Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-12-2014 Ran by KT (administrator) on KT-PC on 13-12-2014 20:47:13 Running from M:\zzz_NAPRAWA-komputera_FixItPc-pl\FRST Loaded Profile: KT (Available profiles: KT & Masia & Administrator & Gość & DefaultAppPool) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Windows\System32\CISVC.EXE (ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (Foxit Corporation) C:\Program Files\_INNE\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe (pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe (Sony Corporation) C:\Program Files\_grafika_multimedia\SONY\PlayMemories Home\PMBDeviceInfoProvider.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (Western Digital) C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe (Safer Networking Ltd.) C:\Program Files\_do_syst_i_komputera\Spybot - Search & Destroy\SDWinSec.exe (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe (Innovative Solutions GRUP SRL) C:\Program Files\_do_syst_i_komputera\Advanced Uninstaller PRO - Version 9\Monitor.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (Creative Technology Ltd.) C:\Windows\V0420Mon.exe (Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe (Sony Corporation) C:\Program Files\_grafika_multimedia\SONY\PlayMemories Home\PMBVolumeWatcher.exe (QFX Software Corporation) C:\Program Files\_do_syst_i_komputera\KeyScrambler\KeyScrambler.exe () C:\Program Files\_do_syst_i_komputera\SpyShelter Personal Free\SpyShelter.exe (CyberLink Corp.) C:\Program Files\Cyberlink\PowerDVD10\PDVD10Serv.exe (cyberlink) C:\Program Files\Cyberlink\Shared files\brs.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Alexander Nikiforov) C:\Program Files\_INNE\MP3 Skype Recorder\MP3 Skype Recorder.exe (BitTorrent Inc.) C:\Users\KT\AppData\Roaming\uTorrent\uTorrent.exe (Nenad Hrg SoftwareOK) J:\Programy_od_2010-11-15\_do_systemu_i_kompa\pulpit\zapisywanie_ustawienia_ikon-na-pulpicie\DesktopOK 3.59\DesktopOK\DesktopOK.exe (Nenad Hrg (SoftwareOK.com)) J:\Programy_od_2010-11-15\_do_systemu_i_kompa\pulpit\zegar_TheAeroClock\TheAeroClock\TheAeroClock.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe () C:\Program Files\_INNE\Plustek_Skaner\OpticFilm 8200i\QuickScan.exe (Efficient Software) J:\Programy_od_2010-11-15\pamiętniki-elektroniczne\Efficient Man's Organizer Free_portable\EfficientMansOrganizerFree-Port\EfficientMansOrganizerFree.exe (Mozilla Corporation) C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6144000 2008-05-20] (Realtek Semiconductor) HKLM\...\Run: [V0420Mon.exe] => C:\Windows\V0420Mon.exe [32768 2007-04-30] (Creative Technology Ltd.) HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.) HKLM\...\Run: [MaxMenuMgr] => C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-09-25] (Seagate LLC) HKLM\...\Run: [NUSB3MON] => C:\Program Files\Western Digital\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [WD Quick View] => C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5235128 2012-06-14] (Western Digital Technologies, Inc.) HKLM\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files\_do_syst_i_komputera\_zarzdzanie-komputerem\TP-LINK\USB Printer Controller\USB Printer Controller.exe -mini HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\_grafika_multimedia\SONY\PlayMemories Home\PMBVolumeWatcher.exe [2557976 2014-06-24] (Sony Corporation) HKLM\...\Run: [KeyScrambler] => C:\Program Files\_do_syst_i_komputera\KeyScrambler\keyscrambler.exe [508232 2014-06-11] (QFX Software Corporation) HKLM\...\Run: [SpyShelter] => C:\Program Files\_do_syst_i_komputera\SpyShelter Personal Free\SpyShelter.exe [5099872 2014-07-01] () HKLM\...\Run: [RemoteControl10] => C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (cyberlink) HKLM\...\Run: [Adobe ARM] => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] () HKLM\...\Run: [QuickTime Task] => C:\Program Files\_grafika_multimedia\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM\...\RunOnce: [MONITOR] => C:\Program Files\_do_syst_i_komputera\Advanced Uninstaller PRO - Version 9\LoaderRunOnce.exe [1015696 2008-09-03] () HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [Advanced Uninstaller PRO Installation Monitor] => C:\Program Files\_do_syst_i_komputera\Advanced Uninstaller PRO - Version 9\monitor.exe [1153936 2008-10-31] (Innovative Solutions GRUP SRL) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [PeerBlock] => C:\Program Files\_do_syst_i_komputera\_OCHRONA\PeerBlock\peerblock.exe [1529432 2009-09-28] (PeerBlock, LLC) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [MP3 Skype Recorder] => C:\Program Files\_INNE\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-17] (Alexander Nikiforov) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [uTorrent] => C:\Users\KT\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-03] (BitTorrent Inc.) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [DesktopOK] => J:\Programy_od_2010-11-15\_do_systemu_i_kompa\pulpit\zapisywanie_ustawienia_ikon-na-pulpicie\DesktopOK 3.59\DesktopOK\DesktopOK.exe [139264 2013-07-30] (Nenad Hrg SoftwareOK) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [TheAeroClock] => J:\Programy_od_2010-11-15\_do_systemu_i_kompa\pulpit\zegar_TheAeroClock\TheAeroClock\TheAeroClock.exe [1499136 2014-01-23] (Nenad Hrg (SoftwareOK.com)) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30878816 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Policies\Explorer: [NoDrives] 0x00000000 HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\Policies\Explorer: [NoInternetOpenWith] 0 HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\MountPoints2: {c35fa8b7-013d-11e1-ace3-002215808149} - D:\LaunchU3.exe -a HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess? HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION! HKU\S-1-5-21-914425102-3480758743-2583445526-1000\...\InprocServer32: [Default-pngfilt] <==== ATTENTION! HKU\S-1-5-18\...\Run: [MP3 Skype Recorder] => C:\Program Files\_INNE\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-17] (Alexander Nikiforov) IFEO: [Debugger] "C:\Program Files\_do_syst_i_komputera\TuneUp_2012_portable\TuneUpPortable\App\TuneUp\TUAutoReactivator32.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NCProTray.lnk ShortcutTarget: NCProTray.lnk -> C:\Program Files\SEC\Natural Color Pro\NCProTray.exe (Samsung) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickScan (OpticFilm 8200i).lnk ShortcutTarget: QuickScan (OpticFilm 8200i).lnk -> C:\Program Files\_INNE\Plustek_Skaner\OpticFilm 8200i\QuickScan.exe () Startup: C:\Users\KT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Efficient Man's Organizer Free.lnk ShortcutTarget: Efficient Man's Organizer Free.lnk -> J:\Programy_od_2010-11-15\pamiętniki-elektroniczne\Efficient Man's Organizer Free_portable\EfficientMansOrganizerFree-Port\EfficientMansOrganizerFree.exe (Efficient Software) ShellIconOverlayIdentifiers: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\_do_syst_i_komputera\NERO_Essentials\Nero\Nero8\InCD\NBHShx.dll (Nero AG) BootExecute: PDBoot.exeautocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) URLSearchHook: HKU\S-1-5-21-914425102-3480758743-2583445526-1000 - MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll () SearchScopes: HKU\S-1-5-21-914425102-3480758743-2583445526-1000 -> {12FCEB20-321C-4327-8F7B-7AECB58DEAC2} URL = http://www.google.com/search?hl=pl&q={searchTerms} SearchScopes: HKU\S-1-5-21-914425102-3480758743-2583445526-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-914425102-3480758743-2583445526-1000 -> {CF739809-1C6C-47C0-85B9-569DBB141420} URL = http://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=SS3 BHO: MHTBPos00 Class -> {0C37B053-FD68-456a-82E1-D788EE342E6F} -> C:\Program Files\Family Toolbar\tbcore3.dll () BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: AskBar BHO -> {201f27d4-3704-41d6-89c1-aa35e39143ed} -> C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) Toolbar: HKLM - &Tłumaczenie - {2F7DB8D7-9BE7-4666-901E-F380555BCAC7} - C:\Program Files\_językowe\Russkij Translator\InternetTranslatorRusPol.dll (Techland) Toolbar: HKLM - Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) Toolbar: HKLM - Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll () Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH) Toolbar: HKU\.DEFAULT -> Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll () Toolbar: HKU\S-1-5-21-914425102-3480758743-2583445526-1000 -> Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll () DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\_INNE\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Hosts: 127.0.0.1 secure.tune-up.com Tcpip\Parameters: [DhcpNameServer] 87.204.204.204 62.233.233.233 FireFox: ======== FF ProfilePath: C:\Users\KT\AppData\Roaming\Mozilla\Firefox\Profiles\5bhiq2du.default-1418465667367 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\_INNE\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\_INNE\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\_grafika_multimedia\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.0.313\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF Plugin: @real.com/nppl3260;version=16.0.2.32 -> c:\program files\_grafika_multimedia\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files\_grafika_multimedia\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-05] FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-06-15] FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2014-04-18] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\firefox.exe Chrome: ======= CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\_INNE\Java\jre6\bin\new_plugin\npdeployJava1.dll No File CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\_INNE\Java\jre6\bin\new_plugin\npjp2.dll No File CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (LizardTech DjVu) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\npdjvu.dll (LizardTech) CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\nprpjplug.dll No File CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\npqtplugin6.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\npqtplugin7.dll No File CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\_do_syst_i_komputera\Mozilla Firefox\plugins\nprjplug.dll No File CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File CHR Plugin: (Picasa) - C:\Program Files\_grafika_multimedia\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (Default Plug-in) - default_plugin No File CHR Profile: C:\Users\KT\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (RealDownloader) - C:\Users\KT\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-08-04] CHR Extension: (Google Wallet) - C:\Users\KT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14] CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 AdobeActiveFileMonitor6.0; C:\Program Files\_grafika_multimedia\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-10] () S2 CLKMSVC10_B91CB6D3; C:\Program Files\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET) S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-09-09] (Macrovision Europe Ltd.) [File not signed] R2 FoxitCloudUpdateService; C:\Program Files\_INNE\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242728 2014-07-01] (Foxit Corporation) S4 FreeAgentGoNext Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [189736 2009-09-25] (Seagate Technology LLC) S4 gupdate1ca0981569cd7f9; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-07-20] (Google Inc.) S4 InCDsrv; C:\Program Files\_do_syst_i_komputera\NERO_Essentials\Nero\Nero8\InCD\InCDsrv.exe [1442088 2008-08-08] (Nero AG) R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2011-04-16] (Hewlett-Packard Company) [File not signed] S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.313\McCHSvc.exe [234776 2012-10-26] (McAfee, Inc.) S4 NeroRegInCDSrv; C:\Program Files\_do_syst_i_komputera\NERO_Essentials\Nero\Nero8\InCD\NBHRegInCDSrv.exe [53032 2008-08-08] (Nero AG) R2 PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2216752 2014-08-07] (Raxco Software, Inc.) R2 PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2246448 2014-08-07] (Raxco Software, Inc.) R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH) R2 PMBDeviceInfoProvider; C:\Program Files\_grafika_multimedia\SONY\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2014-06-24] (Sony Corporation) R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] () R2 SBSDWSCService; C:\Program Files\_do_syst_i_komputera\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1151424 2012-06-14] (Western Digital ) R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-06-14] (Western Digital) S2 AcrSch2Svc; "C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe" [X] R2 AdobeARMservice; "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" [X] S2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [X] S2 syncagentsrv; "C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] () R2 DefragFS; C:\Windows\system32\Drivers\DefragFS.sys [104088 2012-09-11] (Raxco Software, Inc.) S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2012-05-28] (Phoenix Technologies) [File not signed] R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET) S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation) [File not signed] R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2014-10-10] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-10-10] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51288 2014-10-10] (ESET) S3 EverestDriver; E:\Programy_portable_i_inne\Everest\everestultimate_build_2149\kerneld.wnt [27760 2010-05-20] () S4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [128424 2008-08-08] (Nero AG) R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [38952 2008-08-08] (Nero AG) R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [40488 2008-08-08] (Nero AG) S3 INIDVD; C:\Windows\System32\DRIVERS\inidvd.sys [7936 2007-11-07] (Initio Corporation) [File not signed] R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [209016 2013-05-31] (QFX Software Corporation) R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [47104 2009-07-13] (Atheros Communications, Inc.) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] () R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [150568 2008-06-10] (Marvell Semiconductor, Inc.) S3 pbfilter; C:\Program Files\_do_syst_i_komputera\_OCHRONA\PeerBlock\pbfilter.sys [16472 2009-09-28] () R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [207280 2009-09-23] (PC Tools) R2 PDFSFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [69016 2012-08-23] (Raxco Software, Inc.) R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [59388 2010-04-12] (PowerISO Computing, Inc.) [File not signed] R1 Spyshelter; C:\Program Files\_do_syst_i_komputera\SpyShelter Personal Free\SpyShelter.sys [344928 2014-07-01] (SpyShelter) [File not signed] R0 tib; C:\Windows\System32\DRIVERS\tib.sys [736192 2014-09-02] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [130488 2014-09-02] (Acronis) R3 TPLINKUDSMBus; C:\Windows\System32\Drivers\TPLINKUDSMBus.sys [92160 2012-06-15] (Windows (R) Codename Longhorn DDK provider) [File not signed] S3 TPLINKUDSTcpBus; C:\Windows\System32\Drivers\TPLINKUDSTcpBus.sys [151296 2012-06-15] (Windows (R) Codename Longhorn DDK provider) [File not signed] S3 V0420VID; C:\Windows\System32\DRIVERS\V0420Vid.sys [99648 2007-05-31] (Creative Technology Ltd.) R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [116000 2014-09-02] (Acronis International GmbH) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [85280 2014-09-02] (Acronis International GmbH) S2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [31280 2009-03-26] (VMware, Inc.) S3 RTL8192cu; system32\DRIVERS\RTL8192cu.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-13 20:46 - 2014-12-13 20:47 - 00000000 ____D () C:\FRST 2014-12-13 13:50 - 2014-12-13 13:50 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-13 13:50 - 2014-12-13 13:50 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-13 13:50 - 2014-12-13 13:50 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-13 13:50 - 2014-12-13 13:50 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-13 13:50 - 2014-12-13 13:50 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-12-13 13:50 - 2014-12-13 13:50 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-12-13 13:50 - 2014-12-13 13:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-12-13 13:50 - 2014-12-13 13:50 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-12-13 13:50 - 2014-12-13 13:50 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-13 13:50 - 2014-12-13 13:50 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-12-13 13:50 - 2014-12-13 13:50 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-12-13 13:50 - 2014-12-13 13:50 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-12-13 13:50 - 2014-12-13 13:50 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-12-13 13:50 - 2014-12-13 13:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-12-13 13:50 - 2014-12-13 13:50 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-12-13 13:50 - 2014-12-13 13:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-12-13 13:50 - 2014-12-13 13:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-12-13 13:48 - 2014-12-13 13:55 - 00009954 _____ () C:\Windows\IE11_main.log 2014-12-13 13:40 - 2014-12-13 13:47 - 00010302 _____ () C:\Windows\IE10_main.log 2014-12-13 13:36 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-12-13 13:36 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-12-13 13:36 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-12-13 13:36 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-12-13 13:36 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-12-13 13:05 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-13 13:05 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-12-13 13:05 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-12-13 13:05 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-13 13:05 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-12-13 13:05 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-12-13 13:05 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-12-13 13:05 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-12-13 13:05 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-12-13 13:05 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-12-13 13:05 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-12-13 13:05 - 2014-08-29 02:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-12-13 13:05 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-12-13 13:05 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-12-13 13:05 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-12-13 13:05 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-12-13 13:05 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-12-13 13:05 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-12-13 13:05 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-12-13 13:05 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-12-13 13:05 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-12-13 13:04 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-12-13 13:04 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2014-12-13 13:04 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-12-13 13:04 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-12-13 13:04 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-12-13 13:04 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-12-13 13:04 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-12-13 13:04 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-12-13 13:04 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-12-13 13:04 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-12-13 13:04 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-12-13 13:04 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-12-13 13:04 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-12-13 13:04 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-12-13 13:04 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-12-13 13:04 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-12-13 13:04 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-12-13 13:04 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-12-13 13:04 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-12-13 13:04 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-12-13 12:59 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-12-13 12:59 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-13 12:59 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2014-12-13 12:59 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2014-12-13 12:59 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2014-12-13 12:52 - 2014-12-13 12:52 - 00001754 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-12-13 12:52 - 2014-12-13 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-12-13 12:50 - 2014-12-13 12:52 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB 2014-12-13 12:50 - 2014-12-13 12:52 - 00000000 ____D () C:\Program Files\iTunes 2014-12-13 12:50 - 2014-12-13 12:50 - 00000000 ____D () C:\Program Files\iPod 2014-12-13 12:44 - 2014-12-13 12:44 - 00001984 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-12-13 12:44 - 2014-12-13 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-12-13 12:41 - 2014-12-13 12:41 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-12-13 12:41 - 2014-12-13 12:41 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-12-13 12:41 - 2014-12-13 12:41 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-12-13 12:41 - 2014-12-13 12:41 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-12-13 12:41 - 2014-12-13 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-12-13 12:33 - 2014-12-13 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2014-12-13 12:33 - 2014-12-13 12:33 - 00000000 ____D () C:\ProgramData\ESET 2014-12-13 12:33 - 2014-12-13 12:33 - 00000000 ____D () C:\Program Files\ESET 2014-11-18 14:56 - 2014-11-18 14:56 - 01202848 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-13 20:47 - 2009-06-05 20:07 - 00000000 ____D () C:\Users\KT\AppData\Roaming\uTorrent 2014-12-13 20:45 - 2009-06-09 22:55 - 00000000 ____D () C:\Users\KT\AppData\Roaming\Skype 2014-12-13 20:33 - 2014-09-16 08:49 - 00550922 _____ () C:\Windows\setupact.log 2014-12-13 20:28 - 2010-07-29 01:06 - 00010048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-13 20:28 - 2010-07-29 01:06 - 00010048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-13 20:26 - 2014-09-11 10:42 - 01587823 _____ () C:\Windows\WindowsUpdate.log 2014-12-13 20:11 - 2010-11-03 17:47 - 00000000 ____D () C:\ProgramData\TEMP 2014-12-13 19:46 - 2013-05-18 17:52 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-12-13 19:46 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-13 14:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-12-13 14:23 - 2009-07-14 05:33 - 03878056 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-13 14:22 - 2011-01-01 19:43 - 00000000 ____D () C:\Windows\Panther 2014-12-13 14:15 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-12-13 13:56 - 2009-09-13 21:08 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-13 13:29 - 2013-08-02 09:07 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-13 12:50 - 2010-07-25 14:47 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-12-13 12:44 - 2009-06-19 12:28 - 00000000 ____D () C:\Program Files\_grafika_multimedia 2014-12-13 12:41 - 2012-04-23 09:07 - 00000000 ____D () C:\Program Files\Java 2014-12-13 12:15 - 2009-06-09 22:55 - 00000000 ___RD () C:\Program Files\Skype 2014-12-13 12:15 - 2009-06-09 22:55 - 00000000 ____D () C:\ProgramData\Skype 2014-12-13 12:08 - 2011-08-30 10:11 - 00000000 ____D () C:\Windows\Minidump 2014-12-13 12:08 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\Msdtc 2014-12-13 11:14 - 2014-09-16 20:18 - 00000000 ____D () C:\Users\KT\Desktop\Stare dane programu Firefox 2014-12-13 11:12 - 2011-01-01 19:52 - 00000000 ____D () C:\Users\KT 2014-12-13 11:11 - 2009-07-14 05:53 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-11-27 16:40 - 2011-01-11 19:48 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-24 14:04 - 2009-10-03 06:53 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe Some content of TEMP: ==================== C:\Users\KT\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe C:\Users\KT\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-17 09:43 ==================== End Of Log ============================