Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-02-2015 Ran by Przemek (administrator) on SPECIAL-XP on 08-02-2015 13:54:56 Running from C:\Documents and Settings\Przemek\Moje dokumenty Loaded Profiles: Przemek (Available profiles: Przemek & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE () C:\Program Files\Gaming Keyboard\Monitor.EXE (Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe () C:\Program Files\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe (GerixSoft, Ltd.) C:\Program Files\IndieVolume\IndieVolume.GUI.exe () C:\Program Files\screenSHU\screenSHU.exe (Methlabs) C:\Program Files\PeerGuardian2\pg2.exe (Flux Software LLC) C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\FluxSoftware\Flux\flux.exe () C:\Program Files\Gaming Keyboard\OSD.exe (AgileBits) C:\Program Files\1Password\Agile1pService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe () C:\Program Files\Dokan\DokanLibrary\mounter.exe (Foxit Corporation) C:\Program Files\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe (Teruten) C:\WINDOWS\system32\FsUsbExService.Exe (Hi-Rez Studios) E:\Program Files\Hi-Rez Studios\HiPatchService.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (PACE Anti-Piracy, Inc.) C:\Program Files\Common Files\PACE\Services\LicenseServices\LDSvc.exe (HP) C:\WINDOWS\system32\HPZipm12.exe () C:\WINDOWS\system32\PnkBstrA.exe () C:\WINDOWS\system32\PnkBstrB.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Opera Software) C:\Program Files\Opera\27.0.1689.66\opera.exe () C:\Program Files\Opera\27.0.1689.66\opera_crashreporter.exe (Opera Software) C:\Program Files\Opera\27.0.1689.66\opera.exe (Opera Software) C:\Program Files\Opera\27.0.1689.66\opera.exe (Opera Software) C:\Program Files\Opera\27.0.1689.66\opera.exe (Opera Software) C:\Program Files\Opera\27.0.1689.66\opera.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20065936 2012-06-06] (Realtek Semiconductor Corp.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM\...\Run: [Gaming Keyboard] => C:\Program Files\Gaming Keyboard\Monitor.exe [770048 2013-02-19] () HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-07-02] () HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [718688 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.) HKLM\...\Run: [amd_dc_opt] => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2015-02-03] (AMD) Winlogon\Notify\LMIinit: C:\WINDOWS\system32\LMIinit.dll (3am Labs, Inc.) HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-19\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-20\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-21-1844237615-1060284298-682003330-1006\...\Run: [OscarX7Mouse5Mode] => C:\Program Files\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [3509248 2011-06-02] () HKU\S-1-5-21-1844237615-1060284298-682003330-1006\...\Run: [IndieVolume] => C:\Program Files\IndieVolume\IndieVolume.GUI.exe [1807872 2008-10-25] (GerixSoft, Ltd.) HKU\S-1-5-21-1844237615-1060284298-682003330-1006\...\Run: [screenSHU] => C:\Program Files\screenSHU\screenSHU.exe [2112000 2013-09-04] () HKU\S-1-5-21-1844237615-1060284298-682003330-1006\...\Run: [PeerGuardian] => C:\Program Files\PeerGuardian2\pg2.exe [1175552 2005-04-23] (Methlabs) HKU\S-1-5-21-1844237615-1060284298-682003330-1006\...\Run: [f.lux] => C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC) HKU\S-1-5-21-1844237615-1060284298-682003330-1006\...\MountPoints2: {0719cb32-0ba3-11e1-9038-001a4d80fdb9} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL \RECYCLER\S-8-1-76-4130343047-1461808310-533642671-6600\GLcnOtjg.exe HKU\S-1-5-21-1844237615-1060284298-682003330-1006\...\MountPoints2: {3fd69a7c-d673-11e1-8c3e-001a4d80fdb9} - O:\RunClubSanDisk.exe HKU\S-1-5-21-1844237615-1060284298-682003330-1006\...\MountPoints2: {e500d562-ee8d-11e1-8c7a-001a4d80fdb9} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL \RECYCLER\S-4-7-57-2440425638-2113657511-755132144-4045\uJAkhoTy.exe HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-18\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-18\...\RunOnce: [tscuninstall] => %systemroot%\system32\tscupgrd.exe ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1844237615-1060284298-682003330-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: 1Password -> {CB1A24DA-7416-4921-A0CF-5AA1160AAE2A} -> C:\Program Files\1Password\Agile1pIE.dll (AgileBits) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 01 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\..\Interfaces\{904FC9CB-315A-4432-A3CF-19729AB59B57}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{D902D8CF-A730-4A76-BC73-D229AA38FB61}: [NameServer] 8.8.4.4,8.8.8.8 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\wz4nq7r0.default FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) StartMenuInternet: FIREFOX.EXE - E:\Program Files\Firefox\firefox.exe Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com CHR StartupUrls: Default -> "hxxp://www.google.com" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-10] CHR Extension: (Magic Actions for YouTube™) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-12-10] CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-10] CHR Extension: (Dysk Google) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-10] CHR Extension: (YouTube) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-10] CHR Extension: (Adblock Plus) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-10] CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-10] CHR Extension: (ZenMate Security & Privacy VPN) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-01-22] CHR Extension: (Arkusze Google) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-10] CHR Extension: (Google Wallet) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-10] CHR Extension: (Enhanced Steam) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2015-01-21] CHR Extension: (Click&Clean App) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-12-10] CHR Extension: (Gmail) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-10] StartMenuInternet: chrome.exe - C:\Documents and Settings\Bee!\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe Opera: ======= OPR Extension: (YouTube Center) - C:\Documents and Settings\Przemek\Dane aplikacji\Opera Software\Opera Stable\Extensions\cdcifocibecgcgigbanojipblimlaoij [2014-12-10] OPR Extension: (Magic Actions for YouTube™) - C:\Documents and Settings\Przemek\Dane aplikacji\Opera Software\Opera Stable\Extensions\nlffnljnicbkfhnlomjhjlebndachaka [2014-12-10] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2015-01-26] (Adobe Systems Incorporated) [File not signed] R2 Agile1Password; C:\Program Files\1Password\Agile1pService.exe [768784 2013-06-03] (AgileBits) S2 AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [136648 2012-06-25] () R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.) R2 DokanMounter; C:\Program Files\Dokan\DokanLibrary\mounter.exe [25088 2011-01-10] () [File not signed] R2 FoxitCloudUpdateService; C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [242216 2014-05-15] (Foxit Corporation) R2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [233472 2013-07-18] (Teruten) [File not signed] S3 GPPService; C:\Program Files\GPPSoft\GPP Remote Server\GPP Remote Service.exe [30720 2013-10-02] (Gorlo Pavel Programming. GPP©) [File not signed] R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1845096 2015-01-20] (LogMeIn Inc.) S2 HDDHealth; C:\Program Files\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [File not signed] R2 HiPatchService; E:\Program Files\Hi-Rez Studios\HiPatchService.exe [8704 2012-10-26] (Hi-Rez Studios) [File not signed] S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2015-02-03] (Intel Corporation) [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2015-02-03] (Macrovision Corporation) [File not signed] R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-10-11] (Oracle Corporation) R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-01-14] (LogMeIn, Inc.) S4 LMIMaint; C:\Program Files\LogMeIn\RaMaint.exe [58096 2005-10-03] (3am Labs, Inc.) S4 LogMeIn; C:\Program Files\LogMeIn\LogMeIn.exe [1565424 2005-10-03] (3am Labs, Inc.) S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) S4 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2012-08-21] (Overwolf Ltd) R2 PaceLicenseDServices; C:\Program Files\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [File not signed] R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [126976 2013-03-04] (HP) [File not signed] R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2014-10-07] () R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [189248 2014-10-07] () S4 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S4 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-03-03] (Ulead Systems, Inc.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-07-01] (Advanced Micro Devices) R2 AODDriver4.2.0; C:\Program Files\AMD\OverDrive\i386\AODDriver2.sys [48296 2012-06-25] (Advanced Micro Devices) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R2 Dokan; C:\WINDOWS\system32\drivers\dokan.sys [91904 2011-01-10] (Windows (R) Win 7 DDK provider) [File not signed] S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2013-05-04] (Phoenix Technologies) [File not signed] R3 EuMusDesignVirtualAudioCableWdm; C:\WINDOWS\System32\DRIVERS\vrtaucbl.sys [50728 2013-06-16] (Eugene V. Muzychenko) R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed] S3 gdrv; C:\WINDOWS\gdrv.sys [14656 2013-03-24] (Windows (R) Codename Longhorn DDK provider) R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP) S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP) S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP) S3 LGDDCDevice; C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2009-04-24] () [File not signed] S3 LGII2CDevice; C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2009-04-24] () [File not signed] R2 LMIInfo; C:\Program Files\LogMeIn\RaInfo.sys [11112 2005-10-03] (3am Labs Ltd.) R3 LMImirr; C:\WINDOWS\System32\DRIVERS\LMImirr.sys [2560 2005-10-03] (3am Labs, Inc.) [File not signed] R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-08] (Malwarebytes Corporation) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) S3 NtApm; C:\WINDOWS\System32\DRIVERS\NtApm.sys [9600 2001-10-26] (Microsoft Corporation) R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [105472 2006-10-18] (NVIDIA Corporation) R0 nvatabus; C:\WINDOWS\system32\Drivers\nvatabus.sys [105344 2008-05-02] (NVIDIA Corporation) [File not signed] R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [58368 2006-11-27] (NVIDIA Corporation) R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2010-04-08] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [19968 2006-11-27] (NVIDIA Corporation) S3 PCANDIS5; C:\Program Files\Win Sniffer\pcandis5.sys [16068 2000-10-15] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] R3 pgfilter; C:\Program Files\PeerGuardian2\pgfilter.sys [5632 2005-04-23] () [File not signed] S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [15688 2013-09-30] () S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10320 2013-09-30] () S3 RTCore32; E:\Program Files\MSI Afterburner\RTCore32.sys [5632 2011-09-06] () [File not signed] R0 Si3112; C:\WINDOWS\system32\Drivers\Si3112.sys [62208 2008-05-02] (Silicon Image, Inc.) [File not signed] S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13464 2014-11-07] () S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [33512 2013-03-29] (AnchorFree Inc) R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361344 2008-05-02] (Microsoft Corporation) [File not signed] R0 TPkd; C:\WINDOWS\system32\Drivers\TPkd.sys [93336 2012-05-16] (PACE Anti-Piracy, Inc.) S3 vncmirror; C:\WINDOWS\System32\DRIVERS\vncmirror.sys [4608 2011-08-18] (RealVNC Ltd.) S3 WinRing0_1_2_0; E:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-08-01] (OpenLibSys.org) R3 WmBEnum; C:\WINDOWS\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.) S3 WmFilter; C:\WINDOWS\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.) S3 WmVirHid; C:\WINDOWS\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.) R3 WmXlCore; C:\WINDOWS\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.) S3 ESEADriver2; \??\C:\DOCUME~1\Przemek\USTAWI~1\Temp\ESEADriver2.sys [X] S4 IntelIde; No ImagePath S3 RivaTuner32; \??\C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys [X] S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-08 13:54 - 2015-02-08 13:55 - 00023003 _____ () C:\Documents and Settings\Przemek\Moje dokumenty\FRST.txt 2015-02-08 13:53 - 2015-02-08 13:53 - 00380416 _____ () C:\Documents and Settings\Przemek\Moje dokumenty\pohsdssl.exe 2015-02-08 13:48 - 2015-02-08 13:48 - 00532136 _____ (Duplex Secure Ltd) C:\Documents and Settings\Przemek\Moje dokumenty\SPTDinst-v187-x86.exe 2015-02-08 13:35 - 2015-02-08 13:35 - 01124352 _____ (Farbar) C:\Documents and Settings\Przemek\Moje dokumenty\FRST.exe 2015-02-08 13:35 - 2015-02-08 13:35 - 00380416 _____ () C:\Documents and Settings\Przemek\Moje dokumenty\xcmv2cpo.exe 2015-02-04 04:18 - 2015-02-04 04:18 - 06933238 _____ () C:\1.txt 2015-02-03 11:34 - 2015-02-03 11:34 - 00000000 ____D () C:\Program Files\LSoft Technologies 2015-02-03 11:34 - 2015-02-03 11:34 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Active@ ISO Burner 2015-02-03 11:34 - 2015-02-03 11:22 - 315854848 _____ () C:\Documents and Settings\Przemek\Pulpit\\kav_rescue_10.iso 2015-02-02 19:51 - 2015-02-03 22:12 - 01178624 _____ (CPUID) C:\Documents and Settings\Przemek\Dane aplikacji\siw_sdk.dll 2015-02-02 19:51 - 2015-02-02 19:51 - 00025088 _____ (xaitax-security) C:\Documents and Settings\Przemek\xxpoof.exe 2015-02-02 19:11 - 2015-02-08 13:54 - 00000000 ____D () C:\FRST 2015-02-02 18:48 - 2015-02-02 18:48 - 00007435 _____ () C:\1mb.txt 2015-02-02 18:34 - 2015-02-02 18:34 - 00000777 _____ () C:\Documents and Settings\All Users\Pulpit\\Malwarebytes Anti-Malware.lnk 2015-02-02 15:55 - 2015-02-02 15:55 - 00000000 ____D () C:\Documents and Settings\Przemek\Menu Start\Programy\GTA SA PATCH 1.00us 2015-01-28 19:53 - 2015-01-28 19:53 - 00019365 _____ () C:\Documents and Settings\Przemek\Pulpit\\nkmnknknk.aup 2015-01-28 19:53 - 2015-01-28 19:53 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit\\nkmnknknk_data 2015-01-28 19:51 - 2015-01-28 19:51 - 00017816 _____ () C:\Documents and Settings\Przemek\Pulpit\\jkljkl.aup 2015-01-28 19:51 - 2015-01-28 19:51 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit\\jkljkl_data 2015-01-28 19:49 - 2015-01-28 19:49 - 00018760 _____ () C:\Documents and Settings\Przemek\Pulpit\\cvcvcv.aup 2015-01-28 19:49 - 2015-01-28 19:49 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit\\cvcvcv_data 2015-01-28 19:42 - 2015-01-28 19:43 - 00017305 _____ () C:\Documents and Settings\Przemek\Pulpit\\IduBeats - Happy Silly Trumpet Rap Beat Hip Hop Instrumental 2014 - Cierren La Boca.aup 2015-01-28 19:42 - 2015-01-28 19:42 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit\\IduBeats - Happy Silly Trumpet Rap Beat Hip Hop Instrumental 2014 - Cierren La Boca_data 2015-01-28 15:07 - 2015-01-28 15:07 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi 2015-01-28 15:07 - 2015-01-28 15:07 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi 2015-01-24 18:02 - 2015-01-24 18:02 - 00041606 _____ () C:\Documents and Settings\Przemek\Moje dokumenty\Paranormal_Activity_1-4_2007-2012_BluRay_720p_x264_aac_jbr_p.torrent 2015-01-19 16:17 - 2015-01-19 16:17 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit\\s 2015-01-17 17:15 - 2015-01-17 17:15 - 00000000 ____D () C:\Documents and Settings\Przemek\Moje dokumenty\Adobe Scripts 2015-01-17 17:04 - 2015-01-17 19:28 - 00429488 _____ () C:\Documents and Settings\Przemek\Pulpit\\setup.exe 2015-01-17 16:55 - 2015-01-17 16:55 - 00000910 _____ () C:\WINDOWS\KB893803v2.log 2015-01-17 16:53 - 2015-01-30 19:35 - 00000000 ____D () C:\Documents and Settings\Przemek\Menu Start\Programy\LS-RP Launcher 2015-01-17 16:53 - 2015-01-17 16:53 - 00000336 _____ () C:\Documents and Settings\Przemek\Pulpit\\LS-RP Launcher.appref-ms 2015-01-14 20:17 - 2015-01-14 20:17 - 01196845 _____ () C:\WINDOWS\unins002.exe 2015-01-14 20:05 - 2015-01-14 20:05 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Sanny Builder 3 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-08 13:55 - 2014-11-09 11:20 - 00000000 ____D () C:\Program Files\PeerGuardian2 2015-02-08 13:55 - 2014-06-04 18:14 - 00000000 ____D () C:\Documents and Settings\Przemek\Ustawienia lokalne\Temp 2015-02-08 13:54 - 2011-10-08 20:26 - 00000000 ___RD () C:\Documents and Settings\Przemek\Moje dokumenty 2015-02-08 13:51 - 2012-09-16 08:16 - 01890882 _____ () C:\WINDOWS\WindowsUpdate.log 2015-02-08 13:50 - 2014-12-10 20:27 - 00000448 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1418239668.job 2015-02-08 13:50 - 2014-12-10 16:24 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cc8d90f7123778.job 2015-02-08 13:50 - 2013-12-29 14:20 - 00000000 ____D () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\screenSHU 2015-02-08 13:50 - 2013-01-22 19:39 - 00000157 _____ () C:\WINDOWS\wiadebug.log 2015-02-08 13:50 - 2013-01-22 19:39 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-02-08 13:50 - 2011-10-08 20:26 - 00000000 ____D () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi 2015-02-08 13:50 - 2011-10-08 11:19 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi 2015-02-08 13:49 - 2011-10-08 10:56 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-02-08 13:48 - 2013-01-22 19:38 - 00032468 _____ () C:\WINDOWS\SchedLgU.Txt 2015-02-08 13:48 - 2011-10-08 20:26 - 00000188 ___SH () C:\Documents and Settings\Przemek\ntuser.ini 2015-02-08 13:47 - 2012-02-08 17:32 - 00000000 ____D () C:\Program Files\Opera 2015-02-08 13:37 - 2014-11-30 18:58 - 00598117 _____ () C:\WINDOWS\setupapi.log 2015-02-08 13:37 - 2011-10-08 12:49 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-02-08 13:37 - 2011-10-08 12:49 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-02-08 13:33 - 2014-12-10 16:24 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cc8d90f722e7ee.job 2015-02-08 13:30 - 2014-08-15 02:37 - 01439912 _____ () C:\WINDOWS\system32\nvdrsdb0.bin 2015-02-08 13:30 - 2014-08-15 02:37 - 00000001 _____ () C:\WINDOWS\system32\nvdrssel.bin 2015-02-08 13:29 - 2014-04-26 11:23 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-02-08 13:28 - 2001-07-21 23:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-02-04 01:04 - 2013-03-07 20:34 - 00000000 ____D () C:\portlistner 2015-02-04 01:03 - 2013-08-21 13:15 - 00000000 ____D () C:\Windrop 2015-02-04 01:03 - 2002-01-05 03:38 - 00054784 _____ (Microsoft Corporation) C:\msvci70.dll 2015-02-04 00:22 - 2013-11-21 16:43 - 00000000 ____D () C:\Program Files\foobar2000 2015-02-04 00:21 - 2011-10-08 11:16 - 00000000 ____D () C:\Program Files\WinRAR 2015-02-04 00:19 - 2013-02-06 19:30 - 00000000 ____D () C:\Program Files\Traffic Simulator Configuration Tool 2015-02-04 00:17 - 2014-04-21 13:31 - 00000000 ____D () C:\Program Files\Sprill Wodne Przygody 2015-02-04 00:13 - 2012-03-31 18:45 - 00000000 ____D () C:\Program Files\RegCleaner 2015-02-04 00:12 - 2012-01-06 15:01 - 00000000 ____D () C:\Program Files\QuickTime 2015-02-04 00:07 - 2011-10-08 10:52 - 00000000 ____D () C:\Program Files\NetMeeting 2015-02-03 23:53 - 2012-09-02 16:06 - 00000000 ____D () C:\Program Files\HD Tune 2015-02-03 23:52 - 2012-11-17 11:35 - 00000000 ____D () C:\Program Files\Graffiti Studio 2.0 2015-02-03 23:50 - 2011-11-05 12:33 - 00000000 ____D () C:\Program Files\FileServe Manager 2015-02-03 22:22 - 2011-10-12 14:33 - 00000000 ____D () C:\Fraps 2015-02-03 22:14 - 2012-12-08 12:38 - 00000000 ____D () C:\Documents and Settings\Przemek\Moje dokumenty\watek-negatyw-zamknal-konto21_pliki 2015-02-03 22:14 - 2012-12-08 12:37 - 00000000 ____D () C:\Documents and Settings\Przemek\Moje dokumenty\watek-negatyw-zamknal-konto8_pliki 2015-02-03 22:14 - 2012-12-08 12:36 - 00000000 ____D () C:\Documents and Settings\Przemek\Moje dokumenty\watek-negatyw-zamknal-konto3_pliki 2015-02-03 22:14 - 2012-12-08 12:35 - 00000000 ____D () C:\Documents and Settings\Przemek\Moje dokumenty\watek-negatyw-zamknal-konto2_pliki 2015-02-03 22:14 - 2012-12-08 12:35 - 00000000 ____D () C:\Documents and Settings\Przemek\Moje dokumenty\watek-negatyw-zamknal-konto_pliki 2015-02-03 22:13 - 2014-05-27 22:19 - 00000000 ____D () C:\Documents and Settings\Przemek\Moje dokumenty\usa 2015-02-03 22:13 - 2012-12-08 12:38 - 00000000 ____D () C:\Documents and Settings\Przemek\Moje dokumenty\watek-negatyw-zamknal-konto20_pliki 2015-02-03 22:13 - 2012-12-08 12:38 - 00000000 ____D () C:\Documents and Settings\Przemek\Moje dokumenty\watek-negatyw-zamknal-konto19_pliki 2015-02-03 22:13 - 2012-12-08 12:38 - 00000000 ____D () C:\Documents and Settings\Przemek\Moje dokumenty\watek-negatyw-zamknal-konto18_pliki 2015-02-03 22:13 - 2012-12-08 12:37 - 00000000 ____D () C:\Documents and Settings\Przemek\Moje dokumenty\watek-negatyw-zamknal-konto11_pliki 2015-02-03 22:13 - 2012-12-08 12:37 - 00000000 ____D () C:\Documents and Settings\Przemek\Moje dokumenty\watek-negatyw-zamknal-konto10_pliki 2015-02-03 22:12 - 2011-10-08 20:26 - 00000000 ___RD () C:\Documents and Settings\Przemek\Menu Start\Programy\Autostart 2015-02-03 11:34 - 2011-10-08 20:26 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit 2015-02-03 11:30 - 2011-12-24 16:09 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\Skype 2015-02-03 11:22 - 2014-08-15 02:31 - 00020214 _____ () C:\WINDOWS\system32\nvAppTimestamps 2015-02-03 10:44 - 2014-12-10 20:33 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-02-03 10:33 - 2014-12-10 16:25 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\\Google Chrome.lnk 2015-02-03 10:21 - 2012-09-01 17:51 - 00000000 ____D () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Deployment 2015-02-03 10:20 - 2014-08-30 20:37 - 00002267 _____ () C:\Documents and Settings\All Users\Pulpit\\Skype.lnk 2015-02-03 10:02 - 2014-08-15 13:39 - 00000000 ____D () C:\Program Files\RJ TextEd 2015-02-03 00:19 - 2012-11-04 16:54 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\AIMP3 2015-02-02 22:31 - 2014-08-15 02:37 - 01436804 _____ () C:\WINDOWS\system32\nvdrsdb1.bin 2015-02-02 19:51 - 2014-02-10 17:50 - 00000000 ____D () C:\Program Files\e-Deklaracje 2015-02-02 19:51 - 2013-08-21 15:53 - 00000000 ____D () C:\Program Files\SnadBoy's Revelation v2 2015-02-02 19:51 - 2012-03-25 17:52 - 00000000 ____D () C:\Program Files\Audacity 2015-02-02 19:51 - 2011-11-03 19:08 - 00000000 ____D () C:\Program Files\SIW 2015-02-02 19:51 - 2011-10-08 20:26 - 00000000 __RHD () C:\Documents and Settings\Przemek\Dane aplikacji 2015-02-02 19:51 - 2011-10-08 20:26 - 00000000 ____D () C:\Documents and Settings\Przemek 2015-02-02 18:34 - 2014-04-26 11:52 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2015-02-02 18:34 - 2014-04-26 11:52 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware 2015-02-02 15:55 - 2011-10-08 20:26 - 00000000 ___RD () C:\Documents and Settings\Przemek\Menu Start\Programy 2015-02-01 19:38 - 2014-07-16 12:37 - 00000216 _____ () C:\Documents and Settings\Przemek\Pulpit\\Unturned.url 2015-02-01 19:35 - 2014-07-24 10:32 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\.minecraft 2015-02-01 16:19 - 2011-11-19 21:08 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\uTorrent 2015-01-31 23:32 - 2014-12-10 20:33 - 00000892 _____ () C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-01-31 16:29 - 2011-10-08 20:26 - 00000000 ___HD () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji 2015-01-30 19:33 - 2011-10-09 20:01 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\TS3Client 2015-01-30 14:41 - 2011-10-08 10:53 - 00000000 ____D () C:\WINDOWS\system32\DirectX 2015-01-29 14:32 - 2014-12-10 16:30 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Drive 2015-01-28 20:28 - 2012-03-25 17:52 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\Audacity 2015-01-28 18:33 - 2014-12-12 14:13 - 00216498 _____ () C:\WINDOWS\DPINST.LOG 2015-01-28 18:33 - 2011-10-08 11:08 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups 2015-01-26 16:44 - 2014-12-10 20:33 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-01-26 16:44 - 2014-12-10 20:33 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-01-22 16:58 - 2014-05-19 22:49 - 00532924 _____ () C:\Documents and Settings\Przemek\Pulpit\\Bez nazwy-1.psd 2015-01-22 16:58 - 2011-10-08 12:48 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-01-17 18:11 - 2014-08-16 22:09 - 00000620 _____ () C:\Documents and Settings\Przemek\Pulpit\\samp.exe.lnk 2015-01-14 20:17 - 2014-12-26 19:54 - 00029562 _____ () C:\WINDOWS\unins002.dat 2015-01-14 11:32 - 2012-02-06 10:25 - 00026176 ____H (LogMeIn, Inc.) C:\WINDOWS\system32\hamachi.sys 2015-01-13 20:44 - 2011-10-08 10:56 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia ==================== Files in the root of some directories ======= 2012-01-21 19:53 - 2012-01-21 19:53 - 0487770 _____ () C:\Documents and Settings\Przemek\Dane aplikacji\Fallen Earth_2.54.2.0_2012-01-21-18-53.dmp 2012-01-20 21:45 - 2012-01-20 21:45 - 0146081 _____ () C:\Documents and Settings\Przemek\Dane aplikacji\icarus-dxdiag.xml 2011-11-21 20:15 - 2014-10-07 17:32 - 0138056 _____ () C:\Documents and Settings\Przemek\Dane aplikacji\PnkBstrK.sys 2013-01-01 17:57 - 2013-01-01 17:57 - 0000132 _____ () C:\Documents and Settings\Przemek\Dane aplikacji\Preferencje Adobe CS5 dla formatu GIF 2011-11-09 16:04 - 2014-12-23 16:48 - 0000132 ____C () C:\Documents and Settings\Przemek\Dane aplikacji\Preferencje Adobe CS5 dla formatu PNG 2011-10-15 14:23 - 2011-10-15 14:46 - 0214016 _____ () C:\Documents and Settings\Przemek\Dane aplikacji\SharedSettings.ccs 2015-02-02 19:51 - 2015-02-03 22:12 - 1178624 _____ (CPUID) C:\Documents and Settings\Przemek\Dane aplikacji\siw_sdk.dll 2011-10-27 13:24 - 2012-11-13 19:24 - 0000048 _____ () C:\Documents and Settings\Przemek\Dane aplikacji\TheHunterSettings_live.cfg 2011-12-04 19:08 - 2011-12-04 19:12 - 0000042 _____ () C:\Documents and Settings\Przemek\Dane aplikacji\TheHunterSettings_local.cfg 2011-10-12 14:36 - 2014-10-10 15:17 - 0200192 _____ () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-02-04 16:36 - 2013-02-04 16:36 - 0000058 _____ () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DonationCoder_ScreenshotCaptor_InstallInfo.dat 2012-05-06 15:53 - 2012-05-06 15:53 - 0000132 _____ () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\fusioncache.dat 2014-06-15 16:04 - 2014-06-15 16:04 - 0000001 _____ () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\llftool.4.40.agreement 2014-05-05 17:09 - 2014-05-05 17:09 - 0000000 ___SH () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\LumaEmu 2013-09-19 15:12 - 2013-09-19 15:20 - 0000600 _____ () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\PUTTY.RND Files to move or delete: ==================== C:\Documents and Settings\Przemek\xxpoof.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================