Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-10-2014 01 Ran by Nowa Era (administrator) on IBOX-DESKTOP on 18-10-2014 16:01:22 Running from C:\Users\Nowa Era\Desktop\Downloads Loaded Profile: Nowa Era (Available profiles: Nowa Era & bbbb & Gość) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe (Fuyu LIMITED) C:\ProgramData\WindowsProtectManger\wprotectmanager.exe (Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe (Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe () C:\Windows\update.7.1\svchostdriver.exe (Teruten) C:\Windows\System32\FsUsbExService.Exe () C:\Windows\System32\dmwu.exe () C:\Windows\System32\srvany.exe () C:\Windows\KMService.exe (Mobogenie.com) C:\Program Files\Mobogenie3\MobogenieService.exe () C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe (PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe () C:\Windows\System32\PnkBstrA.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (esc) C:\Program Files\TheTorntv V10\eb94b16e-1067-4ff7-bf7a-66a081b38643.exe (Blabbers Communications Ltd) C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe (Blabbers Communications Ltd) C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe (Plus HD) C:\Program Files\Plus-HD-9.4\Plus-HD-9.4-nova.exe (esc) C:\Program Files\TheTorntv V10\586f69c1-a224-4045-bacd-9a2247fe80b3-6.exe () C:\Windows\Temp\dgen.exe () C:\Windows\update.5.0\svchost.exe () C:\Windows\update.2\svchost.exe () C:\Windows\update.5.0\svchost.exe () C:\Windows\sysdriver32.exe () C:\Program Files\SoftwareUpdater\UpdaterService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ClientConnect Ltd.) C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe (TorchMedia Inc.) C:\Users\Oko.iBOX-Desktop.000\AppData\Local\Torch\Update\TorchCrashHandler.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (Cronosoft) C:\Windows\update.1\svchost.exe () C:\Windows\update.2\svchost.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (Somoto) C:\Users\Nowa Era\AppData\Local\FilesFrog Update Checker\update_checker.exe () C:\Windows\System32\mjcm\dnkt.exe (Microsoft Corporation) C:\Windows\System32\schtasks.exe (Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe (Pokki) C:\Users\Nowa Era\AppData\Local\Pokki\Engine\pokki.exe (OOO Industry) C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe (SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe (SMART Technologies ULC) C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe () C:\Program Files\AVG Secure Search\vprot.exe () C:\Program Files\fst_pl_131\fst_pl_131.exe (Joyent, Inc) C:\Program Files\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Akamai Technologies, Inc.) C:\Users\Nowa Era\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Users\Nowa Era\AppData\Local\lptaeaej.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Akamai Technologies, Inc.) C:\Users\Nowa Era\AppData\Local\Akamai\netsession_win.exe () C:\Windows\update.2\svchost.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe () C:\Windows\update.2\svchost.exe () C:\Windows\update.2\svchost.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe () C:\Windows\update.2\svchost.exe (Pokki) C:\Users\Nowa Era\AppData\Local\Pokki\Engine\pokki.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Pay By Ads LTD) C:\Users\Nowa Era\AppData\Local\onlysearch\onlysearch\1.3.12.9\onlysearch.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe () C:\Windows\update.7.1\svchostdriver.exe () C:\Windows\System32\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [PrivitizeVPN] => C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe [196784 2013-07-16] (OOO Industry) HKLM\...\Run: [BasicScan Service] => C:\Program Files\BasicScan\basicscan.exe [23040 2012-10-23] () HKLM\...\Run: [sbsdk-server] => C:\Program Files\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62360 2012-10-24] (SMART Technologies) HKLM\...\Run: [SMART Board Service] => C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe [2219416 2012-10-24] (SMART Technologies) HKLM\...\Run: [SMART Board Tools] => C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe [10132336 2012-03-09] (SMART Technologies ULC) HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2544664 2014-04-14] () HKLM\...\Run: [fst_pl_131] => C:\Program Files\fst_pl_131\fst_pl_131.exe [3980280 2014-06-13] () HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKU\S-1-5-21-1495774856-1328017135-2697362928-1019\...\Run: [Akamai NetSession Interface] => C:\Users\Nowa Era\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-1495774856-1328017135-2697362928-1019\...\Run: [NextLive] => C:\Windows\system32\rundll32.exe "C:\Users\Nowa Era\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l HKU\S-1-5-21-1495774856-1328017135-2697362928-1019\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2014-10-13] (Glarysoft Ltd) HKU\S-1-5-21-1495774856-1328017135-2697362928-1019\...\Run: [APISupport] => "C:\Windows\system32\Rundll32.exe" "C:\Users\Nowa Era\AppData\Local\TB\APISupport\APISupport.dll",DLLRunAPISupport <===== ATTENTION HKU\S-1-5-21-1495774856-1328017135-2697362928-1019\...\Run: [lptaeaej] => c:\users\nowa era\appdata\local\lptaeaej.exe [1839104 2014-07-11] () HKU\S-1-5-21-1495774856-1328017135-2697362928-1019\...\Run: [NvidiaHostStart] => C:\Users\Nowa Era\AppData\Local\NVIDIA Corporation\nvsync.exe [55296 2014-08-09] () HKU\S-1-5-21-1495774856-1328017135-2697362928-1019\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd) HKU\S-1-5-21-1495774856-1328017135-2697362928-1019\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1495774856-1328017135-2697362928-1019\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-1495774856-1328017135-2697362928-1019\...\Winlogon: [Shell] C:\Users\Nowa Era\AppData\Local\5e981d0d\X [58368 2014-02-19] () <==== ATTENTION HKU\S-1-5-18\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-18\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 AppInit_DLLs: C:\PROGRA~1\SupTab\SearchProtect32.dll => C:\Program Files\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.) IFEO: [Debugger] svchost.exe IFEO\a.exe: [Debugger] svchost.exe IFEO\aAvgApi.exe: [Debugger] svchost.exe IFEO\AAWTray.exe: [Debugger] svchost.exe IFEO\About.exe: [Debugger] svchost.exe IFEO\ackwin32.exe: [Debugger] svchost.exe IFEO\Ad-Aware.exe: [Debugger] svchost.exe IFEO\adaware.exe: [Debugger] svchost.exe IFEO\advxdwin.exe: [Debugger] svchost.exe IFEO\AdwarePrj.exe: [Debugger] svchost.exe IFEO\agentsvr.exe: [Debugger] svchost.exe IFEO\agentw.exe: [Debugger] svchost.exe IFEO\alertsvc.exe: [Debugger] svchost.exe IFEO\alevir.exe: [Debugger] svchost.exe IFEO\alogserv.exe: [Debugger] svchost.exe IFEO\AlphaAV: [Debugger] svchost.exe IFEO\AlphaAV.exe: [Debugger] svchost.exe IFEO\AluSchedulerSvc.exe: [Debugger] svchost.exe IFEO\amon9x.exe: [Debugger] svchost.exe IFEO\anti-trojan.exe: [Debugger] svchost.exe IFEO\Anti-Virus Professional.exe: [Debugger] svchost.exe IFEO\AntispywarXP2009.exe: [Debugger] svchost.exe IFEO\antivirus.exe: [Debugger] svchost.exe IFEO\AntivirusPlus: [Debugger] svchost.exe IFEO\AntivirusPlus.exe: [Debugger] svchost.exe IFEO\AntivirusPro_2010.exe: [Debugger] svchost.exe IFEO\AntivirusXP: [Debugger] svchost.exe IFEO\AntivirusXP.exe: [Debugger] svchost.exe IFEO\antivirusxppro2009.exe: [Debugger] svchost.exe IFEO\AntiVirus_Pro.exe: [Debugger] svchost.exe IFEO\ants.exe: [Debugger] svchost.exe IFEO\apimonitor.exe: [Debugger] svchost.exe IFEO\aplica32.exe: [Debugger] svchost.exe IFEO\apvxdwin.exe: [Debugger] svchost.exe IFEO\arr.exe: [Debugger] svchost.exe IFEO\Arrakis3.exe: [Debugger] svchost.exe IFEO\ashAvast.exe: [Debugger] svchost.exe IFEO\ashBug.exe: [Debugger] svchost.exe IFEO\ashChest.exe: [Debugger] svchost.exe IFEO\ashCnsnt.exe: [Debugger] svchost.exe IFEO\ashDisp.exe: [Debugger] svchost.exe IFEO\ashLogV.exe: [Debugger] svchost.exe IFEO\ashMaiSv.exe: [Debugger] svchost.exe IFEO\ashPopWz.exe: [Debugger] svchost.exe IFEO\ashQuick.exe: [Debugger] svchost.exe IFEO\ashServ.exe: [Debugger] svchost.exe IFEO\ashSimp2.exe: [Debugger] svchost.exe IFEO\ashSimpl.exe: [Debugger] svchost.exe IFEO\ashSkPcc.exe: [Debugger] svchost.exe IFEO\ashSkPck.exe: [Debugger] svchost.exe IFEO\ashUpd.exe: [Debugger] svchost.exe IFEO\ashWebSv.exe: [Debugger] svchost.exe IFEO\aswChLic.exe: [Debugger] svchost.exe IFEO\aswRegSvr.exe: [Debugger] svchost.exe IFEO\aswRunDll.exe: [Debugger] svchost.exe IFEO\aswUpdSv.exe: [Debugger] svchost.exe IFEO\atcon.exe: [Debugger] svchost.exe IFEO\atguard.exe: [Debugger] svchost.exe IFEO\atro55en.exe: [Debugger] svchost.exe IFEO\atupdater.exe: [Debugger] svchost.exe IFEO\atwatch.exe: [Debugger] svchost.exe IFEO\au.exe: [Debugger] svchost.exe IFEO\aupdate.exe: [Debugger] svchost.exe IFEO\auto-protect.nav80try.exe: [Debugger] svchost.exe IFEO\autodown.exe: [Debugger] svchost.exe IFEO\autotrace.exe: [Debugger] svchost.exe IFEO\autoupdate.exe: [Debugger] svchost.exe IFEO\av360.exe: [Debugger] svchost.exe IFEO\avadmin.exe: [Debugger] svchost.exe IFEO\AVCare.exe: [Debugger] svchost.exe IFEO\avcenter.exe: [Debugger] svchost.exe IFEO\avciman.exe: [Debugger] svchost.exe IFEO\avconfig.exe: [Debugger] svchost.exe IFEO\avconsol.exe: [Debugger] svchost.exe IFEO\ave32.exe: [Debugger] svchost.exe IFEO\AVENGINE.EXE: [Debugger] svchost.exe IFEO\avgcc32.exe: [Debugger] svchost.exe IFEO\avgchk.exe: [Debugger] svchost.exe IFEO\avgcmgr.exe: [Debugger] svchost.exe IFEO\avgcsrvx.exe: [Debugger] svchost.exe IFEO\avgctrl.exe: [Debugger] svchost.exe IFEO\avgdumpx.exe: [Debugger] svchost.exe IFEO\avgemc.exe: [Debugger] svchost.exe IFEO\avgiproxy.exe: [Debugger] svchost.exe IFEO\avgnsx.exe: [Debugger] svchost.exe IFEO\avgnt.exe: [Debugger] svchost.exe IFEO\avgrsx.exe: [Debugger] svchost.exe IFEO\avgscanx.exe: [Debugger] svchost.exe IFEO\avgserv.exe: [Debugger] svchost.exe IFEO\avgserv9.exe: [Debugger] svchost.exe IFEO\avgsrmax.exe: [Debugger] svchost.exe IFEO\avgtray.exe: [Debugger] svchost.exe IFEO\avgui.exe: [Debugger] svchost.exe IFEO\avgupd.exe: [Debugger] svchost.exe IFEO\avgw.exe: [Debugger] svchost.exe IFEO\avgwdsvc.exe: [Debugger] svchost.exe IFEO\avkpop.exe: [Debugger] svchost.exe IFEO\avkserv.exe: [Debugger] svchost.exe IFEO\avkservice.exe: [Debugger] svchost.exe IFEO\avkwctl9.exe: [Debugger] svchost.exe IFEO\avltmain.exe: [Debugger] svchost.exe IFEO\avmailc.exe: [Debugger] svchost.exe IFEO\avmcdlg.exe: [Debugger] svchost.exe IFEO\avnotify.exe: [Debugger] svchost.exe IFEO\avnt.exe: [Debugger] svchost.exe IFEO\avp32.exe: [Debugger] svchost.exe IFEO\avpcc.exe: [Debugger] svchost.exe IFEO\avpdos32.exe: [Debugger] svchost.exe IFEO\avpm.exe: [Debugger] svchost.exe IFEO\avptc32.exe: [Debugger] svchost.exe IFEO\avpupd.exe: [Debugger] svchost.exe IFEO\avsched32.exe: [Debugger] svchost.exe IFEO\avsynmgr.exe: [Debugger] svchost.exe IFEO\avupgsvc.exe: [Debugger] svchost.exe IFEO\AVWEBGRD.EXE: [Debugger] svchost.exe IFEO\avwin.exe: [Debugger] svchost.exe IFEO\avwin95.exe: [Debugger] svchost.exe IFEO\avwinnt.exe: [Debugger] svchost.exe IFEO\avwsc.exe: [Debugger] svchost.exe IFEO\avwupd.exe: [Debugger] svchost.exe IFEO\avwupd32.exe: [Debugger] svchost.exe IFEO\avwupsrv.exe: [Debugger] svchost.exe IFEO\avxmonitor9x.exe: [Debugger] svchost.exe IFEO\avxmonitornt.exe: [Debugger] svchost.exe IFEO\avxquar.exe: [Debugger] svchost.exe IFEO\b.exe: [Debugger] svchost.exe IFEO\backweb.exe: [Debugger] svchost.exe IFEO\bargains.exe: [Debugger] svchost.exe IFEO\bdagent.exe: [Debugger] svchost.exe IFEO\bdfvcl.exe: [Debugger] svchost.exe IFEO\bdfvwiz.exe: [Debugger] svchost.exe IFEO\BDInProcPatch.exe: [Debugger] svchost.exe IFEO\bdmcon.exe: [Debugger] svchost.exe IFEO\BDMsnScan.exe: [Debugger] svchost.exe IFEO\bdreinit.exe: [Debugger] svchost.exe IFEO\bdsubwiz.exe: [Debugger] svchost.exe IFEO\BDSurvey.exe: [Debugger] svchost.exe IFEO\bdtkexec.exe: [Debugger] svchost.exe IFEO\bdwizreg.exe: [Debugger] svchost.exe IFEO\bd_professional.exe: [Debugger] svchost.exe IFEO\beagle.exe: [Debugger] svchost.exe IFEO\belt.exe: [Debugger] svchost.exe IFEO\bidef.exe: [Debugger] svchost.exe IFEO\bidserver.exe: [Debugger] svchost.exe IFEO\bipcp.exe: [Debugger] svchost.exe IFEO\bipcpevalsetup.exe: [Debugger] svchost.exe IFEO\bisp.exe: [Debugger] svchost.exe IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\blackd.exe: [Debugger] svchost.exe IFEO\blackice.exe: [Debugger] svchost.exe IFEO\blink.exe: [Debugger] svchost.exe IFEO\blss.exe: [Debugger] svchost.exe IFEO\bootconf.exe: [Debugger] svchost.exe IFEO\bootwarn.exe: [Debugger] svchost.exe IFEO\borg2.exe: [Debugger] svchost.exe IFEO\bpc.exe: [Debugger] svchost.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\brasil.exe: [Debugger] svchost.exe IFEO\brastk.exe: [Debugger] svchost.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\brw.exe: [Debugger] svchost.exe IFEO\bs120.exe: [Debugger] svchost.exe IFEO\bspatch.exe: [Debugger] svchost.exe IFEO\bundle.exe: [Debugger] svchost.exe IFEO\bvt.exe: [Debugger] svchost.exe IFEO\c.exe: [Debugger] svchost.exe IFEO\cavscan.exe: [Debugger] svchost.exe IFEO\ccapp.exe: [Debugger] svchost.exe IFEO\ccevtmgr.exe: [Debugger] svchost.exe IFEO\ccpxysvc.exe: [Debugger] svchost.exe IFEO\cdp.exe: [Debugger] svchost.exe IFEO\cfd.exe: [Debugger] svchost.exe IFEO\cfgwiz.exe: [Debugger] svchost.exe IFEO\cfiadmin.exe: [Debugger] svchost.exe IFEO\cfiaudit.exe: [Debugger] svchost.exe IFEO\cfinet.exe: [Debugger] svchost.exe IFEO\cfinet32.exe: [Debugger] svchost.exe IFEO\cfp.exe: [Debugger] svchost.exe IFEO\cfpconfg.exe: [Debugger] svchost.exe IFEO\cfplogvw.exe: [Debugger] svchost.exe IFEO\cfpupdat.exe: [Debugger] svchost.exe IFEO\Cl.exe: [Debugger] svchost.exe IFEO\claw95.exe: [Debugger] svchost.exe IFEO\claw95cf.exe: [Debugger] svchost.exe IFEO\clean.exe: [Debugger] svchost.exe IFEO\cleaner.exe: [Debugger] svchost.exe IFEO\cleaner3.exe: [Debugger] svchost.exe IFEO\cleanIELow.exe: [Debugger] svchost.exe IFEO\cleanpc.exe: [Debugger] svchost.exe IFEO\click.exe: [Debugger] svchost.exe IFEO\cmd32.exe: [Debugger] svchost.exe IFEO\cmdagent.exe: [Debugger] svchost.exe IFEO\cmesys.exe: [Debugger] svchost.exe IFEO\cmgrdian.exe: [Debugger] svchost.exe IFEO\cmon016.exe: [Debugger] svchost.exe IFEO\connectionmonitor.exe: [Debugger] svchost.exe IFEO\control: [Debugger] svchost.exe IFEO\cpd.exe: [Debugger] svchost.exe IFEO\cpf9x206.exe: [Debugger] svchost.exe IFEO\cpfnt206.exe: [Debugger] svchost.exe IFEO\crashrep.exe: [Debugger] svchost.exe IFEO\csc.exe: [Debugger] svchost.exe IFEO\cssconfg.exe: [Debugger] svchost.exe IFEO\cssupdat.exe: [Debugger] svchost.exe IFEO\cssurf.exe: [Debugger] svchost.exe IFEO\ctrl.exe: [Debugger] svchost.exe IFEO\cv.exe: [Debugger] svchost.exe IFEO\cwnb181.exe: [Debugger] svchost.exe IFEO\cwntdwmo.exe: [Debugger] svchost.exe IFEO\d.exe: [Debugger] svchost.exe IFEO\datemanager.exe: [Debugger] svchost.exe IFEO\dcomx.exe: [Debugger] svchost.exe IFEO\defalert.exe: [Debugger] svchost.exe IFEO\defscangui.exe: [Debugger] svchost.exe IFEO\defwatch.exe: [Debugger] svchost.exe IFEO\deloeminfs.exe: [Debugger] svchost.exe IFEO\deputy.exe: [Debugger] svchost.exe IFEO\divx.exe: [Debugger] svchost.exe IFEO\dllcache.exe: [Debugger] svchost.exe IFEO\dllreg.exe: [Debugger] svchost.exe IFEO\doors.exe: [Debugger] svchost.exe IFEO\dop.exe: [Debugger] svchost.exe IFEO\dpf.exe: [Debugger] svchost.exe IFEO\dpfsetup.exe: [Debugger] svchost.exe IFEO\dpps2.exe: [Debugger] svchost.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\driverctrl.exe: [Debugger] svchost.exe IFEO\drwatson.exe: [Debugger] svchost.exe IFEO\drweb32.exe: [Debugger] svchost.exe IFEO\drwebupw.exe: [Debugger] svchost.exe IFEO\dssagent.exe: [Debugger] svchost.exe IFEO\dvp95.exe: [Debugger] svchost.exe IFEO\dvp95_0.exe: [Debugger] svchost.exe IFEO\ecengine.exe: [Debugger] svchost.exe IFEO\efpeadm.exe: [Debugger] svchost.exe IFEO\egui.exe: [Debugger] svchost.exe IFEO\ekrn.exe: [Debugger] svchost.exe IFEO\emsw.exe: [Debugger] svchost.exe IFEO\ent.exe: [Debugger] svchost.exe IFEO\esafe.exe: [Debugger] svchost.exe IFEO\escanhnt.exe: [Debugger] svchost.exe IFEO\escanv95.exe: [Debugger] svchost.exe IFEO\espwatch.exe: [Debugger] svchost.exe IFEO\ethereal.exe: [Debugger] svchost.exe IFEO\etrustcipe.exe: [Debugger] svchost.exe IFEO\evpn.exe: [Debugger] svchost.exe IFEO\exantivirus-cnet.exe: [Debugger] svchost.exe IFEO\exe.avxw.exe: [Debugger] svchost.exe IFEO\expert.exe: [Debugger] svchost.exe IFEO\explore.exe: [Debugger] svchost.exe IFEO\f-agnt95.exe: [Debugger] svchost.exe IFEO\f-prot.exe: [Debugger] svchost.exe IFEO\f-prot95.exe: [Debugger] svchost.exe IFEO\f-stopw.exe: [Debugger] svchost.exe IFEO\fact.exe: [Debugger] svchost.exe IFEO\fameh32.exe: [Debugger] svchost.exe IFEO\fast.exe: [Debugger] svchost.exe IFEO\fch32.exe: [Debugger] svchost.exe IFEO\fih32.exe: [Debugger] svchost.exe IFEO\findviru.exe: [Debugger] svchost.exe IFEO\firewall.exe: [Debugger] svchost.exe IFEO\fixcfg.exe: [Debugger] svchost.exe IFEO\fixfp.exe: [Debugger] svchost.exe IFEO\fnrb32.exe: [Debugger] svchost.exe IFEO\fp-win.exe: [Debugger] svchost.exe IFEO\fp-win_trial.exe: [Debugger] svchost.exe IFEO\fprot.exe: [Debugger] svchost.exe IFEO\frmwrk32.exe: [Debugger] svchost.exe IFEO\frw.exe: [Debugger] svchost.exe IFEO\fsaa.exe: [Debugger] svchost.exe IFEO\fsav.exe: [Debugger] svchost.exe IFEO\fsav32.exe: [Debugger] svchost.exe IFEO\fsav530stbyb.exe: [Debugger] svchost.exe IFEO\fsav530wtbyb.exe: [Debugger] svchost.exe IFEO\fsav95.exe: [Debugger] svchost.exe IFEO\fsgk32.exe: [Debugger] svchost.exe IFEO\fsm32.exe: [Debugger] svchost.exe IFEO\fsma32.exe: [Debugger] svchost.exe IFEO\fsmb32.exe: [Debugger] svchost.exe IFEO\gator.exe: [Debugger] svchost.exe IFEO\gav.exe: [Debugger] svchost.exe IFEO\gbmenu.exe: [Debugger] svchost.exe IFEO\gbn976rl.exe: [Debugger] svchost.exe IFEO\gbpoll.exe: [Debugger] svchost.exe IFEO\generics.exe: [Debugger] svchost.exe IFEO\gmt.exe: [Debugger] svchost.exe IFEO\guard.exe: [Debugger] svchost.exe IFEO\guarddog.exe: [Debugger] svchost.exe IFEO\guardgui.exe: [Debugger] svchost.exe IFEO\hacktracersetup.exe: [Debugger] svchost.exe IFEO\hbinst.exe: [Debugger] svchost.exe IFEO\hbsrv.exe: [Debugger] svchost.exe IFEO\History.exe: [Debugger] svchost.exe IFEO\homeav2010.exe: [Debugger] svchost.exe IFEO\hotactio.exe: [Debugger] svchost.exe IFEO\hotpatch.exe: [Debugger] svchost.exe IFEO\htlog.exe: [Debugger] svchost.exe IFEO\htpatch.exe: [Debugger] svchost.exe IFEO\hwpe.exe: [Debugger] svchost.exe IFEO\hxdl.exe: [Debugger] svchost.exe IFEO\hxiul.exe: [Debugger] svchost.exe IFEO\iamapp.exe: [Debugger] svchost.exe IFEO\iamserv.exe: [Debugger] svchost.exe IFEO\iamstats.exe: [Debugger] svchost.exe IFEO\ibmasn.exe: [Debugger] svchost.exe IFEO\ibmavsp.exe: [Debugger] svchost.exe IFEO\icload95.exe: [Debugger] svchost.exe IFEO\icloadnt.exe: [Debugger] svchost.exe IFEO\icmon.exe: [Debugger] svchost.exe IFEO\icsupp95.exe: [Debugger] svchost.exe IFEO\icsuppnt.exe: [Debugger] svchost.exe IFEO\Identity.exe: [Debugger] svchost.exe IFEO\idle.exe: [Debugger] svchost.exe IFEO\iedll.exe: [Debugger] svchost.exe IFEO\iedriver.exe: [Debugger] svchost.exe IFEO\IEShow.exe: [Debugger] svchost.exe IFEO\iface.exe: [Debugger] svchost.exe IFEO\ifw2000.exe: [Debugger] svchost.exe IFEO\inetlnfo.exe: [Debugger] svchost.exe IFEO\infus.exe: [Debugger] svchost.exe IFEO\infwin.exe: [Debugger] svchost.exe IFEO\init.exe: [Debugger] svchost.exe IFEO\init32.exe : [Debugger] svchost.exe IFEO\install.exe: [Debugger] svchost.exe IFEO\install[1].exe: [Debugger] svchost.exe IFEO\install[2].exe: [Debugger] svchost.exe IFEO\install[3].exe: [Debugger] svchost.exe IFEO\install[4].exe: [Debugger] svchost.exe IFEO\install[5].exe: [Debugger] svchost.exe IFEO\intdel.exe: [Debugger] svchost.exe IFEO\intren.exe: [Debugger] svchost.exe IFEO\iomon98.exe: [Debugger] svchost.exe IFEO\istsvc.exe: [Debugger] svchost.exe IFEO\jammer.exe: [Debugger] svchost.exe IFEO\jdbgmrg.exe: [Debugger] svchost.exe IFEO\jedi.exe: [Debugger] svchost.exe IFEO\JsRcGen.exe: [Debugger] svchost.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\kavlite40eng.exe: [Debugger] svchost.exe IFEO\kavpers40eng.exe: [Debugger] svchost.exe IFEO\kavpf.exe: [Debugger] svchost.exe IFEO\kazza.exe: [Debugger] svchost.exe IFEO\keenvalue.exe: [Debugger] svchost.exe IFEO\kerio-pf-213-en-win.exe: [Debugger] svchost.exe IFEO\kerio-wrl-421-en-win.exe: [Debugger] svchost.exe IFEO\kerio-wrp-421-en-win.exe: [Debugger] svchost.exe IFEO\killprocesssetup161.exe: [Debugger] svchost.exe IFEO\ldnetmon.exe: [Debugger] svchost.exe IFEO\ldpro.exe: [Debugger] svchost.exe IFEO\ldpromenu.exe: [Debugger] svchost.exe IFEO\ldscan.exe: [Debugger] svchost.exe IFEO\licmgr.exe: [Debugger] svchost.exe IFEO\livesrv.exe: [Debugger] svchost.exe IFEO\lnetinfo.exe: [Debugger] svchost.exe IFEO\loader.exe: [Debugger] svchost.exe IFEO\localnet.exe: [Debugger] svchost.exe IFEO\lockdown.exe: [Debugger] svchost.exe IFEO\lockdown2000.exe: [Debugger] svchost.exe IFEO\lookout.exe: [Debugger] svchost.exe IFEO\lordpe.exe: [Debugger] svchost.exe IFEO\lsetup.exe: [Debugger] svchost.exe IFEO\luall.exe: [Debugger] svchost.exe IFEO\luau.exe: [Debugger] svchost.exe IFEO\lucomserver.exe: [Debugger] svchost.exe IFEO\luinit.exe: [Debugger] svchost.exe IFEO\luspt.exe: [Debugger] svchost.exe IFEO\MalwareRemoval.exe: [Debugger] svchost.exe IFEO\mapisvc32.exe: [Debugger] svchost.exe IFEO\mcagent.exe: [Debugger] svchost.exe IFEO\mcmnhdlr.exe: [Debugger] svchost.exe IFEO\mcmscsvc.exe: [Debugger] svchost.exe IFEO\mcnasvc.exe: [Debugger] svchost.exe IFEO\mcproxy.exe: [Debugger] svchost.exe IFEO\McSACore.exe: [Debugger] svchost.exe IFEO\mcshell.exe: [Debugger] svchost.exe IFEO\mcshield.exe: [Debugger] svchost.exe IFEO\mcsysmon.exe: [Debugger] svchost.exe IFEO\mctool.exe: [Debugger] svchost.exe IFEO\mcupdate.exe: [Debugger] svchost.exe IFEO\mcvsrte.exe: [Debugger] svchost.exe IFEO\mcvsshld.exe: [Debugger] svchost.exe IFEO\md.exe: [Debugger] svchost.exe IFEO\mfin32.exe: [Debugger] svchost.exe IFEO\mfw2en.exe: [Debugger] svchost.exe IFEO\mfweng3.02d30.exe: [Debugger] svchost.exe IFEO\mgavrtcl.exe: [Debugger] svchost.exe IFEO\mgavrte.exe: [Debugger] svchost.exe IFEO\mghtml.exe: [Debugger] svchost.exe IFEO\mgui.exe: [Debugger] svchost.exe IFEO\minilog.exe: [Debugger] svchost.exe IFEO\mmod.exe: [Debugger] svchost.exe IFEO\monitor.exe: [Debugger] svchost.exe IFEO\moolive.exe: [Debugger] svchost.exe IFEO\mostat.exe: [Debugger] svchost.exe IFEO\mpfagent.exe: [Debugger] svchost.exe IFEO\mpfservice.exe: [Debugger] svchost.exe IFEO\MPFSrv.exe: [Debugger] svchost.exe IFEO\mpftray.exe: [Debugger] svchost.exe IFEO\mrflux.exe: [Debugger] svchost.exe IFEO\mrt.exe: [Debugger] svchost.exe IFEO\msa.exe: [Debugger] svchost.exe IFEO\msapp.exe: [Debugger] svchost.exe IFEO\MSASCui.exe: [Debugger] svchost.exe IFEO\msbb.exe: [Debugger] svchost.exe IFEO\msblast.exe: [Debugger] svchost.exe IFEO\mscache.exe: [Debugger] svchost.exe IFEO\msccn32.exe: [Debugger] svchost.exe IFEO\mscman.exe: [Debugger] svchost.exe IFEO\msconfig: [Debugger] svchost.exe IFEO\msdm.exe: [Debugger] svchost.exe IFEO\msdos.exe: [Debugger] svchost.exe IFEO\msiexec16.exe: [Debugger] svchost.exe IFEO\mslaugh.exe: [Debugger] svchost.exe IFEO\msmgt.exe: [Debugger] svchost.exe IFEO\msmsgri32.exe: [Debugger] svchost.exe IFEO\msseces.exe: [Debugger] svchost.exe IFEO\mssmmc32.exe: [Debugger] svchost.exe IFEO\mssys.exe: [Debugger] svchost.exe IFEO\msvxd.exe: [Debugger] svchost.exe IFEO\mu0311ad.exe: [Debugger] svchost.exe IFEO\mwatch.exe: [Debugger] svchost.exe IFEO\n32scanw.exe: [Debugger] svchost.exe IFEO\nav.exe: [Debugger] svchost.exe IFEO\navap.navapsvc.exe: [Debugger] svchost.exe IFEO\navapsvc.exe: [Debugger] svchost.exe IFEO\navapw32.exe: [Debugger] svchost.exe IFEO\navdx.exe: [Debugger] svchost.exe IFEO\navlu32.exe: [Debugger] svchost.exe IFEO\navnt.exe: [Debugger] svchost.exe IFEO\navstub.exe: [Debugger] svchost.exe IFEO\nc2000.exe: [Debugger] svchost.exe IFEO\ncinst4.exe: [Debugger] svchost.exe IFEO\ndd32.exe: [Debugger] svchost.exe IFEO\neomonitor.exe: [Debugger] svchost.exe IFEO\neowatchlog.exe: [Debugger] svchost.exe IFEO\netarmor.exe: [Debugger] svchost.exe IFEO\netd32.exe: [Debugger] svchost.exe IFEO\netinfo.exe: [Debugger] svchost.exe IFEO\netmon.exe: [Debugger] svchost.exe IFEO\netscanpro.exe: [Debugger] svchost.exe IFEO\netspyhunter-1.2.exe: [Debugger] svchost.exe IFEO\netutils.exe: [Debugger] svchost.exe IFEO\nisserv.exe: [Debugger] svchost.exe IFEO\nisum.exe: [Debugger] svchost.exe IFEO\nmain.exe: [Debugger] svchost.exe IFEO\nod32.exe: [Debugger] svchost.exe IFEO\normist.exe: [Debugger] svchost.exe IFEO\norton_internet_secu_3.0_407.exe: [Debugger] svchost.exe IFEO\notstart.exe: [Debugger] svchost.exe IFEO\npf40_tw_98_nt_me_2k.exe: [Debugger] svchost.exe IFEO\npfmessenger.exe: [Debugger] svchost.exe IFEO\nprotect.exe: [Debugger] svchost.exe IFEO\npscheck.exe: [Debugger] svchost.exe IFEO\npssvc.exe: [Debugger] svchost.exe IFEO\nsched32.exe: [Debugger] svchost.exe IFEO\nssys32.exe: [Debugger] svchost.exe IFEO\nstask32.exe: [Debugger] svchost.exe IFEO\nsupdate.exe: [Debugger] svchost.exe IFEO\nt.exe: [Debugger] svchost.exe IFEO\ntrtscan.exe: [Debugger] svchost.exe IFEO\ntvdm.exe: [Debugger] svchost.exe IFEO\ntxconfig.exe: [Debugger] svchost.exe IFEO\nui.exe: [Debugger] svchost.exe IFEO\nupgrade.exe: [Debugger] svchost.exe IFEO\nvarch16.exe: [Debugger] svchost.exe IFEO\nvc95.exe: [Debugger] svchost.exe IFEO\nvsvc32.exe: [Debugger] svchost.exe IFEO\nwinst4.exe: [Debugger] svchost.exe IFEO\nwservice.exe: [Debugger] svchost.exe IFEO\nwtool16.exe: [Debugger] svchost.exe IFEO\OAcat.exe: [Debugger] svchost.exe IFEO\OAhlp.exe: [Debugger] svchost.exe IFEO\OAReg.exe: [Debugger] svchost.exe IFEO\oasrv.exe: [Debugger] svchost.exe IFEO\oaui.exe: [Debugger] svchost.exe IFEO\oaview.exe: [Debugger] svchost.exe IFEO\ODSW.exe: [Debugger] svchost.exe IFEO\ollydbg.exe: [Debugger] svchost.exe IFEO\OLT.exe: [Debugger] svchost.exe IFEO\onsrvr.exe: [Debugger] svchost.exe IFEO\optimize.exe: [Debugger] svchost.exe IFEO\ostronet.exe: [Debugger] svchost.exe IFEO\otfix.exe: [Debugger] svchost.exe IFEO\outpost.exe: [Debugger] svchost.exe IFEO\outpostinstall.exe: [Debugger] svchost.exe IFEO\outpostproinstall.exe: [Debugger] svchost.exe IFEO\ozn695m5.exe: [Debugger] svchost.exe IFEO\padmin.exe: [Debugger] svchost.exe IFEO\panixk.exe: [Debugger] svchost.exe IFEO\patch.exe: [Debugger] svchost.exe IFEO\pav.exe: [Debugger] svchost.exe IFEO\pavcl.exe: [Debugger] svchost.exe IFEO\PavFnSvr.exe: [Debugger] svchost.exe IFEO\pavproxy.exe: [Debugger] svchost.exe IFEO\pavprsrv.exe: [Debugger] svchost.exe IFEO\pavsched.exe: [Debugger] svchost.exe IFEO\pavsrv51.exe: [Debugger] svchost.exe IFEO\pavw.exe: [Debugger] svchost.exe IFEO\pc.exe: [Debugger] svchost.exe IFEO\pccwin98.exe: [Debugger] svchost.exe IFEO\pcfwallicon.exe: [Debugger] svchost.exe IFEO\pcip10117_0.exe: [Debugger] svchost.exe IFEO\pcscan.exe: [Debugger] svchost.exe IFEO\pctsAuxs.exe: [Debugger] svchost.exe IFEO\pctsGui.exe: [Debugger] svchost.exe IFEO\pctsSvc.exe: [Debugger] svchost.exe IFEO\pctsTray.exe: [Debugger] svchost.exe IFEO\PC_Antispyware2010.exe: [Debugger] svchost.exe IFEO\pdfndr.exe: [Debugger] svchost.exe IFEO\pdsetup.exe: [Debugger] svchost.exe IFEO\PerAvir.exe: [Debugger] svchost.exe IFEO\periscope.exe: [Debugger] svchost.exe IFEO\persfw.exe: [Debugger] svchost.exe IFEO\personalguard: [Debugger] svchost.exe IFEO\personalguard.exe: [Debugger] svchost.exe IFEO\perswf.exe: [Debugger] svchost.exe IFEO\pf2.exe: [Debugger] svchost.exe IFEO\pfwadmin.exe: [Debugger] svchost.exe IFEO\pgmonitr.exe: [Debugger] svchost.exe IFEO\pingscan.exe: [Debugger] svchost.exe IFEO\platin.exe: [Debugger] svchost.exe IFEO\pop3trap.exe: [Debugger] svchost.exe IFEO\poproxy.exe: [Debugger] svchost.exe IFEO\popscan.exe: [Debugger] svchost.exe IFEO\portdetective.exe: [Debugger] svchost.exe IFEO\portmonitor.exe: [Debugger] svchost.exe IFEO\powerscan.exe: [Debugger] svchost.exe IFEO\ppinupdt.exe: [Debugger] svchost.exe IFEO\pptbc.exe: [Debugger] svchost.exe IFEO\ppvstop.exe: [Debugger] svchost.exe IFEO\prizesurfer.exe: [Debugger] svchost.exe IFEO\prmt.exe: [Debugger] svchost.exe IFEO\prmvr.exe: [Debugger] svchost.exe IFEO\procdump.exe: [Debugger] svchost.exe IFEO\processmonitor.exe: [Debugger] svchost.exe IFEO\procexplorerv1.0.exe: [Debugger] svchost.exe IFEO\programauditor.exe: [Debugger] svchost.exe IFEO\proport.exe: [Debugger] svchost.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\protector.exe: [Debugger] svchost.exe IFEO\protectx.exe: [Debugger] svchost.exe IFEO\PSANCU.exe: [Debugger] svchost.exe IFEO\PSANHost.exe: [Debugger] svchost.exe IFEO\PSANToManager.exe: [Debugger] svchost.exe IFEO\PsCtrls.exe: [Debugger] svchost.exe IFEO\PsImSvc.exe: [Debugger] svchost.exe IFEO\PskSvc.exe: [Debugger] svchost.exe IFEO\pspf.exe: [Debugger] svchost.exe IFEO\PSUNMain.exe: [Debugger] svchost.exe IFEO\purge.exe: [Debugger] svchost.exe IFEO\qconsole.exe: [Debugger] svchost.exe IFEO\qh.exe: [Debugger] svchost.exe IFEO\qserver.exe: [Debugger] svchost.exe IFEO\Quick Heal.exe: [Debugger] svchost.exe IFEO\QuickHealCleaner.exe: [Debugger] svchost.exe IFEO\rapapp.exe: [Debugger] svchost.exe IFEO\rav7.exe: [Debugger] svchost.exe IFEO\rav7win.exe: [Debugger] svchost.exe IFEO\rav8win32eng.exe: [Debugger] svchost.exe IFEO\ray.exe: [Debugger] svchost.exe IFEO\rb32.exe: [Debugger] svchost.exe IFEO\rcsync.exe: [Debugger] svchost.exe IFEO\realmon.exe: [Debugger] svchost.exe IFEO\reged.exe: [Debugger] svchost.exe IFEO\regedt32.exe: [Debugger] svchost.exe IFEO\rescue.exe: [Debugger] svchost.exe IFEO\rescue32.exe: [Debugger] svchost.exe IFEO\rrguard.exe: [Debugger] svchost.exe IFEO\rscdwld.exe: [Debugger] svchost.exe IFEO\rshell.exe: [Debugger] svchost.exe IFEO\rtvscan.exe: [Debugger] svchost.exe IFEO\rtvscn95.exe: [Debugger] svchost.exe IFEO\rulaunch.exe: [Debugger] svchost.exe IFEO\rwg: [Debugger] svchost.exe IFEO\rwg.exe: [Debugger] svchost.exe IFEO\SafetyKeeper.exe: [Debugger] svchost.exe IFEO\safeweb.exe: [Debugger] svchost.exe IFEO\sahagent.exe: [Debugger] svchost.exe IFEO\Save.exe: [Debugger] svchost.exe IFEO\SaveArmor.exe: [Debugger] svchost.exe IFEO\SaveDefense.exe: [Debugger] svchost.exe IFEO\SaveKeep.exe: [Debugger] svchost.exe IFEO\savenow.exe: [Debugger] svchost.exe IFEO\sbserv.exe: [Debugger] svchost.exe IFEO\sc.exe: [Debugger] svchost.exe IFEO\scam32.exe: [Debugger] svchost.exe IFEO\scan32.exe: [Debugger] svchost.exe IFEO\scan95.exe: [Debugger] svchost.exe IFEO\scanpm.exe: [Debugger] svchost.exe IFEO\scrscan.exe: [Debugger] svchost.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\seccenter.exe: [Debugger] svchost.exe IFEO\Secure Veteran.exe: [Debugger] svchost.exe IFEO\secureveteran.exe: [Debugger] svchost.exe IFEO\Security Center.exe: [Debugger] svchost.exe IFEO\SecurityFighter.exe: [Debugger] svchost.exe IFEO\securitysoldier.exe: [Debugger] svchost.exe IFEO\serv95.exe: [Debugger] svchost.exe IFEO\setloadorder.exe: [Debugger] svchost.exe IFEO\setupvameeval.exe: [Debugger] svchost.exe IFEO\setup_flowprotector_us.exe: [Debugger] svchost.exe IFEO\sgssfw32.exe: [Debugger] svchost.exe IFEO\sh.exe: [Debugger] svchost.exe IFEO\shellspyinstall.exe: [Debugger] svchost.exe IFEO\shield.exe: [Debugger] svchost.exe IFEO\shn.exe: [Debugger] svchost.exe IFEO\showbehind.exe: [Debugger] svchost.exe IFEO\signcheck.exe: [Debugger] svchost.exe IFEO\smart.exe: [Debugger] svchost.exe IFEO\smartprotector.exe: [Debugger] svchost.exe IFEO\smc.exe: [Debugger] svchost.exe IFEO\smrtdefp.exe: [Debugger] svchost.exe IFEO\sms.exe: [Debugger] svchost.exe IFEO\smss32.exe: [Debugger] svchost.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\snetcfg.exe: [Debugger] svchost.exe IFEO\soap.exe: [Debugger] svchost.exe IFEO\sofi.exe: [Debugger] svchost.exe IFEO\SoftSafeness.exe: [Debugger] svchost.exe IFEO\sperm.exe: [Debugger] svchost.exe IFEO\spf.exe: [Debugger] svchost.exe IFEO\sphinx.exe: [Debugger] svchost.exe IFEO\spoler.exe: [Debugger] svchost.exe IFEO\spoolcv.exe: [Debugger] svchost.exe IFEO\spoolsv32.exe: [Debugger] svchost.exe IFEO\spywarexpguard.exe: [Debugger] svchost.exe IFEO\spyxx.exe: [Debugger] svchost.exe IFEO\srexe.exe: [Debugger] svchost.exe IFEO\srng.exe: [Debugger] svchost.exe IFEO\ss3edit.exe: [Debugger] svchost.exe IFEO\ssgrate.exe: [Debugger] svchost.exe IFEO\ssg_4104.exe: [Debugger] svchost.exe IFEO\st2.exe: [Debugger] svchost.exe IFEO\start.exe: [Debugger] svchost.exe IFEO\stcloader.exe: [Debugger] svchost.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\supftrl.exe: [Debugger] svchost.exe IFEO\support.exe: [Debugger] svchost.exe IFEO\supporter5.exe: [Debugger] svchost.exe IFEO\svc.exe: [Debugger] svchost.exe IFEO\svchostc.exe: [Debugger] svchost.exe IFEO\svchosts.exe: [Debugger] svchost.exe IFEO\svshost.exe: [Debugger] svchost.exe IFEO\sweep95.exe: [Debugger] svchost.exe IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: [Debugger] svchost.exe IFEO\symlcsvc.exe: [Debugger] svchost.exe IFEO\symproxysvc.exe: [Debugger] svchost.exe IFEO\symtray.exe: [Debugger] svchost.exe IFEO\system.exe: [Debugger] svchost.exe IFEO\system32.exe: [Debugger] svchost.exe IFEO\sysupd.exe: [Debugger] svchost.exe IFEO\tapinstall.exe: [Debugger] svchost.exe IFEO\taskmgr.exe: [Debugger] svchost.exe IFEO\taumon.exe: [Debugger] svchost.exe IFEO\tbscan.exe: [Debugger] svchost.exe IFEO\tc.exe: [Debugger] svchost.exe IFEO\tca.exe: [Debugger] svchost.exe IFEO\tcm.exe: [Debugger] svchost.exe IFEO\tds-3.exe: [Debugger] svchost.exe IFEO\tds2-98.exe: [Debugger] svchost.exe IFEO\tds2-nt.exe: [Debugger] svchost.exe IFEO\teekids.exe: [Debugger] svchost.exe IFEO\tfak.exe: [Debugger] svchost.exe IFEO\tfak5.exe: [Debugger] svchost.exe IFEO\tgbob.exe: [Debugger] svchost.exe IFEO\titanin.exe: [Debugger] svchost.exe IFEO\titaninxp.exe: [Debugger] svchost.exe IFEO\TPSrv.exe: [Debugger] svchost.exe IFEO\trickler.exe: [Debugger] svchost.exe IFEO\trjscan.exe: [Debugger] svchost.exe IFEO\trjsetup.exe: [Debugger] svchost.exe IFEO\trojantrap3.exe: [Debugger] svchost.exe IFEO\TrustWarrior.exe: [Debugger] svchost.exe IFEO\tsadbot.exe: [Debugger] svchost.exe IFEO\tsc.exe: [Debugger] svchost.exe IFEO\tvmd.exe: [Debugger] svchost.exe IFEO\tvtmd.exe: [Debugger] svchost.exe IFEO\uiscan.exe: [Debugger] svchost.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\undoboot.exe: [Debugger] svchost.exe IFEO\updat.exe: [Debugger] svchost.exe IFEO\upgrad.exe: [Debugger] svchost.exe IFEO\upgrepl.exe: [Debugger] svchost.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\utpost.exe: [Debugger] svchost.exe IFEO\vbcmserv.exe: [Debugger] svchost.exe IFEO\vbcons.exe: [Debugger] svchost.exe IFEO\vbust.exe: [Debugger] svchost.exe IFEO\vbwin9x.exe: [Debugger] svchost.exe IFEO\vbwinntw.exe: [Debugger] svchost.exe IFEO\vcsetup.exe: [Debugger] svchost.exe IFEO\vet32.exe: [Debugger] svchost.exe IFEO\vet95.exe: [Debugger] svchost.exe IFEO\vettray.exe: [Debugger] svchost.exe IFEO\vfsetup.exe: [Debugger] svchost.exe IFEO\vir-help.exe: [Debugger] svchost.exe IFEO\virusmdpersonalfirewall.exe: [Debugger] svchost.exe IFEO\VisthAux.exe: [Debugger] svchost.exe IFEO\VisthLic.exe: [Debugger] svchost.exe IFEO\VisthUpd.exe: [Debugger] svchost.exe IFEO\vnlan300.exe: [Debugger] svchost.exe IFEO\vnpc3000.exe: [Debugger] svchost.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\vpc32.exe: [Debugger] svchost.exe IFEO\vpc42.exe: [Debugger] svchost.exe IFEO\vpfw30s.exe: [Debugger] svchost.exe IFEO\vptray.exe: [Debugger] svchost.exe IFEO\vscan40.exe: [Debugger] svchost.exe IFEO\vscenu6.02d30.exe: [Debugger] svchost.exe IFEO\vsched.exe: [Debugger] svchost.exe IFEO\vsecomr.exe: [Debugger] svchost.exe IFEO\vshwin32.exe: [Debugger] svchost.exe IFEO\vsisetup.exe: [Debugger] svchost.exe IFEO\vsmain.exe: [Debugger] svchost.exe IFEO\vsmon.exe: [Debugger] svchost.exe IFEO\vsserv.exe: [Debugger] svchost.exe IFEO\vsstat.exe: [Debugger] svchost.exe IFEO\vswin9xe.exe: [Debugger] svchost.exe IFEO\vswinntse.exe: [Debugger] svchost.exe IFEO\vswinperse.exe: [Debugger] svchost.exe IFEO\w32dsm89.exe: [Debugger] svchost.exe IFEO\W3asbas.exe: [Debugger] svchost.exe IFEO\w9x.exe: [Debugger] svchost.exe IFEO\watchdog.exe: [Debugger] svchost.exe IFEO\webdav.exe: [Debugger] svchost.exe IFEO\WebProxy.exe: [Debugger] svchost.exe IFEO\webscanx.exe: [Debugger] svchost.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe IFEO\webtrap.exe: [Debugger] svchost.exe IFEO\wfindv32.exe: [Debugger] svchost.exe IFEO\whoswatchingme.exe: [Debugger] svchost.exe IFEO\wimmun32.exe: [Debugger] svchost.exe IFEO\win-bugsfix.exe: [Debugger] svchost.exe IFEO\win32.exe: [Debugger] svchost.exe IFEO\win32us.exe: [Debugger] svchost.exe IFEO\winactive.exe: [Debugger] svchost.exe IFEO\winav.exe: [Debugger] svchost.exe IFEO\windll32.exe: [Debugger] svchost.exe IFEO\window.exe: [Debugger] svchost.exe IFEO\windows Police Pro.exe: [Debugger] svchost.exe IFEO\windows.exe: [Debugger] svchost.exe IFEO\wininetd.exe: [Debugger] svchost.exe IFEO\wininitx.exe: [Debugger] svchost.exe IFEO\winlogin.exe: [Debugger] svchost.exe IFEO\winmain.exe: [Debugger] svchost.exe IFEO\winppr32.exe: [Debugger] svchost.exe IFEO\winrecon.exe: [Debugger] svchost.exe IFEO\winservn.exe: [Debugger] svchost.exe IFEO\winssk32.exe: [Debugger] svchost.exe IFEO\winstart.exe: [Debugger] svchost.exe IFEO\winstart001.exe: [Debugger] svchost.exe IFEO\wintsk32.exe: [Debugger] svchost.exe IFEO\winupdate.exe: [Debugger] svchost.exe IFEO\wkufind.exe: [Debugger] svchost.exe IFEO\wnad.exe: [Debugger] svchost.exe IFEO\wnt.exe: [Debugger] svchost.exe IFEO\wradmin.exe: [Debugger] svchost.exe IFEO\wrctrl.exe: [Debugger] svchost.exe IFEO\wsbgate.exe: [Debugger] svchost.exe IFEO\wscfxas.exe: [Debugger] svchost.exe IFEO\wscfxav.exe: [Debugger] svchost.exe IFEO\wscfxfw.exe: [Debugger] svchost.exe IFEO\wsctool.exe: [Debugger] svchost.exe IFEO\wupdater.exe: [Debugger] svchost.exe IFEO\wupdt.exe: [Debugger] svchost.exe IFEO\wyvernworksfirewall.exe: [Debugger] svchost.exe IFEO\xpdeluxe.exe: [Debugger] svchost.exe IFEO\xpf202en.exe: [Debugger] svchost.exe IFEO\xp_antispyware.exe: [Debugger] svchost.exe IFEO\zapro.exe: [Debugger] svchost.exe IFEO\zapsetup3001.exe: [Debugger] svchost.exe IFEO\zatutor.exe: [Debugger] svchost.exe IFEO\zonalm2601.exe: [Debugger] svchost.exe IFEO\zonealarm.exe: [Debugger] svchost.exe IFEO\_avp32.exe: [Debugger] svchost.exe IFEO\_avpcc.exe: [Debugger] svchost.exe IFEO\_avpm.exe: [Debugger] svchost.exe IFEO\~1.exe: [Debugger] svchost.exe IFEO\~2.exe: [Debugger] svchost.exe Startup: C:\Users\Hasło!!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk ShortcutTarget: IMVU.lnk -> C:\Users\Nowa Era\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File) Startup: C:\Users\Nowa Era\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lptaeaej.lnk ShortcutTarget: lptaeaej.lnk -> C:\Users\Nowa Era\AppData\Local\lptaeaej.exe () HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll <===== ATTENTION ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File BootExecute: autocheck autochk * BootDefrag.exe AlternateShell: services32.exe CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=WDCXWD5000AAKS-00V0A0_WD-WCAWFC35827658276&ts=1393439438&type=default&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=181&d=20141007 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1402845752&from=amt&uid=WDCXWD5000AAKS-00V0A0_WD-WCAWFC35827658276 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=WDCXWD5000AAKS-00V0A0_WD-WCAWFC35827658276&ts=1393439438&type=default&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=181&d=20141007 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1402845752&from=amt&uid=WDCXWD5000AAKS-00V0A0_WD-WCAWFC35827658276 HKLM\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41516&home=true&tid=553 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1402845752&from=amt&uid=WDCXWD5000AAKS-00V0A0_WD-WCAWFC35827658276&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41516&tid=553&bs=true&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1402845752&from=amt&uid=WDCXWD5000AAKS-00V0A0_WD-WCAWFC35827658276&q={searchTerms} URLSearchHook: HKLM - (No Name) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - No File URLSearchHook: HKLM - (No Name) - {707db484-2428-402d-afb5-d85b387544c7} - No File URLSearchHook: HKLM - (No Name) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - No File URLSearchHook: HKLM - (No Name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No File URLSearchHook: HKLM - (No Name) - {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - No File URLSearchHook: HKLM - Begin-download FLV Toolbar - {84452a8c-bc09-4187-ad3b-b275b98eb939} - C:\Users\Nowa Era\AppData\LocalLow\Begin-download_FLV\prxtbBeg2.dll (ClientConnect Ltd.) URLSearchHook: HKLM - (No Name) - {f2e99efd-72dc-4c5d-9f7c-219133ff8e40} - No File URLSearchHook: HKLM - uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Users\Nowa Era\AppData\LocalLow\uTorrentControl_v6\prxtbuTo2.dll (ClientConnect Ltd.) URLSearchHook: HKCU - (No Name) - {f2e99efd-72dc-4c5d-9f7c-219133ff8e40} - No File URLSearchHook: HKCU - uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Users\Nowa Era\AppData\LocalLow\uTorrentControl_v6\prxtbuTo2.dll (ClientConnect Ltd.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.22find.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD5000AAKS-00V0A0_WD-WCAWFC35827658276&ts=1361627390 SearchScopes: HKLM - DefaultScope {F8DA724C-B79D-4DAA-A38F-74104154D700} URL = SearchScopes: HKLM - Software URL = SearchScopes: HKLM - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1402845752&from=amt&uid=WDCXWD5000AAKS-00V0A0_WD-WCAWFC35827658276&q={searchTerms} SearchScopes: HKLM - {64B3B655-3FDC-49BB-933C-2BF0324CB28D} URL = http://search.sweetim.com/search.asp?src=6&st=17&q={searchTerms}&barid={BBCD3C31-A2E2-11E0-B033-001E741B774D} SearchScopes: HKLM - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=484&systemid=406&v=a12281-116&apn_uid=8362438165114751&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=210&systemid=488&v=a13277-348&apn_uid=2090850645444295&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={BBCD3C31-A2E2-11E0-B033-001E741B774D} SearchScopes: HKLM - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.helpmefindyour.info/?l=1&q={searchTerms}&pid=729&r=2013/03/20&hid=2431064110&lg=EN&cc=PL SearchScopes: HKLM - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={BBCD3C31-A2E2-11E0-B033-001E741B774D} SearchScopes: HKCU - DefaultScope {F8DA724C-B79D-4DAA-A38F-74104154D700} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3291853&CUI=UN42863740122395332&UM=1 SearchScopes: HKCU - 977D59E3DD524889B5839BF7B858BF7E URL = SearchScopes: HKCU - Software URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.only-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=9E09001E741B774D&affID=129300&tt=020914_onst&tsp=5378 SearchScopes: HKCU - {1F6F23C0-FC33-42D2-A70F-AB0DCBC3628B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN40803136227522240&UM=1 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1402845752&from=amt&uid=WDCXWD5000AAKS-00V0A0_WD-WCAWFC35827658276&q={searchTerms} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=484&systemid=406&v=a12281-116&apn_uid=8362438165114751&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=210&systemid=488&v=a13277-348&apn_uid=2090850645444295&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/?a=6R9qdDtmtB&loc=skw&search={searchTerms}&i=26 SearchScopes: HKCU - {F8DA724C-B79D-4DAA-A38F-74104154D700} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3291853&CUI=UN42863740122395332&UM=1 BHO: Ginyas Browser Companion -> {00cbb66b-1d3b-46d3-9577-323a336acb50} -> C:\Program Files\BrowserCompanion\jsloader.dll ( ) BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: Browse2save -> {0AB53DF7-BA36-E491-5E6F-B6670CC544A2} -> C:\ProgramData\Browse2save\5127a6cebde64.dll () BHO: Plus-HD-9.4 -> {11111111-1111-1111-1111-110511311164} -> C:\Program Files\Plus-HD-9.4\Plus-HD-9.4-bho.dll (Plus HD) BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited) BHO: DealPly Shopping -> {4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} -> C:\Program Files\DealPly\DealPlyIE.dll (DealPly) BHO: Search-NewTab -> {4D987F1E-EAB4-EEAF-46C0-407CB3B69257} -> C:\ProgramData\Search-NewTab\5126321f54bcb.dll () BHO: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.) BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Search-NewTAb -> {78B417AF-A373-75B2-AB7F-CC7E6A61BCF2} -> C:\ProgramData\Search-NewTAb\5149b2d8241d4.dll () BHO: Breowsse2isavee -> {84E491D5-AC07-C077-F726-D5BBCC374607} -> C:\ProgramData\Breowsse2isavee\5149b2b6993b5.dll () BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File BHO: ValueApps -> {93DBF2BB-A2B3-4683-A92E-57E60751F346} -> C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll (Conduit Ltd.) BHO: Ginyas Browser Companion Verifier -> {963B125B-8B21-49A2-A3A8-E37092276531} -> C:\Program Files\BrowserCompanion\updatebhoWin32.dll (Blabbers Communications Ltd) BHO: uTorrentControl_v6 Toolbar -> {96f454ea-9d38-474f-b504-56193e00c1a5} -> C:\Users\Nowa Era\AppData\LocalLow\uTorrentControl_v6\prxtbuTo2.dll (ClientConnect Ltd.) BHO: DealPly -> {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} -> C:\Program Files\DealPly\DealPlyIE.dll (DealPly) BHO: Search-NewTab -> {A658777E-DB18-6628-63EB-84BBD74422AB} -> C:\ProgramData\Search-NewTab\5127a6e860769.dll () BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Browse2save -> {BF29262A-804F-7D7F-F24B-E186BD1FCF73} -> C:\ProgramData\Browse2save\5126320ad5635.dll () BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - No File Toolbar: HKLM - Begin-download FLV Toolbar - {84452a8c-bc09-4187-ad3b-b275b98eb939} - C:\Users\Nowa Era\AppData\LocalLow\Begin-download_FLV\prxtbBeg2.dll (ClientConnect Ltd.) Toolbar: HKLM - No Name - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - No File Toolbar: HKLM - No Name - {90b49673-5506-483e-b92b-ca0265bd9ca8} - No File Toolbar: HKLM - No Name - {f2e99efd-72dc-4c5d-9f7c-219133ff8e40} - No File Toolbar: HKLM - uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Users\Nowa Era\AppData\LocalLow\uTorrentControl_v6\prxtbuTo2.dll (ClientConnect Ltd.) Toolbar: HKCU - Begin-download FLV Toolbar - {84452A8C-BC09-4187-AD3B-B275B98EB939} - C:\Users\Nowa Era\AppData\LocalLow\Begin-download_FLV\prxtbBeg2.dll (ClientConnect Ltd.) Toolbar: HKCU - No Name - {90B49673-5506-483E-B92B-CA0265BD9CA8} - No File Toolbar: HKCU - No Name - {F2E99EFD-72DC-4C5D-9F7C-219133FF8E40} - No File Toolbar: HKCU - uTorrentControl_v6 Toolbar - {96F454EA-9D38-474F-B504-56193E00C1A5} - C:\Users\Nowa Era\AppData\LocalLow\uTorrentControl_v6\prxtbuTo2.dll (ClientConnect Ltd.) DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll (AVG Secure Search) Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" FireFox: ======== FF ProfilePath: C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default FF Homepage: hxxp://www.gazeta.pl/0,0.html?p=181&d=20141007 FF Keyword.URL: hxxp://go.mail.ru/search?fr=ntg&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.) FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll (AVG Technologies) FF Plugin: @funwebproducts.com/Plugin -> C:\Program Files\FunWebProducts\Installr\1.bin\NPFunWeb.dll No File FF Plugin: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files\Ganymede\Plugins\npganymedenet.dll No File FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll No File FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll No File FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=1.1.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nowa Era\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\searchplugins\ask-search.xml FF SearchPlugin: C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\searchplugins\Ask.xml FF SearchPlugin: C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\searchplugins\MyOnlineSearch.xml FF SearchPlugin: C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\searchplugins\MyStart Search.xml FF SearchPlugin: C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\searchplugins\onlysearchkms.xml FF Extension: Widget context - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-06-16] FF Extension: Plus-HD-9.4 - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\Extensions\55d597b4-643f-421e-b007-26a68e26903b@a62d99f0-1402-44d5-8671-7a618c9c4868.com [2014-07-11] FF Extension: TheTorntv V10 - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-09-21] FF Extension: Ginyas Browser Companion - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\Extensions\bbrs_002@blabbers.com [2014-02-01] FF Extension: TheGoPhoto.it V10 - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\Extensions\EWBNO58637124@CLP39222015.com [2014-09-21] FF Extension: Fast Start - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\Extensions\faststartff@gmail.com [2014-07-11] FF Extension: {{EXT_NAME}} - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\Extensions\jid1-fQpPMP6uBdJNCg@jetpack [2014-10-06] FF Extension: Quick Start - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\Extensions\quick_start@gmail.com [2014-06-15] FF Extension: shortcut - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\Extensions\shortcutff@gmail.com [2014-07-28] FF Extension: {{EXT_NAME}} - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\Extensions\{20291fcc-1471-46c8-8213-5911f5ce6d67} [2014-10-06] FF HKLM\...\Firefox\Extensions: [m3ffxtbr@mywebsearch.com] - C:\Program Files\MyWebSearch\bar\5.bin FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\IPSFFPlgn FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\extensions\quick_start@gmail.com FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\extensions\faststartff@gmail.com FF HKLM\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Nowa Era\AppData\Roaming\Mozilla\Firefox\Profiles\bbeuji2j.default\extensions\shortcutff@gmail.com FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: ======= CHR Profile: C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (No Name) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajbfjlbjonnckokbmkeiammcgkdciial [2014-01-23] CHR Extension: (Docs) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-10] CHR Extension: (Google Drive) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-10] CHR Extension: (IMVU Inc) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb [2014-01-23] CHR Extension: (YouTube) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-10] CHR Extension: (Browser Companion Helper) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf [2014-09-07] CHR Extension: (Plus-HD-9.4) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\cckahkoimnbpflhhobnanhfdihegpedf [2014-08-17] CHR Extension: (Google Search) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-10] CHR Extension: (Complitly plugin for chrome) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda [2014-09-07] CHR Extension: (TheTorntv V10) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdbaidolhfnecgiloehbailojonjaloa [2014-09-27] CHR Extension: (Lightning Newtab) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-10-18] CHR Extension: (No Name) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmiflhmilhiofcgfomcfjihfdcmecc [2014-01-23] CHR Extension: (ilfjhacjjbcdmimjeaakpnlhdcloijcg) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfjhacjjbcdmimjeaakpnlhdcloijcg [2014-09-27] CHR Extension: (Mail.Ru) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\jggbjbmnfmipgcanidamjfpechdeekoi [2014-10-18] CHR Extension: (mppflflkbbafeopeoeigkbbdjdbeifni) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppflflkbbafeopeoeigkbbdjdbeifni [2014-10-06] CHR Extension: (Google Wallet) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-23] CHR Extension: (Extended Protection) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-09-07] CHR Extension: (Quick start) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-10-18] CHR Extension: (Gmail) - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-10] CHR HKLM\...\Chrome\Extension: [ainbkicbloikcngphmjfpjdemblcojdd] - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\slidebar.crx [2014-06-12] CHR HKLM\...\Chrome\Extension: [ajbfjlbjonnckokbmkeiammcgkdciial] - C:\Users\iBOX\AppData\Local\Temp\tbch.crx [2014-06-12] CHR HKLM\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\Nowa Era\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2014-06-26] CHR HKLM\...\Chrome\Extension: [bdgpjclefcppbhifgmbncakhhphkggdb] - C:\ProgramData\AVG Secure Search\ChromeExt\12.2.0.5\avg.crx [2014-06-26] CHR HKLM\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files\BrowserCompanion\blabbers-ch.crx [2012-06-28] CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\oko\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx [2012-06-28] CHR HKLM\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files\Complitly\chrome\ComplitlyChrome.crx [2012-08-20] CHR HKLM\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx [2012-08-20] CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx [2013-01-16] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-01-16] CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [ijblflkdjdopkpdgllkmlbgcffjbnfda] - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [ikjmiflhmilhiofcgfomcfjihfdcmecc] - C:\Program Files\CertifiedToolsToolbar\chrome\CertifiedToolsToolbar.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\oko\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Oko.iBOX-Desktop.000\AppData\Local\Torch\Plugins\TorchPlugin.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\iBOX\AppData\Local\Temp\YontooLayers.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\System32\jmdp\SweetNT.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Nowa Era\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-12] CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit14.crx [2014-06-12] CHR HKLM\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files\1ClickDownload\oneclickdownloader11.crx [2014-06-12] CHR HKCU\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\Nowa Era\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2014-06-26] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [163328 2013-05-28] (Adobe Systems Incorporated) [File not signed] S2 Akamai; c:\program files\common files\akamai/netsession_win_76a2e34.dll [4764568 2014-04-09] (Akamai Technologies, Inc.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () S2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [3085264 2013-06-03] () R2 ddservice; C:\Windows\update.7.1\svchostdriver.exe [378880 2011-11-30] () [File not signed] S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2013-12-10] (Flexera Software, Inc.) R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-10-30] (Teruten) [File not signed] S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-15] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-15] (globalUpdate) [File not signed] R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [2375984 2014-08-21] () S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [761968 2014-06-12] (Cherished Technololgy LIMITED) R2 KMService; C:\Windows\system32\srvany.exe [10240 2011-04-09] () [File not signed] R2 MobogenieService; C:\Program Files\Mobogenie3\MobogenieService.exe [113344 2014-09-23] (Mobogenie.com) S3 npggsvc; C:\Windows\system32\GameMon.des [4066168 2011-04-25] (INCA Internet Co., Ltd.) [File not signed] R2 nvsvc; C:\Windows\system32\nvvsvc.exe [129640 2010-01-31] (NVIDIA Corporation) [File not signed] R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed] R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-02-03] (PC Tools) R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2014-02-16] (Prolific Technology Inc.) [File not signed] R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2014-02-22] () S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [77705 2014-06-09] () [File not signed] <==== ATTENTION S2 QuestBasic Service; C:\Program Files\QuestBasic\questbasic.exe [23040 2012-04-18] () [File not signed] S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [630784 2010-12-08] (Nokia) [File not signed] R2 srvbtcclient; C:\Windows\update.5.0\svchost.exe [351744 2011-11-14] () [File not signed] R2 srviecheck; C:\Windows\update.2\svchost.exe [1945088 2011-10-31] () [File not signed] R2 srvsysdriver32; C:\Windows\sysdriver32.exe [262656 2011-11-02] () [File not signed] R2 SrvUpdater; C:\Program Files\SoftwareUpdater\UpdaterService.exe [31744 2013-02-18] () [File not signed] R2 Stereo Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [240232 2010-01-31] (NVIDIA Corporation) [File not signed] R2 TBSrv; C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe [350528 2014-04-10] (ClientConnect Ltd.) R2 TorchCrashHandler; C:\Users\Oko.iBOX-Desktop.000\AppData\Local\Torch\Update\TorchCrashHandler.exe [1205088 2013-07-08] (TorchMedia Inc.) [File not signed] <==== ATTENTION R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1729336 2013-12-10] (TuneUp Software) R2 Windows Internet Name Service; C:\Windows\system32\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe [2692608 2013-09-14] () [File not signed] R2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [591776 2014-06-12] (Fuyu LIMITED) <==== ATTENTION R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [425104 2014-02-26] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [540304 2014-06-11] (Cherished Technololgy LIMITED) R2 wxpdrivers; C:\Windows\update.1\svchost.exe [1208832 2011-10-31] (Cronosoft) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U3 .blbdrive; \* [0 2014-07-26] () [File not signed] U3 .cdrom; \* [0 2014-07-26] () [File not signed] U3 .dtsoftbus01; \* [0 2014-07-26] () [File not signed] R3 adipfusb; C:\Windows\System32\DRIVERS\adipfusb.sys [28182 2005-05-12] (Analog Devices Inc.) S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-02-03] () [File not signed] S3 apf005; C:\Windows\system32\apf005.sys [14160 2014-04-03] () R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [19496 2010-04-22] () R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42272 2014-04-14] (AVG Technologies) R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-14] () [File not signed] S1 ccSet_NAV; C:\Windows\system32\drivers\NAV\1301010.003\ccSetx86.sys [132744 2011-08-08] (Symantec Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-02-23] (DT Soft Ltd) R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137144 2010-12-21] (ESET) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [374392 2011-08-18] (Symantec Corporation) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [115008 2010-12-21] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [95384 2010-12-21] (ESET) R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-10-30] () [File not signed] S3 gdrv; C:\Windows\gdrv.sys [17488 2014-01-25] (Windows (R) 2000 DDK provider) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17344 2014-10-17] (Glarysoft Ltd) R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation) S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation) S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation) S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation) S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation) S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation) S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation) S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation) S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation) S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation) S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation) S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation) S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation) R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113608 2013-01-27] (Power Software Ltd) S0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed] R0 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed] S0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [66048 2005-09-29] (Protection Technology) [File not signed] R3 SMARTMouseFilterx86; C:\Windows\System32\DRIVERS\SMARTMouseFilterx86.sys [14232 2012-10-24] (SMART Technologies) R3 SMARTVHidMini2000x86; C:\Windows\System32\DRIVERS\SMARTVHidMini2000x86.sys [13720 2012-10-24] (SMART Technologies) R3 SMARTVTabletPCx86; C:\Windows\System32\DRIVERS\SMARTVTabletPCx86.sys [21912 2012-10-24] (SMART Technologies ULC) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2012-02-25] (Duplex Secure Ltd.) S3 SRTSP; C:\Windows\system32\drivers\NAV\1301010.003\SRTSP.SYS [566904 2011-08-02] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NAV\1301010.003\SRTSPX.SYS [31864 2011-08-02] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NAV\1301010.003\SYMDS.SYS [340088 2011-07-25] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NAV\1301010.003\SYMEFA.SYS [897656 2011-07-28] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [127096 2014-02-16] (Symantec Corporation) S1 SymIRON; C:\Windows\system32\drivers\NAV\1301010.003\Ironx86.SYS [149624 2011-07-25] (Symantec Corporation) R1 SymNetS; C:\Windows\system32\drivers\NAV\1301010.003\SYMNETS.SYS [314488 2011-07-25] (Symantec Corporation) R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-19] (TuneUp Software) U5 aswHwid; C:\Windows\System32\Drivers\aswHwid.sys [24184 2014-07-24] () U5 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [67824 2014-07-24] (AVAST Software) U5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-07-24] () U5 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [779536 2014-07-24] (AVAST Software) U5 aswStm; C:\Windows\System32\Drivers\aswStm.sys [71944 2014-07-24] (AVAST Software) U5 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [54232 2012-10-31] (AVAST Software) U5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [192352 2014-07-24] () S1 BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\BASHDefs\20110901.001\BHDrvx86.sys [X] S3 cpuz134; \??\C:\Users\Nowa Era\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X] S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X] S1 IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\IPSDefs\20110726.001\IDSVix86.sys [X] S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\VirusDefs\20110818.021\NAVENG.SYS [X] S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\VirusDefs\20110818.021\NAVEX15.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-18 16:01 - 2014-10-18 16:01 - 00000000 ___DC () C:\FRST 2014-10-18 15:47 - 2014-10-18 15:47 - 02347008 _____ () C:\Users\Nowa Era\AppData\Local\wfvgwnd.exe 2014-10-18 15:46 - 2014-10-18 15:46 - 00001630 _____ () C:\Windows\proc_list1.log 2014-10-18 15:45 - 2014-10-18 15:45 - 00000640 _____ () C:\Windows\PFRO.log 2014-10-18 15:45 - 2014-10-18 15:45 - 00000056 _____ () C:\Windows\setupact.log 2014-10-18 15:45 - 2014-10-18 15:45 - 00000000 _____ () C:\Windows\setuperr.log 2014-10-18 15:31 - 2014-10-18 15:31 - 02801664 _____ () C:\Users\Nowa Era\AppData\Local\icdxbb.exe 2014-10-18 15:27 - 2014-10-18 15:27 - 00000000 ____D () C:\Users\Nowa Era\Documents\Mobogenie 2014-10-18 14:59 - 2014-10-18 14:59 - 03031040 _____ () C:\Users\Nowa Era\AppData\Local\lbfusin.exe 2014-10-18 14:44 - 2014-10-18 14:44 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-18 14:44 - 2014-10-18 14:44 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-10-18 14:43 - 2014-09-26 18:42 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-10-18 14:43 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-10-18 14:43 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-10-18 14:43 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-10-18 14:38 - 2014-10-18 14:43 - 00004244 _____ () C:\Windows\system32\jupdate-1.7.0_71-b14.log 2014-10-18 14:30 - 2014-10-18 14:30 - 00000093 _____ () C:\Windows\system32\debug.log 2014-10-18 14:28 - 2014-10-18 14:28 - 02506752 _____ () C:\Users\Nowa Era\AppData\Local\fayzsslg.exe 2014-10-18 11:29 - 2014-10-18 11:29 - 02887680 _____ () C:\Users\Nowa Era\AppData\Local\nmmlskr.exe 2014-10-17 19:19 - 2014-10-17 19:19 - 00016896 ___SH () C:\Users\Nowa Era\Documents\Thumbs.db 2014-10-17 19:02 - 2014-10-17 19:02 - 03194880 _____ () C:\Users\Nowa Era\AppData\Local\bkdidmfk.exe 2014-10-17 18:56 - 2014-10-17 18:56 - 02875392 _____ () C:\Users\Nowa Era\AppData\Local\uussz.exe 2014-10-17 18:25 - 2014-10-17 18:25 - 03145728 _____ () C:\Users\Nowa Era\AppData\Local\xcnei.exe 2014-10-17 18:03 - 2014-10-18 15:47 - 00000324 _____ () C:\Windows\Tasks\GlaryInitialize 5.job 2014-10-17 18:03 - 2014-10-17 18:03 - 00017344 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys 2014-10-17 18:03 - 2014-10-17 18:03 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2014-10-17 18:03 - 2014-10-17 18:03 - 00001052 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk 2014-10-17 18:03 - 2014-10-17 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2014-10-17 18:02 - 2014-10-18 15:47 - 00000000 ____D () C:\Program Files\Glary Utilities 5 2014-10-17 17:53 - 2014-10-17 17:53 - 02469888 _____ () C:\Users\Nowa Era\AppData\Local\nekkraah.exe 2014-10-17 17:47 - 2014-10-17 17:47 - 02760704 _____ () C:\Users\Nowa Era\AppData\Local\laeki.exe 2014-10-17 16:53 - 2014-10-17 16:53 - 03121152 _____ () C:\Users\Nowa Era\AppData\Local\quebmp.exe 2014-10-17 16:53 - 2014-10-17 16:53 - 02347008 _____ () C:\Users\Nowa Era\AppData\Local\hqsmv.exe 2014-10-16 17:39 - 2014-10-16 17:39 - 02400256 _____ () C:\Users\Nowa Era\AppData\Local\abvid.exe 2014-10-16 17:08 - 2014-10-16 17:08 - 03051520 _____ () C:\Users\Nowa Era\AppData\Local\kpmrot.exe 2014-10-16 16:37 - 2014-10-16 16:37 - 02576384 _____ () C:\Users\Nowa Era\AppData\Local\gnffdfdc.exe 2014-10-16 16:06 - 2014-10-16 16:06 - 02383872 _____ () C:\Users\Nowa Era\AppData\Local\xhsdfwi.exe 2014-10-16 14:33 - 2014-10-16 14:33 - 03072000 _____ () C:\Users\Nowa Era\AppData\Local\uecjjqae.exe 2014-10-16 14:33 - 2014-10-16 14:33 - 02375680 _____ () C:\Users\Nowa Era\AppData\Local\habtvwpj.exe 2014-10-15 20:25 - 2014-10-17 19:03 - 00000000 ____D () C:\ProgramData\TEMP 2014-10-14 08:33 - 2014-10-14 08:33 - 00000000 ____H () C:\Users\Nowa Era\Documents\Default.rdp 2014-10-13 20:33 - 2014-10-13 20:33 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled 2014-10-13 20:00 - 2014-10-13 20:00 - 02576384 _____ () C:\Users\Nowa Era\AppData\Local\befdebc.exe 2014-10-13 19:26 - 2014-10-13 19:26 - 02293760 _____ () C:\Users\Nowa Era\AppData\Local\cfavzojn.exe 2014-10-13 18:56 - 2014-10-13 18:56 - 02719744 _____ () C:\Users\Nowa Era\AppData\Local\alxjvha.exe 2014-10-13 18:56 - 2014-10-13 18:56 - 02314240 _____ () C:\Users\Nowa Era\AppData\Local\daawm.exe 2014-10-13 18:55 - 2014-10-13 18:55 - 00000000 ____D () C:\Windows\av_ico 2014-10-12 18:00 - 2014-10-12 18:00 - 03207168 _____ () C:\Users\Nowa Era\AppData\Local\dzeurihd.exe 2014-10-12 17:29 - 2014-10-12 17:29 - 02441216 _____ () C:\Users\Nowa Era\AppData\Local\mrintsx.exe 2014-10-12 16:58 - 2014-10-12 16:58 - 02854912 _____ () C:\Users\Nowa Era\AppData\Local\akcpileq.exe 2014-10-12 16:27 - 2014-10-12 16:27 - 03112960 _____ () C:\Users\Nowa Era\AppData\Local\dajixgfa.exe 2014-10-12 15:56 - 2014-10-12 15:56 - 03072000 _____ () C:\Users\Nowa Era\AppData\Local\sfcwbhs.exe 2014-10-12 15:25 - 2014-10-12 15:25 - 02682880 _____ () C:\Users\Nowa Era\AppData\Local\kebptq.exe 2014-10-12 14:54 - 2014-10-12 14:54 - 02875392 _____ () C:\Users\Nowa Era\AppData\Local\waktvfi.exe 2014-10-12 14:26 - 2014-10-18 15:46 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-10-12 14:07 - 2014-10-12 14:07 - 02433024 _____ () C:\Users\Nowa Era\AppData\Local\gxjcld.exe 2014-10-12 13:53 - 2014-10-12 13:53 - 02580480 _____ () C:\Users\Nowa Era\AppData\Local\ucqencqf.exe 2014-10-11 15:57 - 2014-10-11 16:15 - 00000000 ____D () C:\Users\Nowa Era\AppData\Local\PMB Files 2014-10-09 09:34 - 2014-10-09 09:34 - 02674688 _____ () C:\Users\Nowa Era\AppData\Local\vdszb.exe 2014-10-08 17:27 - 2014-10-08 17:27 - 02859008 _____ () C:\Users\Nowa Era\AppData\Local\hyzstefy.exe 2014-10-08 16:36 - 2014-10-08 16:36 - 02654208 _____ () C:\Users\Nowa Era\AppData\Local\hqjttdpg.exe 2014-10-08 15:13 - 2014-10-08 15:13 - 03055616 _____ () C:\Users\Nowa Era\AppData\Local\bebdb.exe 2014-10-08 15:12 - 2014-10-08 15:12 - 02949120 _____ () C:\Users\Nowa Era\AppData\Local\piqraln.exe 2014-10-08 10:54 - 2014-10-08 10:54 - 02572288 _____ () C:\Users\Nowa Era\AppData\Local\trfci.exe 2014-10-08 10:24 - 2014-10-08 10:24 - 02899968 _____ () C:\Users\Nowa Era\AppData\Local\uahutbh.exe 2014-10-08 09:53 - 2014-10-08 09:53 - 02772992 _____ () C:\Users\Nowa Era\AppData\Local\farkl.exe 2014-10-08 09:27 - 2014-10-08 09:27 - 02396160 _____ () C:\Users\Nowa Era\AppData\Local\hqzlvfxb.exe 2014-10-07 17:27 - 2014-10-07 17:27 - 02670592 _____ () C:\Users\Nowa Era\AppData\Local\lkhefb.exe 2014-10-07 16:56 - 2014-10-07 16:56 - 03084288 _____ () C:\Users\Nowa Era\AppData\Local\msagdc.exe 2014-10-07 16:26 - 2014-10-07 16:26 - 02805760 _____ () C:\Users\Nowa Era\AppData\Local\qmito.exe 2014-10-07 15:55 - 2014-10-07 15:55 - 02686976 _____ () C:\Users\Nowa Era\AppData\Local\vwwfgo.exe 2014-10-07 15:25 - 2014-10-07 15:25 - 03149824 _____ () C:\Users\Nowa Era\AppData\Local\iyssdwx.exe 2014-10-07 14:55 - 2014-10-07 14:55 - 02846720 _____ () C:\Users\Nowa Era\AppData\Local\jfimplor.exe 2014-10-07 14:51 - 2014-10-07 14:51 - 00000000 ____D () C:\Windows\pss 2014-10-07 14:42 - 2014-10-07 14:42 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-10-07 14:42 - 2014-10-07 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-10-07 14:42 - 2014-10-07 14:42 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-07 14:37 - 2014-10-07 14:37 - 00000343 _____ () C:\Windows\wininit.ini 2014-10-07 14:24 - 2014-10-07 14:24 - 02658304 _____ () C:\Users\Nowa Era\AppData\Local\vvlltccr.exe 2014-10-07 13:54 - 2014-10-07 13:54 - 03100672 _____ () C:\Users\Nowa Era\AppData\Local\pkefbc.exe 2014-10-07 13:54 - 2014-10-07 13:54 - 03084288 _____ () C:\Users\Nowa Era\AppData\Local\dngoeoxh.exe 2014-10-06 20:29 - 2014-10-06 20:29 - 03031040 _____ () C:\Users\Nowa Era\AppData\Local\hbcex.exe 2014-10-06 19:59 - 2014-10-06 19:59 - 02342912 _____ () C:\Users\Nowa Era\AppData\Local\ddutkk.exe 2014-10-06 17:19 - 2014-10-06 17:19 - 03293184 _____ () C:\Users\Nowa Era\AppData\Local\fwihyj.exe 2014-10-06 16:49 - 2014-10-06 16:49 - 02576384 _____ () C:\Users\Nowa Era\AppData\Local\jeacgcez.exe 2014-10-06 16:18 - 2014-10-06 16:18 - 03149824 _____ () C:\Users\Nowa Era\AppData\Local\psupru.exe 2014-10-06 12:56 - 2014-10-06 12:56 - 00000000 ____D () C:\Users\bbbb\AppData\Roaming\iSafe 2014-10-06 12:48 - 2014-10-06 12:48 - 00000000 ____D () C:\Users\bbbb\AppData\Roaming\eCyber 2014-10-06 10:04 - 2014-10-06 10:04 - 02945024 _____ () C:\Users\Nowa Era\AppData\Local\vvmmbd.exe 2014-10-06 09:34 - 2014-10-06 09:34 - 02838528 _____ () C:\Users\Nowa Era\AppData\Local\bfydqe.exe 2014-10-06 09:34 - 2014-10-06 09:34 - 02646016 _____ () C:\Users\Nowa Era\AppData\Local\bcxshcvq.exe 2014-09-28 13:08 - 2014-09-28 13:08 - 03141632 _____ () C:\Users\Nowa Era\AppData\Local\idmhcd.exe 2014-09-28 13:08 - 2014-09-28 13:08 - 02678784 _____ () C:\Users\Nowa Era\AppData\Local\dafdi.exe 2014-09-27 17:17 - 2014-09-27 17:17 - 02547712 _____ () C:\Users\Nowa Era\AppData\Local\xhqbk.exe 2014-09-27 16:46 - 2014-09-27 16:46 - 02322432 _____ () C:\Users\Nowa Era\AppData\Local\bnanzu.exe 2014-09-27 15:49 - 2014-09-27 15:49 - 03125248 _____ () C:\Users\Nowa Era\AppData\Local\ekrbixm.exe 2014-09-27 15:19 - 2014-09-27 15:19 - 02338816 _____ () C:\Users\Nowa Era\AppData\Local\whiqak.exe 2014-09-27 14:48 - 2014-09-27 14:48 - 03072000 _____ () C:\Users\Nowa Era\AppData\Local\cxtpeac.exe 2014-09-27 11:02 - 2014-09-27 11:02 - 03047424 _____ () C:\Users\Nowa Era\AppData\Local\qkmhq.exe 2014-09-27 10:31 - 2014-09-27 10:31 - 02322432 _____ () C:\Users\Nowa Era\AppData\Local\nghyrrk.exe 2014-09-27 10:01 - 2014-09-27 10:01 - 02940928 _____ () C:\Users\Nowa Era\AppData\Local\dsbqn.exe 2014-09-27 09:31 - 2014-09-27 09:31 - 02334720 _____ () C:\Users\Nowa Era\AppData\Local\neejqqf.exe 2014-09-27 09:30 - 2014-09-27 09:30 - 02670592 _____ () C:\Users\Nowa Era\AppData\Local\bebplocy.exe 2014-09-23 20:03 - 2014-09-23 20:03 - 01531904 _____ () C:\Users\Nowa Era\AppData\Local\ecaenl.exe 2014-09-23 19:32 - 2014-09-23 19:32 - 02371584 _____ () C:\Users\Nowa Era\AppData\Local\timsflj.exe 2014-09-23 19:02 - 2014-09-23 19:02 - 01847296 _____ () C:\Users\Nowa Era\AppData\Local\eajhwusb.exe 2014-09-23 18:32 - 2014-09-23 18:32 - 01568768 _____ () C:\Users\Nowa Era\AppData\Local\wohqzr.exe 2014-09-23 18:31 - 2014-09-23 18:31 - 03387392 _____ (repulsiveness) C:\Users\Nowa Era\AppData\Local\liuswu.exe 2014-09-21 15:19 - 2014-09-21 15:19 - 02142208 _____ () C:\Users\Nowa Era\AppData\Local\lsfeky.exe 2014-09-21 14:49 - 2014-09-21 14:49 - 02347008 _____ () C:\Users\Nowa Era\AppData\Local\vdksz.exe 2014-09-21 14:29 - 2014-09-21 14:29 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spintires-ROKA1969 2014-09-21 14:18 - 2014-09-21 14:18 - 02215936 _____ () C:\Users\Nowa Era\AppData\Local\ljouzxc.exe 2014-09-21 14:18 - 2014-09-21 14:18 - 01777664 _____ () C:\Users\Nowa Era\AppData\Local\gfyazs.exe 2014-09-21 13:43 - 2014-09-21 13:43 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\VOPackage 2014-09-21 13:43 - 2014-09-21 13:43 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage 2014-09-21 13:41 - 2014-09-21 13:41 - 02170880 _____ () C:\Users\Nowa Era\AppData\Local\mrhnlrwm.exe 2014-09-21 13:32 - 2014-09-21 13:32 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\BabSolution 2014-09-21 13:31 - 2014-09-21 13:33 - 00000000 ____D () C:\ProgramData\DSearchLink 2014-09-21 13:31 - 2014-09-21 13:31 - 00000000 ____D () C:\Users\Nowa Era\AppData\Local\onlysearch 2014-09-21 13:30 - 2014-10-18 15:45 - 00002764 _____ () C:\Windows\Tasks\8bbbf7b1-3b68-4dc9-a4c7-b883a278e825-1.job 2014-09-21 13:30 - 2014-10-18 15:45 - 00002432 _____ () C:\Windows\Tasks\8bbbf7b1-3b68-4dc9-a4c7-b883a278e825-5_user.job 2014-09-21 13:30 - 2014-10-18 15:45 - 00002432 _____ () C:\Windows\Tasks\8bbbf7b1-3b68-4dc9-a4c7-b883a278e825-5.job 2014-09-21 13:30 - 2014-10-18 15:45 - 00002096 _____ () C:\Windows\Tasks\8bbbf7b1-3b68-4dc9-a4c7-b883a278e825-2.job 2014-09-21 13:30 - 2014-10-18 15:45 - 00001394 _____ () C:\Windows\Tasks\7cd83429-cbcb-4042-80d5-a7ac55a54735.job 2014-09-21 13:29 - 2014-10-18 15:45 - 00004482 _____ () C:\Windows\Tasks\8bbbf7b1-3b68-4dc9-a4c7-b883a278e825-11.job 2014-09-21 13:29 - 2014-10-18 15:45 - 00003800 _____ () C:\Windows\Tasks\8bbbf7b1-3b68-4dc9-a4c7-b883a278e825-4.job 2014-09-21 13:29 - 2014-10-18 15:45 - 00003120 _____ () C:\Windows\Tasks\8bbbf7b1-3b68-4dc9-a4c7-b883a278e825-7.job 2014-09-21 13:29 - 2014-10-18 15:45 - 00003120 _____ () C:\Windows\Tasks\8bbbf7b1-3b68-4dc9-a4c7-b883a278e825-3.job 2014-09-21 13:29 - 2014-10-18 15:45 - 00002840 _____ () C:\Windows\Tasks\8bbbf7b1-3b68-4dc9-a4c7-b883a278e825-6.job 2014-09-21 13:29 - 2014-10-18 15:45 - 00000560 _____ () C:\Windows\Tasks\fac95ffd-789a-48b7-97cc-cfa9f6fe59bd.job 2014-09-21 13:27 - 2014-10-18 15:46 - 00002424 _____ () C:\Windows\Tasks\586f69c1-a224-4045-bacd-9a2247fe80b3-5_user.job 2014-09-21 13:27 - 2014-10-18 15:46 - 00002424 _____ () C:\Windows\Tasks\586f69c1-a224-4045-bacd-9a2247fe80b3-5.job 2014-09-21 13:27 - 2014-10-18 15:46 - 00002088 _____ () C:\Windows\Tasks\586f69c1-a224-4045-bacd-9a2247fe80b3-2.job 2014-09-21 13:27 - 2014-10-18 15:45 - 00002748 _____ () C:\Windows\Tasks\586f69c1-a224-4045-bacd-9a2247fe80b3-1.job 2014-09-21 13:27 - 2014-10-18 15:45 - 00001378 _____ () C:\Windows\Tasks\eb94b16e-1067-4ff7-bf7a-66a081b38643.job 2014-09-21 13:26 - 2014-10-18 15:46 - 00004136 _____ () C:\Windows\Tasks\586f69c1-a224-4045-bacd-9a2247fe80b3-4.job 2014-09-21 13:26 - 2014-10-18 15:46 - 00003112 _____ () C:\Windows\Tasks\586f69c1-a224-4045-bacd-9a2247fe80b3-7.job 2014-09-21 13:26 - 2014-10-18 15:46 - 00000544 _____ () C:\Windows\Tasks\242955c1-bb96-411e-9979-c474af47ea5f.job 2014-09-21 13:26 - 2014-10-18 15:45 - 00003448 _____ () C:\Windows\Tasks\586f69c1-a224-4045-bacd-9a2247fe80b3-6.job 2014-09-21 13:25 - 2014-10-18 15:46 - 00004474 _____ () C:\Windows\Tasks\586f69c1-a224-4045-bacd-9a2247fe80b3-11.job 2014-09-21 13:25 - 2014-10-18 15:46 - 00003112 _____ () C:\Windows\Tasks\586f69c1-a224-4045-bacd-9a2247fe80b3-3.job 2014-09-21 13:25 - 2014-09-21 13:27 - 00000000 ____D () C:\Program Files\TheTorntv V10 2014-09-21 13:23 - 2014-10-13 20:39 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com 2014-09-21 13:23 - 2014-09-21 13:27 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\TornTV.com 2014-09-21 13:10 - 2014-09-21 13:10 - 01703936 _____ () C:\Users\Nowa Era\AppData\Local\mddrjh.exe 2014-09-21 12:39 - 2014-09-21 12:39 - 02142208 _____ () C:\Users\Nowa Era\AppData\Local\ekrgvd.exe 2014-09-21 11:09 - 2014-09-21 11:09 - 01929216 _____ () C:\Users\Nowa Era\AppData\Local\wxipyz.exe 2014-09-21 10:39 - 2014-09-21 10:39 - 01863680 _____ () C:\Users\Nowa Era\AppData\Local\eljahfcc.exe 2014-09-21 10:08 - 2014-09-21 10:08 - 01716224 _____ () C:\Users\Nowa Era\AppData\Local\ehqbkte.exe 2014-09-20 18:06 - 2014-09-20 18:06 - 01765376 _____ () C:\Users\Nowa Era\AppData\Local\oopqqr.exe 2014-09-20 17:35 - 2014-09-20 17:35 - 01806336 _____ () C:\Users\Nowa Era\AppData\Local\edufefne.exe 2014-09-20 17:05 - 2014-09-20 17:05 - 01712128 _____ () C:\Users\Nowa Era\AppData\Local\apdqfz.exe 2014-09-20 16:35 - 2014-09-20 16:35 - 02056192 _____ () C:\Users\Nowa Era\AppData\Local\ednueebt.exe 2014-09-20 16:17 - 2014-09-20 16:17 - 01560576 _____ () C:\Users\Nowa Era\AppData\Local\fmtdldra.exe 2014-09-20 16:04 - 2014-09-20 16:04 - 02359296 _____ () C:\Users\Nowa Era\AppData\Local\kxuyda.exe 2014-09-20 15:34 - 2014-09-20 15:34 - 01695744 _____ () C:\Users\Nowa Era\AppData\Local\ilgjegq.exe 2014-09-20 10:41 - 2014-09-20 10:41 - 01982464 _____ () C:\Users\Nowa Era\AppData\Local\oqysb.exe 2014-09-20 10:11 - 2014-09-20 10:11 - 01998848 _____ () C:\Users\Nowa Era\AppData\Local\dheif.exe 2014-09-20 09:41 - 2014-09-20 09:41 - 02383872 _____ () C:\Users\Nowa Era\AppData\Local\fmdlksjb.exe 2014-09-20 09:10 - 2014-09-20 09:10 - 01572864 _____ () C:\Users\Nowa Era\AppData\Local\qtdhcmx.exe 2014-09-18 16:22 - 2014-09-18 16:22 - 02256896 _____ () C:\Users\Nowa Era\AppData\Local\mrxeb.exe 2014-09-18 15:51 - 2014-09-18 15:51 - 02215936 _____ () C:\Users\Nowa Era\AppData\Local\edcyq.exe 2014-09-18 15:51 - 2014-09-18 15:51 - 01650688 _____ () C:\Users\Nowa Era\AppData\Local\bbiwfdq.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-18 16:02 - 2014-07-11 12:56 - 00996818 _____ () C:\Users\Nowa Era\AppData\Local\lptaeaej.gss 2014-10-18 15:53 - 2013-02-18 17:44 - 00001034 _____ () C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job 2014-10-18 15:48 - 2013-08-25 13:42 - 00000000 ____D () C:\Program Files\WinZipper 2014-10-18 15:47 - 2013-12-31 10:43 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\newnext.me 2014-10-18 15:47 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing 2014-10-18 15:46 - 2014-06-15 17:28 - 00003790 _____ () C:\Windows\Tasks\1b1d9b86-fa7e-48f6-8ad3-9db6717d0ec7-11.job 2014-10-18 15:46 - 2014-06-15 17:28 - 00002212 _____ () C:\Windows\Tasks\1b1d9b86-fa7e-48f6-8ad3-9db6717d0ec7-4.job 2014-10-18 15:46 - 2014-06-15 17:28 - 00001514 _____ () C:\Windows\Tasks\1b1d9b86-fa7e-48f6-8ad3-9db6717d0ec7-6.job 2014-10-18 15:46 - 2014-06-15 17:28 - 00001414 _____ () C:\Windows\Tasks\1b1d9b86-fa7e-48f6-8ad3-9db6717d0ec7-5.job 2014-10-18 15:46 - 2014-06-15 17:28 - 00001330 _____ () C:\Windows\Tasks\1b1d9b86-fa7e-48f6-8ad3-9db6717d0ec7-2.job 2014-10-18 15:46 - 2014-06-15 17:27 - 00003108 _____ () C:\Windows\Tasks\1b1d9b86-fa7e-48f6-8ad3-9db6717d0ec7-3.job 2014-10-18 15:46 - 2013-07-09 21:15 - 00000000 ____D () C:\ProgramData\TorchCrashHandler 2014-10-18 15:46 - 2013-02-18 17:44 - 00000986 _____ () C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job 2014-10-18 15:46 - 2013-02-18 17:44 - 00000986 _____ () C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job 2014-10-18 15:46 - 2011-10-31 10:12 - 00000734 _____ () C:\Windows\system32\Drivers\etc\hîsts 2014-10-18 15:46 - 2011-04-09 00:21 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-10-18 15:45 - 2014-06-15 17:28 - 00001502 _____ () C:\Windows\Tasks\1b1d9b86-fa7e-48f6-8ad3-9db6717d0ec7-1.job 2014-10-18 15:45 - 2014-06-15 17:28 - 00001446 _____ () C:\Windows\Tasks\1b1d9b86-fa7e-48f6-8ad3-9db6717d0ec7-7.job 2014-10-18 15:45 - 2014-06-15 17:27 - 00000904 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2014-10-18 15:45 - 2014-06-15 17:26 - 00000000 ____D () C:\Program Files\PCDApp 2014-10-18 15:45 - 2013-08-22 12:16 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-10-18 15:45 - 2013-02-18 17:44 - 00000918 _____ () C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job 2014-10-18 15:45 - 2013-02-18 17:44 - 00000918 _____ () C:\Windows\Tasks\GinyasBrowserCompanion Runner.job 2014-10-18 15:45 - 2013-02-14 16:03 - 00000320 _____ () C:\Windows\Tasks\spmonitor.job 2014-10-18 15:45 - 2013-02-14 16:03 - 00000242 _____ () C:\Windows\Tasks\SpeedUpMyPC.job 2014-10-18 15:45 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-18 15:28 - 2009-07-14 06:34 - 00010320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-18 15:28 - 2009-07-14 06:34 - 00010320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-18 15:19 - 2012-11-11 18:07 - 00000278 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job 2014-10-18 15:12 - 2014-09-13 09:17 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-18 15:07 - 2011-10-21 18:02 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495774856-1328017135-2697362928-1000UA.job 2014-10-18 15:06 - 2014-07-11 12:56 - 00464896 _____ () C:\Users\Nowa Era\AppData\Local\lptaeaej.gdb 2014-10-18 14:43 - 2011-04-09 01:28 - 00000000 ____D () C:\Program Files\Java 2014-10-18 14:38 - 2013-01-05 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rohan Blood Feud 2014-10-18 14:38 - 2012-03-20 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torrius 2014-10-18 14:30 - 2014-01-23 20:42 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\Adobe 2014-10-18 14:28 - 2014-08-27 15:24 - 00000000 ____D () C:\Users\Nowa Era\AppData\Local\SWDS 2014-10-18 11:56 - 2014-03-20 18:42 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\.minecraftzyczu 2014-10-18 11:32 - 2014-06-15 17:27 - 00000908 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2014-10-18 11:29 - 2013-11-05 18:06 - 00000000 ____D () C:\Users\Nowa Era\AppData\Local\Pokki 2014-10-17 19:15 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-10-17 19:00 - 2012-05-06 13:25 - 00000272 _____ () C:\Windows\Tasks\RMSchedule.job 2014-10-17 18:45 - 2014-01-23 20:31 - 00000000 ____D () C:\Users\Nowa Era\AppData\Local\MoboGenie 2014-10-17 18:43 - 2013-02-21 16:38 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495774856-1328017135-2697362928-1005UA.job 2014-10-17 18:22 - 2014-06-27 21:36 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\IMVUClient 2014-10-17 18:20 - 2011-04-09 02:03 - 00000000 ____D () C:\Program Files\Your Uninstaller 2010 2014-10-17 18:07 - 2011-10-21 18:02 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495774856-1328017135-2697362928-1000Core.job 2014-10-17 18:03 - 2014-04-13 15:07 - 00000000 ____D () C:\ProgramData\GlarySoft 2014-10-17 18:03 - 2014-04-13 14:54 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\GlarySoft 2014-10-17 17:15 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2014-10-17 17:07 - 2012-06-09 14:08 - 00000000 ____D () C:\Users\Hasło!! 2014-10-17 16:59 - 2014-01-24 18:57 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\uTorrent 2014-10-17 16:59 - 2014-01-24 18:53 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\Media Player Classic 2014-10-16 20:26 - 2014-08-07 09:51 - 00000000 ____D () C:\Users\bbbb\AppData\Roaming\uTorrent 2014-10-16 20:25 - 2011-10-31 10:12 - 00014338 _____ () C:\Windows\iecheck_iplist.txt 2014-10-15 18:57 - 2011-04-09 01:22 - 00000000 ____D () C:\Program Files\Opera 2014-10-14 16:22 - 2014-08-28 09:49 - 00000000 ____D () C:\Users\bbbb\AppData\Local\SWDS 2014-10-14 08:40 - 2013-09-11 18:25 - 00000065 _____ () C:\Windows\system32\cache.00 2014-10-14 08:38 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-10-14 08:32 - 2014-02-23 14:41 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames 2014-10-14 08:32 - 2013-10-13 20:13 - 00000000 ____D () C:\Users\Nowa Era 2014-10-14 08:27 - 2014-06-15 17:23 - 00000000 ____D () C:\ProgramData\WindowsProtectManger 2014-10-14 08:27 - 2014-01-02 21:14 - 00000000 ____D () C:\ProgramData\WPM 2014-10-13 21:16 - 2013-02-23 15:50 - 00000000 ____D () C:\Program Files\Desk 365 2014-10-13 21:05 - 2014-03-13 19:44 - 00000000 ____D () C:\Users\Nowa Era\Documents\Nowy folder 2014-10-13 21:04 - 2012-04-15 13:35 - 00000000 ____D () C:\Program Files\FoxTabPDFReader 2014-10-13 21:00 - 2013-12-10 16:21 - 00000000 ____D () C:\ProgramData\SMART Technologies 2014-10-13 21:00 - 2013-02-24 11:39 - 00000000 ____D () C:\ProgramData\Trymedia 2014-10-13 21:00 - 2012-06-13 07:02 - 00000000 ____D () C:\Users\Hasło!!\AppData\Local\Akamai 2014-10-13 21:00 - 2012-06-10 07:42 - 00000000 ____D () C:\Users\Hasło!!\AppData\Roaming\Mozilla 2014-10-13 21:00 - 2012-06-10 07:42 - 00000000 ____D () C:\Users\Hasło!!\AppData\Roaming\IMVU 2014-10-13 21:00 - 2012-06-10 07:07 - 00000000 ____D () C:\Users\Hasło!!\AppData\Local\Google 2014-10-13 21:00 - 2012-05-13 15:33 - 00000000 __SHD () C:\ProgramData\d34654 2014-10-13 21:00 - 2011-11-04 18:44 - 00000000 ____D () C:\ProgramData\Premium 2014-10-13 21:00 - 2011-08-05 15:51 - 00000000 ____D () C:\ProgramData\OpenFM 2014-10-13 21:00 - 2011-05-25 10:51 - 00000000 ____D () C:\ProgramData\PC Suite 2014-10-13 21:00 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default 2014-10-13 20:39 - 2014-08-29 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter Strike Steam Ver 2014-10-13 20:39 - 2014-02-26 17:48 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-10-13 20:39 - 2012-08-20 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader 2014-10-13 20:39 - 2012-03-22 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888casino 2014-10-13 20:39 - 2011-12-10 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid 2014-10-13 20:39 - 2011-09-15 13:11 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames 2014-10-13 20:39 - 2011-05-21 10:55 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Softendo.com 2014-10-13 20:39 - 2011-04-09 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP2 2014-10-13 20:28 - 2011-12-30 15:22 - 00000000 ____D () C:\Program Files\RAR Password Cracker 2014-10-13 20:21 - 2014-04-11 16:00 - 00000000 ____D () C:\Users\Nowa Era\Documents\Pliki programu Outlook 2014-10-13 20:17 - 2014-07-24 17:42 - 00001928 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2014-10-13 19:03 - 2013-05-02 17:15 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-10-12 16:32 - 2011-10-31 10:13 - 00026213 _____ () C:\Windows\btc_client_iplist.txt 2014-10-12 16:32 - 2011-10-31 10:09 - 00026213 _____ () C:\Windows\iplist.txt 2014-10-12 15:50 - 2009-07-14 10:28 - 00000000 ____D () C:\Windows\ShellNew 2014-10-12 15:43 - 2013-02-21 16:38 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1495774856-1328017135-2697362928-1005Core.job 2014-10-12 14:31 - 2011-04-08 23:41 - 00884098 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-12 14:31 - 2009-07-14 10:07 - 00136538 _____ () C:\Windows\system32\perfc015.dat 2014-10-12 14:31 - 2009-07-14 10:07 - 00032702 _____ () C:\Windows\system32\perfh015.dat 2014-10-12 13:24 - 2011-05-25 10:20 - 00000045 _____ () C:\Windows\adidsl.ini 2014-10-11 15:42 - 2013-10-13 20:19 - 00000000 ____D () C:\Users\Nowa Era\AppData\Local\Akamai 2014-10-10 21:44 - 2013-09-11 18:25 - 00000150 _____ () C:\Windows\system32\queries-02.cache 2014-10-08 14:14 - 2009-07-14 06:53 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-10-08 09:29 - 2014-04-13 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-10-07 14:40 - 2012-07-02 12:14 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin 2014-10-07 14:38 - 2014-03-30 10:28 - 00000000 ____D () C:\Users\Nowa Era\AppData\Local\Mail.Ru 2014-10-06 20:08 - 2014-02-09 20:04 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aspyr Media, Inc 2014-10-06 20:07 - 2011-04-09 00:05 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-10-06 20:07 - 2011-04-09 00:05 - 00000000 ____D () C:\Program Files\Common Files\InstallShield 2014-10-06 20:06 - 2014-02-17 17:10 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\Touchstone 2014-10-06 19:49 - 2014-06-08 16:39 - 00000000 ____D () C:\Users\bbbb\AppData\Local\Mail.Ru 2014-10-05 17:11 - 2014-06-08 16:39 - 00000000 ____D () C:\Users\bbbb\AppData\Local\Google 2014-09-27 14:45 - 2014-07-17 09:22 - 00000000 ____D () C:\Program Files\Mobogenie3 2014-09-27 09:31 - 2014-06-06 21:00 - 00002369 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-09-21 15:35 - 2014-04-12 14:26 - 00000000 ____D () C:\Users\Nowa Era\AppData\Roaming\SpinTires 2014-09-18 15:51 - 2012-05-31 09:19 - 00000000 ____D () C:\ProgramData\Guard.Mail.Ru ZeroAccess: C:\Windows\System32\config\systemprofile\AppData\Local\5e981d0d C:\Windows\System32\config\systemprofile\AppData\Local\5e981d0d\@ C:\Windows\System32\config\systemprofile\AppData\Local\5e981d0d\X C:\Windows\System32\config\systemprofile\AppData\Local\5e981d0d\U\80000000.@ C:\Windows\System32\config\systemprofile\AppData\Local\5e981d0d\U\800000cb.@ C:\Windows\System32\config\systemprofile\AppData\Local\5e981d0d\U\800000cf.@ ZeroAccess: C:\Users\Nowa Era\AppData\Local\5e981d0d C:\Users\Nowa Era\AppData\Local\5e981d0d\@ C:\Users\Nowa Era\AppData\Local\5e981d0d\X Files to move or delete: ==================== C:\ProgramData\hash.dat C:\ProgramData\hpe81CD.dll Some content of TEMP: ==================== C:\Users\bbbb\AppData\Local\Temp\Uninstall.exe C:\Users\bbbb\AppData\Local\Temp\utt1EB.tmp.exe C:\Users\Hasło!!\AppData\Local\Temp\conduitinstaller.exe C:\Users\Hasło!!\AppData\Local\Temp\nsbAE79.tmp.tbIMVU.dll C:\Users\Hasło!!\AppData\Local\Temp\nsc1BCC.tmp.tbIMVU.dll C:\Users\Hasło!!\AppData\Local\Temp\nsm6568.tmp.tbIMVU.dll C:\Users\Hasło!!\AppData\Local\Temp\nswE438.tmp.tbIMVU.dll C:\Users\Hasło!!\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Nowa Era\AppData\Local\Temp\_is24B0.exe C:\Users\Nowa Era\AppData\Local\Temp\_is2AE7.exe C:\Users\Nowa Era\AppData\Local\Temp\_is2F69.exe C:\Users\Nowa Era\AppData\Local\Temp\_isC10D.exe C:\Users\Nowa Era\AppData\Local\Temp\_isD48E.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-03 09:07 ==================== End Of Log ============================