Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2014 01 Ran by KT (administrator) on KT-PC on 12-12-2014 23:47:34 Running from C:\Users\KT\Desktop\CZYSZCZENIE_SYSTEMU\FRST Loaded Profile: KT (Available profiles: KT & Masia & Administrator & Gość & DefaultAppPool) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Windows\System32\CISVC.EXE (ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (Foxit Corporation) C:\Program Files\_INNE\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe (Sony Corporation) C:\Program Files\_grafika_multimedia\SONY\PlayMemories Home\PMBDeviceInfoProvider.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe (Western Digital) C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (Safer Networking Ltd.) C:\Program Files\_do_syst_i_komputera\Spybot - Search & Destroy\SDWinSec.exe (Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe (Innovative Solutions GRUP SRL) C:\Program Files\_do_syst_i_komputera\Advanced Uninstaller PRO - Version 9\Monitor.exe (Creative Technology Ltd.) C:\Windows\V0420Mon.exe (Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe (Sony Corporation) C:\Program Files\_grafika_multimedia\SONY\PlayMemories Home\PMBVolumeWatcher.exe (QFX Software Corporation) C:\Program Files\_do_syst_i_komputera\KeyScrambler\KeyScrambler.exe () C:\Program Files\_do_syst_i_komputera\SpyShelter Personal Free\SpyShelter.exe (CyberLink Corp.) C:\Program Files\Cyberlink\PowerDVD10\PDVD10Serv.exe (cyberlink) C:\Program Files\Cyberlink\Shared files\brs.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Alexander Nikiforov) C:\Program Files\_INNE\MP3 Skype Recorder\MP3 Skype Recorder.exe (BitTorrent Inc.) C:\Users\KT\AppData\Roaming\uTorrent\uTorrent.exe (Nenad Hrg SoftwareOK) J:\Programy_od_2010-11-15\_do_systemu_i_kompa\pulpit\zapisywanie_ustawienia_ikon-na-pulpicie\DesktopOK 3.59\DesktopOK\DesktopOK.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Nenad Hrg (SoftwareOK.com)) J:\Programy_od_2010-11-15\_do_systemu_i_kompa\pulpit\zegar_TheAeroClock\TheAeroClock\TheAeroClock.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe () C:\Program Files\_INNE\Kalendarz XP\Kalendarz.exe () C:\Program Files\_INNE\Plustek_Skaner\OpticFilm 8200i\QuickScan.exe (Efficient Software) J:\Programy_od_2010-11-15\pamiętniki-elektroniczne\Efficient Man's Organizer Free_portable\EfficientMansOrganizerFree-Port\EfficientMansOrganizerFree.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\firefox.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (FastStone Soft) J:\Programy_od_2010-11-15\Grafika_multimedia\FastStone\FSCapture76_portable\FSCapture76\FSCapture76\FSCapture.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [V0420Mon.exe] => C:\Windows\V0420Mon.exe [32768 2007-04-30] (Creative Technology Ltd.) HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.) HKLM\...\Run: [MaxMenuMgr] => C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-09-25] (Seagate LLC) HKLM\...\Run: [NUSB3MON] => C:\Program Files\Western Digital\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [WD Quick View] => C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5235128 2012-06-14] (Western Digital Technologies, Inc.) HKLM\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files\_do_syst_i_komputera\_zarzdzanie-komputerem\TP-LINK\USB Printer Controller\USB Printer Controller.exe -mini HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\_grafika_multimedia\SONY\PlayMemories Home\PMBVolumeWatcher.exe [2557976 2014-06-24] (Sony Corporation) HKLM\...\Run: [KeyScrambler] => C:\Program Files\_do_syst_i_komputera\KeyScrambler\keyscrambler.exe [508232 2014-06-11] (QFX Software Corporation) HKLM\...\Run: [SpyShelter] => C:\Program Files\_do_syst_i_komputera\SpyShelter Personal Free\SpyShelter.exe [5099872 2014-07-01] () HKLM\...\Run: [RemoteControl10] => C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (cyberlink) HKLM\...\Run: [Adobe ARM] => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\Update\realsched.exe [296520 2014-10-02] (RealNetworks, Inc.) HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [551488 2014-09-23] () HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6144000 2008-05-20] (Realtek Semiconductor) HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\_grafika_multimedia\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\RunOnce: [MONITOR] => C:\Program Files\_do_syst_i_komputera\Advanced Uninstaller PRO - Version 9\LoaderRunOnce.exe [1015696 2008-09-03] () HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [Advanced Uninstaller PRO Installation Monitor] => C:\Program Files\_do_syst_i_komputera\Advanced Uninstaller PRO - Version 9\monitor.exe [1153936 2008-10-31] (Innovative Solutions GRUP SRL) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [PeerBlock] => C:\Program Files\_do_syst_i_komputera\_OCHRONA\PeerBlock\peerblock.exe [1529432 2009-09-28] (PeerBlock, LLC) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [MP3 Skype Recorder] => C:\Program Files\_INNE\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-17] (Alexander Nikiforov) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [uTorrent] => C:\Users\KT\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-03] (BitTorrent Inc.) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [DesktopOK] => J:\Programy_od_2010-11-15\_do_systemu_i_kompa\pulpit\zapisywanie_ustawienia_ikon-na-pulpicie\DesktopOK 3.59\DesktopOK\DesktopOK.exe [139264 2013-07-30] (Nenad Hrg SoftwareOK) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [TheAeroClock] => J:\Programy_od_2010-11-15\_do_systemu_i_kompa\pulpit\zegar_TheAeroClock\TheAeroClock\TheAeroClock.exe [1499136 2014-01-23] (Nenad Hrg (SoftwareOK.com)) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Policies\Explorer: [NoDrives] 0x00000000 HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Policies\Explorer: [NoInternetOpenWith] 0 HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\MountPoints2: G - G:\NeroSecurDiscViewer.exe auto HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\MountPoints2: {c35fa8b7-013d-11e1-ace3-002215808149} - D:\LaunchU3.exe -a HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess? HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION! HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\InprocServer32: [Default-pngfilt] <==== ATTENTION! HKU\S-1-5-18\...\Run: [MP3 Skype Recorder] => C:\Program Files\_INNE\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-17] (Alexander Nikiforov) IFEO: [Debugger] "C:\Program Files\_do_syst_i_komputera\TuneUp_2012_portable\TuneUpPortable\App\TuneUp\TUAutoReactivator32.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kalendarz XP.lnk ShortcutTarget: Kalendarz XP.lnk -> C:\Program Files\_INNE\Kalendarz XP\Kalendarz.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NCProTray.lnk ShortcutTarget: NCProTray.lnk -> C:\Program Files\SEC\Natural Color Pro\NCProTray.exe (Samsung) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickScan (OpticFilm 8200i).lnk ShortcutTarget: QuickScan (OpticFilm 8200i).lnk -> C:\Program Files\_INNE\Plustek_Skaner\OpticFilm 8200i\QuickScan.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) Startup: C:\Users\KT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Efficient Man's Organizer Free.lnk ShortcutTarget: Efficient Man's Organizer Free.lnk -> J:\Programy_od_2010-11-15\pamiętniki-elektroniczne\Efficient Man's Organizer Free_portable\EfficientMansOrganizerFree-Port\EfficientMansOrganizerFree.exe (Efficient Software) ShellIconOverlayIdentifiers: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\_do_syst_i_komputera\NERO_Essentials\Nero\Nero8\InCD\NBHShx.dll (Nero AG) BootExecute: PDBoot.exeautocheck autochk * autocheck turegopt ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9610A8F0C427CA01 URLSearchHook: HKU\S-1-5-21-914425102-3480758743-2583445526-1000 - MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll () SearchScopes: HKU\S-1-5-21-914425102-3480758743-2583445526-1000 -> {12FCEB20-321C-4327-8F7B-7AECB58DEAC2} URL = http://www.google.com/search?hl=pl&q={searchTerms} SearchScopes: HKU\S-1-5-21-914425102-3480758743-2583445526-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: MHTBPos00 Class -> {0C37B053-FD68-456a-82E1-D788EE342E6F} -> C:\Program Files\Family Toolbar\tbcore3.dll () BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) Toolbar: HKLM - &Tłumaczenie - {2F7DB8D7-9BE7-4666-901E-F380555BCAC7} - C:\Program Files\_językowe\Russkij Translator\InternetTranslatorRusPol.dll (Techland) Toolbar: HKU\.DEFAULT -> No Name - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\_INNE\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Hosts: 127.0.0.1 secure.tune-up.com Tcpip\Parameters: [DhcpNameServer] 87.204.204.204 62.233.233.233 FireFox: ======== FF ProfilePath: C:\Users\KT\AppData\Roaming\Mozilla\Firefox\Profiles\wrlcr19s.default-1417869811665 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\_INNE\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\_INNE\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\_grafika_multimedia\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.0.313\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF Plugin: @real.com/nppl3260;version=17.0.14.69 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.14 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=17.0.14.69 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll (pdfforge GmbH) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-05] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-10-02] FF HKLM\...\Firefox\Extensions: [{4642CD99-8FDF-4550-94E1-63360972C326}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\firefox.exe Chrome: ======= CHR Plugin: (Widevine Content Decryption Module) - C:\Users\KT\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll () CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (LizardTech DjVu) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\npdjvu.dll (LizardTech) CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files\_grafika_multimedia\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files\_grafika_multimedia\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files\_grafika_multimedia\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files\_grafika_multimedia\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files\_grafika_multimedia\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.313\npMcAfeeMss.dll (McAfee, Inc.) CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files\_INNE\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) CHR Plugin: (Picasa) - C:\Program Files\_grafika_multimedia\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\_grafika_multimedia\realplayer\Netscape6\nppl3260.dll No File CHR Plugin: (RealPlayer Download Plugin) - c:\program files\_grafika_multimedia\realplayer\Netscape6\nprpplugin.dll No File CHR Profile: C:\Users\KT\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - C:\Users\KT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-14] (Microsoft Corporation) [File not signed] S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-14] (Microsoft Corporation) [File not signed] R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2009-08-18] (AMD) [File not signed] R2 AppHostSvc; C:\Windows\system32\inetsrv\apphostsvc.dll [61440 2010-11-20] (Microsoft Corporation) [File not signed] S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2014-08-19] (Microsoft Corporation) [File not signed] R3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2013-02-27] (Microsoft Corporation) [File not signed] R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473600 2014-07-07] (Microsoft Corporation) [File not signed] R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473600 2014-07-07] (Microsoft Corporation) [File not signed] S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2010-11-20] (Microsoft Corporation) [File not signed] S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed] R2 BFE; C:\Windows\System32\bfe.dll [494592 2010-11-20] (Microsoft Corporation) [File not signed] R2 BITS; C:\Windows\System32\qmgr.dll [585728 2010-11-20] (Microsoft Corporation) [File not signed] S3 Browser; C:\Windows\System32\browser.dll [102912 2012-07-04] (Microsoft Corporation) [File not signed] S3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed] S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed] R2 CISVC; C:\Windows\system32\CISVC.EXE [20480 2009-07-14] (Microsoft Corporation) [File not signed] S2 CLKMSVC10_B91CB6D3; C:\Program Files\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink) S3 COMSysApp; C:\Windows\system32\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) [File not signed] R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [143872 2014-07-07] (Microsoft Corporation) [File not signed] R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed] S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-14] (Microsoft Corporation) [File not signed] R2 Dhcp; C:\Windows\system32\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed] R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-03] (Microsoft Corporation) [File not signed] S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2010-11-20] (Microsoft Corporation) [File not signed] R2 DPS; C:\Windows\system32\dps.dll [144384 2010-11-20] (Microsoft Corporation) [File not signed] R3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-14] (Microsoft Corporation) [File not signed] S3 EFS; C:\Windows\System32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed] S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [556544 2010-11-20] (Microsoft Corporation) [File not signed] S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-14] (Microsoft Corporation) [File not signed] R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET) R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086976 2010-11-20] (Microsoft Corporation) [File not signed] R2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed] S3 Fax; C:\Windows\system32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation) [File not signed] R3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-14] (Microsoft Corporation) [File not signed] R2 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-14] (Microsoft Corporation) [File not signed] R2 FontCache; C:\Windows\system32\FntCache.dll [906240 2013-01-13] (Microsoft Corporation) [File not signed] R2 FoxitCloudUpdateService; C:\Program Files\_INNE\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242728 2014-07-01] (Foxit Corporation) S4 FreeAgentGoNext Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [189736 2009-09-25] (Seagate Technology LLC) R2 gpsvc; C:\Windows\System32\gpsvc.dll [593408 2010-11-20] (Microsoft Corporation) [File not signed] S4 gupdate1ca0981569cd7f9; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-07-20] (Google Inc.) R3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed] S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation) [File not signed] R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2010-11-20] (Microsoft Corporation) [File not signed] R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed] R2 IKEEXT; C:\Windows\System32\ikeext.dll [679424 2013-10-12] (Microsoft Corporation) [File not signed] S4 InCDsrv; C:\Program Files\_do_syst_i_komputera\NERO_Essentials\Nero\Nero8\InCD\InCDsrv.exe [1442088 2008-08-08] (Nero AG) R2 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-14] (Microsoft Corporation) [File not signed] R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [499712 2012-10-03] (Microsoft Corporation) [File not signed] R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed] S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-14] (Microsoft Corporation) [File not signed] R2 LanmanServer; C:\Windows\system32\srvsvc.dll [168960 2010-11-20] (Microsoft Corporation) [File not signed] R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2010-11-20] (Microsoft Corporation) [File not signed] R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2011-04-16] (Hewlett-Packard Company) [File not signed] S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-14] (Microsoft Corporation) [File not signed] R2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed] S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.313\McCHSvc.exe [234776 2012-10-26] (McAfee, Inc.) S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [68096 2010-11-20] (Microsoft Corporation) [File not signed] R2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed] R2 MpsSvc; C:\Windows\system32\mpssvc.dll [566272 2010-11-20] (Microsoft Corporation) [File not signed] S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed] R2 msiserver; C:\Windows\System32\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed] S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2010-11-20] (Microsoft Corporation) [File not signed] S4 NeroRegInCDSrv; C:\Program Files\_do_syst_i_komputera\NERO_Essentials\Nero\Nero8\InCD\NBHRegInCDSrv.exe [53032 2008-08-08] (Nero AG) S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed] R3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-14] (Microsoft Corporation) [File not signed] R3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed] R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242176 2012-10-03] (Microsoft Corporation) [File not signed] R2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-14] (Microsoft Corporation) [File not signed] R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed] R3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-14] (Microsoft Corporation) [File not signed] R3 PcaSvc; C:\Windows\System32\pcasvc.dll [157184 2014-07-07] (Microsoft Corporation) [File not signed] R2 PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2216752 2014-08-07] (Raxco Software, Inc.) R2 PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2246448 2014-08-07] (Raxco Software, Inc.) S3 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH) S3 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH) S3 pla; C:\Windows\system32\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed] R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [293376 2011-05-24] (Microsoft Corporation) [File not signed] R2 PMBDeviceInfoProvider; C:\Program Files\_grafika_multimedia\SONY\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2014-06-24] (Sony Corporation) S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-14] (Microsoft Corporation) [File not signed] R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed] R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350208 2010-11-20] (Microsoft Corporation) [File not signed] R2 Power; C:\Windows\system32\umpo.dll [119808 2010-11-20] (Microsoft Corporation) [File not signed] R2 ProfSvc; C:\Windows\system32\profsvc.dll [164352 2012-05-01] (Microsoft Corporation) [File not signed] R3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed] S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-14] (Microsoft Corporation) [File not signed] S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed] S3 RasMan; C:\Windows\System32\rasmans.dll [286208 2010-11-20] (Microsoft Corporation) [File not signed] R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-09-26] () U2 RealPlayer Cloud Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-10-02] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [31344 2014-09-26] () S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed] S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-14] (Microsoft Corporation) [File not signed] R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-14] (Microsoft Corporation) [File not signed] S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-14] (Microsoft Corporation) [File not signed] R2 RpcSs; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed] R2 SamSs; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed] R2 SBSDWSCService; C:\Program Files\_do_syst_i_komputera\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-14] (Microsoft Corporation) [File not signed] R2 Schedule; C:\Windows\system32\schedsvc.dll [750592 2010-11-20] (Microsoft Corporation) [File not signed] S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed] S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2010-11-20] (Microsoft Corporation) [File not signed] S3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-14] (Microsoft Corporation) [File not signed] R2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed] S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed] S3 SessionEnv; C:\Windows\system32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed] S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-14] (Microsoft Corporation) [File not signed] R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed] S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-14] (Microsoft Corporation) [File not signed] R2 Spooler; C:\Windows\System32\spoolsv.exe [317440 2012-02-11] (Microsoft Corporation) [File not signed] S2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2010-11-20] (Microsoft Corporation) [File not signed] S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation) [File not signed] R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed] S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-14] (Microsoft Corporation) [File not signed] R2 StiSvc; C:\Windows\System32\wiaservc.dll [463360 2010-11-20] (Microsoft Corporation) [File not signed] S3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-14] (Microsoft Corporation) [File not signed] R2 SysMain; C:\Windows\system32\sysmain.dll [1159168 2010-11-20] (Microsoft Corporation) [File not signed] S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73216 2010-11-20] (Microsoft Corporation) [File not signed] S3 TapiSrv; C:\Windows\System32\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed] S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-14] (Microsoft Corporation) [File not signed] S3 TermService; C:\Windows\System32\termsrv.dll [523264 2014-07-17] (Microsoft Corporation) [File not signed] R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-14] (Microsoft Corporation) [File not signed] S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed] R2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-14] (Microsoft Corporation) [File not signed] S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-20] (Microsoft Corporation) [File not signed] S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-14] (Microsoft Corporation) [File not signed] R2 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed] R2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-14] (Microsoft Corporation) [File not signed] S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed] S3 vds; C:\Windows\System32\vds.exe [453632 2010-11-20] (Microsoft Corporation) [File not signed] S3 VSS; C:\Windows\system32\vssvc.exe [1025536 2010-11-20] (Microsoft Corporation) [File not signed] S2 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-14] (Microsoft Corporation) [File not signed] R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [397824 2010-11-20] (Microsoft Corporation) [File not signed] R3 WAS; C:\Windows\system32\inetsrv\iisw3adm.dll [397824 2010-11-20] (Microsoft Corporation) [File not signed] S3 wbengine; C:\Windows\system32\wbengine.exe [1203200 2010-11-20] (Microsoft Corporation) [File not signed] S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-14] (Microsoft Corporation) [File not signed] S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed] S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed] R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1151424 2012-06-14] (Western Digital ) R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-06-14] (Western Digital) R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed] S3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed] S3 WebClient; C:\Windows\System32\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed] S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-14] (Microsoft Corporation) [File not signed] S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-14] (Microsoft Corporation) [File not signed] S3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-14] (Microsoft Corporation) [File not signed] S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) [File not signed] S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed] R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-14] (Microsoft Corporation) [File not signed] S3 WinRM; C:\Windows\system32\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation) [File not signed] R2 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-14] (Microsoft Corporation) [File not signed] R3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-14] (Microsoft Corporation) [File not signed] R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121792 2010-11-20] (Microsoft Corporation) [File not signed] S4 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed] R3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [85504 2010-11-20] (Microsoft Corporation) [File not signed] R2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-14] (Microsoft Corporation) [File not signed] R2 WSearch; C:\Windows\system32\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) [File not signed] R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [73216 2012-07-26] (Microsoft Corporation) [File not signed] S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185344 2014-01-28] (Microsoft Corporation) [File not signed] S2 AcrSch2Svc; "C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe" [X] R2 AdobeARMservice; "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" [X] S2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [X] S3 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [X] S3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X] S2 syncagentsrv; "C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation) [File not signed] S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation) [File not signed] R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2014-05-30] (Microsoft Corporation) [File not signed] S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [55296 2009-07-14] (Microsoft Corporation) [File not signed] S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [52736 2009-07-14] (Microsoft Corporation) [File not signed] S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2014-08-19] (Microsoft Corporation) [File not signed] R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] () R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed] R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [4994560 2009-08-18] (ATI Technologies Inc.) [File not signed] S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation) [File not signed] S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation) [File not signed] R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed] R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed] R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-23] (Microsoft Corporation) [File not signed] S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.) [File not signed] S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.) [File not signed] S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Brother Industries Ltd.) [File not signed] S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.) [File not signed] S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.) [File not signed] S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.) [File not signed] S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed] S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-14] (Microsoft Corporation) [File not signed] R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed] S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [37888 2009-07-14] (Microsoft Corporation) [File not signed] S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [14080 2009-07-14] (Microsoft Corporation) [File not signed] R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation) [File not signed] R2 DefragFS; C:\Windows\system32\Drivers\DefragFS.sys [104088 2012-09-11] (Raxco Software, Inc.) R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] (Microsoft Corporation) [File not signed] R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-14] (Microsoft Corporation) [File not signed] R3 dot4; C:\Windows\System32\DRIVERS\Dot4.sys [131072 2009-07-14] (Microsoft Corporation) [File not signed] R3 Dot4Print; C:\Windows\System32\DRIVERS\Dot4Prt.sys [16384 2010-11-20] (Microsoft Corporation) [File not signed] R3 dot4usb; C:\Windows\System32\DRIVERS\dot4usb.sys [36864 2009-07-14] (Microsoft Corporation) [File not signed] S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2009-07-14] (Microsoft Corporation) [File not signed] S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2012-05-28] (Phoenix Technologies) [File not signed] R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET) S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation) [File not signed] R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2014-10-10] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-10-10] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51288 2014-10-10] (ESET) S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed] S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-14] (Microsoft Corporation) [File not signed] S3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-14] (Microsoft Corporation) [File not signed] R3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed] S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-14] (Microsoft Corporation) [File not signed] R3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed] S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.) [File not signed] R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [304128 2010-11-20] (Microsoft Corporation) [File not signed] R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed] S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed] S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [91136 2009-07-14] (Microsoft Corporation) [File not signed] S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [37888 2009-07-14] (Microsoft Corporation) [File not signed] R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2010-11-20] (Microsoft Corporation) [File not signed] R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] (Microsoft Corporation) [File not signed] S3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [80896 2009-07-14] (Microsoft Corporation) [File not signed] S4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [128424 2008-08-08] (Nero AG) R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [38952 2008-08-08] (Nero AG) R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [40488 2008-08-08] (Nero AG) S3 INIDVD; C:\Windows\System32\DRIVERS\inidvd.sys [7936 2007-11-07] (Initio Corporation) [File not signed] R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-14] (Microsoft Corporation) [File not signed] S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-14] (Microsoft Corporation) [File not signed] S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation) [File not signed] S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-14] (Microsoft Corporation) [File not signed] S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed] R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation) [File not signed] R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [209016 2013-05-31] (QFX Software Corporation) R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [47104 2009-07-13] (Atheros Communications, Inc.) [File not signed] R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-14] (Microsoft Corporation) [File not signed] R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-14] (Microsoft Corporation) [File not signed] S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-14] (Microsoft Corporation) [File not signed] R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed] R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed] R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed] S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2013-07-04] (Microsoft Corporation) [File not signed] R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-27] (Microsoft Corporation) [File not signed] R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-09] (Microsoft Corporation) [File not signed] R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-27] (Microsoft Corporation) [File not signed] R1 Msfs; C:\Windows\system32\Drivers\Msfs.sys [22528 2009-07-14] (Microsoft Corporation) [File not signed] S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed] S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed] R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] () [File not signed] R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [150568 2008-06-10] (Marvell Semiconductor, Inc.) R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-14] (Microsoft Corporation) [File not signed] S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-14] (Microsoft Corporation) [File not signed] R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed] R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation) [File not signed] R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation) [File not signed] R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed] R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-14] (Microsoft Corporation) [File not signed] R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] (Microsoft Corporation) [File not signed] S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18176 2012-01-09] (Nokia) [File not signed] S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2012-01-09] (Nokia) [File not signed] R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed] R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed] R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-14] (Microsoft Corporation) [File not signed] R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [58880 2009-11-20] (NEC Electronics Corporation) [File not signed] R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [137728 2009-11-20] (NEC Electronics Corporation) [File not signed] S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed] S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [79360 2009-07-14] (Microsoft Corporation) [File not signed] S2 Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [8704 2009-07-14] (Microsoft Corporation) [File not signed] S3 pbfilter; C:\Program Files\_do_syst_i_komputera\_OCHRONA\PeerBlock\pbfilter.sys [16472 2009-09-28] () S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-06-11] (Nokia) [File not signed] R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [207280 2009-09-23] (PC Tools) R2 PDFSFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [69016 2012-08-23] (Raxco Software, Inc.) R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [593920 2014-07-07] (Microsoft Corporation) [File not signed] R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-14] (Microsoft Corporation) [File not signed] S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [52224 2009-07-14] (Microsoft Corporation) [File not signed] R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-14] (Microsoft Corporation) [File not signed] S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-14] (Microsoft Corporation) [File not signed] S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-14] (Microsoft Corporation) [File not signed] R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-14] (Microsoft Corporation) [File not signed] R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-14] (Microsoft Corporation) [File not signed] R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-14] (Microsoft Corporation) [File not signed] R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-14] (Microsoft Corporation) [File not signed] R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] (Microsoft Corporation) [File not signed] S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [18944 2009-07-14] (Microsoft Corporation) [File not signed] R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation) [File not signed] R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed] R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed] S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [14848 2012-08-23] (Microsoft Corporation) [File not signed] S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [184320 2014-07-17] (Microsoft Corporation) [File not signed] R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed] R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [59388 2010-04-12] (PowerISO Computing, Inc.) [File not signed] S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation) [File not signed] R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed] S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl.sys [75776 2007-02-12] (Prolific Technology Inc.) [File not signed] R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed] R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-14] (Microsoft Corporation) [File not signed] S3 sermouse; C:\Windows\System32\DRIVERS\sermouse.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed] S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed] S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed] S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed] S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed] S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-14] (Microsoft Corporation) [File not signed] R1 Spyshelter; C:\Program Files\_do_syst_i_komputera\SpyShelter Personal Free\SpyShelter.sys [344928 2014-07-01] (SpyShelter) [File not signed] R3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-29] (Microsoft Corporation) [File not signed] R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-29] (Microsoft Corporation) [File not signed] R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-29] (Microsoft Corporation) [File not signed] R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2012-10-03] (Microsoft Corporation) [File not signed] S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation) [File not signed] S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-17] (Microsoft Corporation) [File not signed] R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2010-11-20] (Microsoft Corporation) [File not signed] R0 tib; C:\Windows\System32\DRIVERS\tib.sys [736192 2014-09-02] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [130488 2014-09-02] (Acronis) R3 TPLINKUDSMBus; C:\Windows\System32\Drivers\TPLINKUDSMBus.sys [92160 2012-06-15] (Windows (R) Codename Longhorn DDK provider) [File not signed] S3 TPLINKUDSTcpBus; C:\Windows\System32\Drivers\TPLINKUDSTcpBus.sys [151296 2012-06-15] (Windows (R) Codename Longhorn DDK provider) [File not signed] S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2014-07-17] (Microsoft Corporation) [File not signed] S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [49152 2013-10-02] (Microsoft Corporation) [File not signed] R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed] S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation) [File not signed] R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [39936 2010-11-20] (Microsoft Corporation) [File not signed] S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed] S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2012-01-09] (Nokia) [File not signed] S3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [80896 2013-07-12] (Microsoft Corporation) [File not signed] R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-27] (Microsoft Corporation) [File not signed] S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] (Microsoft Corporation) [File not signed] R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [43520 2013-11-27] (Microsoft Corporation) [File not signed] R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-27] (Microsoft Corporation) [File not signed] S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [20480 2013-11-27] (Microsoft Corporation) [File not signed] S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed] S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [36352 2013-07-03] (Microsoft Corporation) [File not signed] S3 usbser; C:\Windows\System32\drivers\usbser.sys [28160 2013-08-29] (Microsoft Corporation) [File not signed] S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2012-01-09] (Nokia) [File not signed] R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-11] (Microsoft Corporation) [File not signed] R3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [24064 2013-11-27] (Microsoft Corporation) [File not signed] S3 V0420VID; C:\Windows\System32\DRIVERS\V0420Vid.sys [99648 2007-05-31] (Creative Technology Ltd.) [File not signed] S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed] R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed] S3 ViaC7; C:\Windows\system32\DRIVERS\viac7.sys [52736 2009-07-14] (Microsoft Corporation) [File not signed] R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [116000 2014-09-02] (Acronis International GmbH) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [85280 2014-09-02] (Acronis International GmbH) S2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [31280 2009-03-26] (VMware, Inc.) S3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed] R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-14] (Microsoft Corporation) [File not signed] S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-14] (Microsoft Corporation) [File not signed] S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed] R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed] R3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [11520 2011-02-16] (Western Digital Technologies) [File not signed] R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed] S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] (Microsoft Corporation) [File not signed] S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed] S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-14] (Microsoft Corporation) [File not signed] R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] (Microsoft Corporation) [File not signed] S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation) [File not signed] S3 RTL8192cu; system32\DRIVERS\RTL8192cu.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-10 21:50 - 2014-12-10 21:50 - 06126536 _____ (Tim Kosse) C:\Users\KT\Downloads\FileZilla_3.9.0.6_win32-setup.exe 2014-12-08 13:48 - 2014-12-12 23:47 - 00000000 ____D () C:\FRST 2014-12-03 23:59 - 2014-12-03 23:59 - 00232640 _____ () C:\Windows\Minidump\120314-36785-01.dmp 2014-12-03 18:09 - 2014-12-03 18:09 - 00232352 _____ () C:\Windows\Minidump\120314-39530-01.dmp 2014-11-27 20:23 - 2014-11-28 00:45 - 00001740 _____ () C:\Users\KT\Desktop\Ahnblatt_2.83.lnk 2014-11-20 16:24 - 2014-11-20 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2014-11-20 16:24 - 2014-11-20 16:24 - 00000000 ____D () C:\ProgramData\ESET 2014-11-20 16:24 - 2014-11-20 16:24 - 00000000 ____D () C:\Program Files\ESET 2014-11-18 14:56 - 2014-11-18 14:56 - 01202848 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL 2014-11-12 11:12 - 2014-11-12 11:12 - 85761506 _____ () C:\Users\KT\Desktop\COMPONENTS.reg 2014-11-12 11:04 - 2014-11-12 11:04 - 00689664 _____ () C:\Users\KT\Downloads\zzz_MicrosoftFixit50202.msi ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-12 23:49 - 2009-06-05 20:07 - 00000000 ____D () C:\Users\KT\AppData\Roaming\uTorrent 2014-12-12 23:14 - 2014-10-16 17:07 - 00000000 ____D () C:\Users\KT\Desktop\CZYSZCZENIE_SYSTEMU 2014-12-12 23:01 - 2009-06-09 22:55 - 00000000 ____D () C:\Users\KT\AppData\Roaming\Skype 2014-12-12 22:19 - 2014-09-07 19:47 - 00000000 ____D () C:\Users\KT\AppData\Local\CrashDumps 2014-12-12 21:11 - 2009-09-13 21:08 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-12 21:00 - 2010-11-03 17:47 - 00000000 ____D () C:\ProgramData\TEMP 2014-12-12 20:52 - 2014-09-11 10:42 - 01387461 _____ () C:\Windows\WindowsUpdate.log 2014-12-12 20:52 - 2010-07-29 01:06 - 00010048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-12 20:52 - 2010-07-29 01:06 - 00010048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-12 20:47 - 2014-09-29 23:04 - 03812636 _____ () C:\Windows\setupact.log 2014-12-12 20:43 - 2013-05-18 17:52 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-12-12 20:43 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-12 00:41 - 2011-01-26 22:09 - 00000000 ____D () C:\Users\KT\AppData\Roaming\FileZilla 2014-12-11 01:17 - 2013-08-02 09:07 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-11 01:17 - 2011-01-11 19:48 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-12-07 21:40 - 2012-04-04 08:49 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-12-07 21:30 - 2009-09-27 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2014-12-07 21:30 - 2009-09-14 08:37 - 00000000 ____D () C:\Garmin 2014-12-06 13:43 - 2014-09-16 20:18 - 00000000 ____D () C:\Users\KT\Desktop\Stare dane programu Firefox 2014-12-06 09:35 - 2009-07-14 05:53 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-12-03 23:59 - 2014-10-06 08:45 - 329759933 _____ () C:\Windows\MEMORY.DMP 2014-12-03 23:59 - 2011-08-30 10:11 - 00000000 ____D () C:\Windows\Minidump 2014-12-02 15:41 - 2012-04-27 09:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-11-30 13:27 - 2014-10-10 13:32 - 00003652 _____ () C:\Users\KT\AppData\Roaming\__AvidCloudManager.log 2014-11-30 12:44 - 2014-08-06 23:32 - 00000000 ____D () C:\Users\KT\temp 2014-11-30 11:45 - 2014-08-06 23:10 - 00005793 _____ () C:\Users\KT\AppData\Roaming\KT-PC.MTBF.txt 2014-11-30 11:45 - 2014-08-06 22:39 - 00000000 ____D () C:\Users\KT\AppData\Local\Pinnacle 2014-11-30 02:04 - 2009-06-09 19:26 - 00000000 ____D () C:\Users\KT\AppData\Roaming\Nero 2014-11-30 01:40 - 2014-09-20 22:37 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-11-30 01:40 - 2014-09-20 22:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-11-29 18:15 - 2014-04-17 23:01 - 00000000 ___RD () C:\Users\KT\Desktop\GENO 2014-11-28 22:29 - 2009-09-13 20:24 - 00000000 ____D () C:\Users\KT\AppData\Roaming\XnView 2014-11-26 18:16 - 2011-01-01 19:52 - 00000000 ____D () C:\Users\KT 2014-11-25 17:30 - 2013-02-18 14:45 - 00001316 _____ () C:\Users\KT\Downloads\Zgierz_ew.lnk 2014-11-25 17:30 - 2013-02-05 14:26 - 00001453 _____ () C:\Users\KT\Downloads\Koziegłowy (2).lnk 2014-11-17 15:45 - 2014-10-07 23:53 - 00041458 _____ () C:\Windows\PFRO.log 2014-11-12 10:12 - 2014-10-16 22:51 - 00027142 _____ () C:\Windows\IE11_main.log 2014-11-12 10:10 - 2014-10-16 22:47 - 00026678 _____ () C:\Windows\IE10_main.log 2014-11-12 09:49 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET Some content of TEMP: ==================== C:\Users\KT\AppData\Local\Temp\Quarantine.exe C:\Users\KT\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe [2014-10-15 16:56] - [2014-07-17 02:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870 C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-07 11:00 ==================== End Of Log ============================