exe 2014-07-28 22:10 - 2014-07-28 22:22 - 167150967 _____ () C:\Users\Merlin-hs\Downloads\BlenderGuru+-+Baking_PrisonHall.blend 2014-07-28 20:16 - 2014-07-28 20:21 - 54058886 _____ () C:\Users\Merlin-hs\Downloads\BlenderGuru_Baking_LivingRoom.blend 2014-07-24 22:44 - 2014-07-24 22:45 - 00000000 ____D () C:\AdwCleaner 2014-07-24 22:43 - 2014-07-24 22:43 - 01354223 _____ () C:\Users\Merlin-hs\Downloads\adwcleaner_3.216.exe 2014-07-24 19:16 - 2014-08-07 20:58 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-24 19:15 - 2014-07-24 19:15 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-24 19:15 - 2014-07-24 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-24 19:15 - 2014-07-24 19:15 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-24 19:15 - 2014-07-24 19:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-24 19:15 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-24 19:15 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-24 19:15 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-15 12:49 - 2014-07-15 12:52 - 00000000 ____D () C:\Users\Merlin-hs\Documents\AutoCAD Sheet Sets ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-11 21:19 - 2014-08-11 21:18 - 00000000 ____D () C:\FRST 2014-08-11 21:19 - 2014-08-11 20:40 - 00000000 ____D () C:\Users\Merlin-hs\Desktop\Diagonostyka systemowa 2014-08-11 21:19 - 2014-01-04 00:15 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Roaming\Skype 2014-08-11 21:17 - 2013-10-08 19:14 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Roaming\uTorrent 2014-08-11 21:17 - 2013-06-01 21:47 - 00000000 ____D () C:\Users\Merlin-hs\Documents\Pliki programu Outlook 2014-08-11 21:12 - 2013-06-01 19:10 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Local\CrashDumps 2014-08-11 20:50 - 2013-06-01 19:06 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-11 19:16 - 2014-01-16 20:52 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Roaming\Copy 2014-08-11 16:09 - 2009-07-14 06:45 - 00022096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-11 16:09 - 2009-07-14 06:45 - 00022096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-11 16:07 - 2014-01-22 01:02 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-08-11 16:07 - 2014-01-22 01:02 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-08-11 16:07 - 2011-04-12 15:21 - 07560942 _____ () C:\Windows\system32\perfh015.dat 2014-08-11 16:07 - 2011-04-12 15:21 - 02478970 _____ () C:\Windows\system32\perfc015.dat 2014-08-11 16:07 - 2009-07-14 07:13 - 00006922 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-11 16:06 - 2013-06-01 18:28 - 01891428 _____ () C:\Windows\WindowsUpdate.log 2014-08-11 16:02 - 2014-03-20 00:06 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Roaming\7 Sticky Notes 2014-08-11 16:02 - 2013-12-20 20:59 - 00000000 ___RD () C:\Users\Merlin-hs\Dropbox 2014-08-11 16:02 - 2013-12-20 20:56 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Roaming\Dropbox 2014-08-11 16:02 - 2013-06-01 20:16 - 00000000 ___RD () C:\Users\Merlin-hs\Dysk Google 2014-08-11 16:02 - 2013-06-01 19:06 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-11 16:02 - 2013-06-01 19:00 - 00000600 _____ () C:\lucid.log 2014-08-11 16:01 - 2014-08-11 16:01 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2014-08-11 16:01 - 2014-08-11 16:01 - 00000000 ____H () C:\ProgramData\cm-lock 2014-08-11 16:01 - 2014-04-06 14:01 - 00000000 ____D () C:\Users\Merlin-hs\.gstreamer-0.10 2014-08-11 16:01 - 2013-12-04 01:12 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-08-11 16:01 - 2013-11-12 23:08 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-08-11 16:01 - 2013-10-30 19:57 - 00093280 _____ () C:\Windows\setupact.log 2014-08-11 16:01 - 2013-10-30 19:56 - 00750782 _____ () C:\Windows\PFRO.log 2014-08-11 16:01 - 2013-10-07 22:06 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs 2014-08-11 16:01 - 2013-06-01 19:42 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-08-11 16:01 - 2013-06-01 18:59 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys 2014-08-11 16:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-10 10:19 - 2013-06-01 20:10 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-08-09 21:16 - 2014-08-09 21:16 - 00001168 _____ () C:\Users\Public\Desktop\SMath Studio Desktop.lnk 2014-08-09 21:16 - 2013-10-08 19:11 - 00001180 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMath Studio Desktop.lnk 2014-08-09 21:15 - 2013-10-08 19:11 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Roaming\SMath 2014-08-08 20:38 - 2014-04-06 14:01 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Local\ChomikBox 2014-08-07 20:58 - 2014-07-24 19:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-07 19:44 - 2014-01-24 00:12 - 01949283 _____ () C:\Windows\system32\webservice4.log 2014-08-07 19:34 - 2014-08-07 19:34 - 00000798 _____ () C:\Users\Merlin-hs\AppData\Local\recently-used.xbel 2014-08-07 19:28 - 2014-08-07 19:28 - 00059342 _____ () C:\Users\Merlin-hs\Downloads\io_import_dxf_0.8.4.zip 2014-08-07 19:27 - 2014-08-07 19:27 - 00611073 _____ () C:\Users\Merlin-hs\Downloads\ACad2Obj4Blender_v2.01.zip 2014-08-07 19:27 - 2014-08-07 19:27 - 00611073 _____ () C:\Users\Merlin-hs\Downloads\ACad2Obj4Blender_v2.01 (1).zip 2014-08-06 23:05 - 2013-11-09 14:48 - 00558080 ___SH () C:\Users\Merlin-hs\Documents\Thumbs.db 2014-08-06 19:39 - 2013-06-08 16:57 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS 2014-08-05 21:37 - 2013-06-01 19:07 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Roaming\Adobe 2014-08-05 21:36 - 2014-08-05 21:36 - 00001546 _____ () C:\Users\Merlin-hs\Desktop\PS.lnk 2014-08-05 00:05 - 2014-08-04 23:59 - 00000000 ____D () C:\Users\Merlin-hs\RayPump 2014-08-04 23:59 - 2013-06-01 18:28 - 00000000 ____D () C:\Users\Merlin-hs 2014-08-04 23:58 - 2014-08-04 23:58 - 10357672 _____ () C:\Users\Merlin-hs\Downloads\raypumpii_v1170_windows.zip 2014-08-04 19:29 - 2014-08-04 19:29 - 00005823 _____ () C:\Users\Merlin-hs\Downloads\ui_layer_manager152.py.zip 2014-08-04 19:12 - 2014-08-04 19:12 - 00008289 _____ () C:\Users\Merlin-hs\Downloads\BoolTool 0.2.rar 2014-08-04 18:16 - 2014-07-28 22:24 - 00002050 _____ () C:\Users\Public\Desktop\Blender 2.71.lnk 2014-08-04 18:04 - 2014-08-04 18:04 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Roaming\Unity 2014-08-04 18:01 - 2014-08-04 18:01 - 01080480 _____ (Unity Technologies ApS) C:\Users\Merlin-hs\Downloads\UnityWebPlayer.exe 2014-08-04 18:01 - 2014-08-04 18:01 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Local\Unity 2014-08-02 12:09 - 2014-08-02 12:06 - 27039268 _____ () C:\Users\Merlin-hs\Downloads\demo_level_final.blend 2014-07-29 23:10 - 2014-07-29 23:00 - 00004608 _____ () C:\Users\Merlin-hs\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-07-28 22:24 - 2014-07-28 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation 2014-07-28 22:24 - 2014-07-28 22:22 - 58448062 _____ () C:\Users\Merlin-hs\Downloads\blender-2.71-windows64.exe 2014-07-28 22:24 - 2013-10-29 21:50 - 00000000 ____D () C:\Program Files\Blender Foundation 2014-07-28 22:22 - 2014-07-28 22:10 - 167150967 _____ () C:\Users\Merlin-hs\Downloads\BlenderGuru+-+Baking_PrisonHall.blend 2014-07-28 20:21 - 2014-07-28 20:16 - 54058886 _____ () C:\Users\Merlin-hs\Downloads\BlenderGuru_Baking_LivingRoom.blend 2014-07-26 11:36 - 2013-10-08 23:11 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Roaming\Winamp 2014-07-25 08:48 - 2013-12-20 20:59 - 00001029 _____ () C:\Users\Merlin-hs\Desktop\Dropbox.lnk 2014-07-25 08:48 - 2013-12-20 20:57 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-07-24 22:45 - 2014-07-24 22:44 - 00000000 ____D () C:\AdwCleaner 2014-07-24 22:43 - 2014-07-24 22:43 - 01354223 _____ () C:\Users\Merlin-hs\Downloads\adwcleaner_3.216.exe 2014-07-24 19:16 - 2014-06-25 22:40 - 00000000 ____D () C:\Program Files (x86)\PDFCreator 2014-07-24 19:16 - 2014-04-05 22:51 - 00000000 ____D () C:\Users\Merlin-hs\AppData\Roaming\DAEMON Tools Lite 2014-07-24 19:15 - 2014-07-24 19:15 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-24 19:15 - 2014-07-24 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-24 19:15 - 2014-07-24 19:15 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-24 19:15 - 2014-07-24 19:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-24 17:37 - 2014-06-03 22:16 - 00000000 ____D () C:\Lispy 2014-07-15 12:52 - 2014-07-15 12:49 - 00000000 ____D () C:\Users\Merlin-hs\Documents\AutoCAD Sheet Sets Some content of TEMP: ==================== C:\Users\Merlin-hs\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxeukvr.dll C:\Users\Merlin-hs\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-09 11:07 ==================== End Of Log ============================