Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-02-2015 Ran by Kuba i Michał (administrator) on KWIATKOW-BS58FY on 14-02-2015 21:43:48 Running from D:\Documents and Settings\Kuba i Michał\Pulpit Loaded Profiles: Kuba i Michał & bot & Administrator (Available profiles: Kuba i Michał & bot & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Nero AG) D:\Program Files\Ahead\InCD\InCDsrv.exe (Microsoft Corporation) D:\WINDOWS\system32\rundll32.exe (Google Inc.) D:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe (ABBYY InfoPoisk LLC) E:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2015\avgwdsvc.exe (BlueStack Systems, Inc.) D:\Program Files\BlueStacks\HD-LogRotatorService.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2015\avgui.exe () D:\Program Files\AVG Web TuneUp\vprot.exe (BlueStack Systems, Inc.) D:\Program Files\BlueStacks\HD-UpdaterService.exe (Realtek Semiconductor Corp.) D:\WINDOWS\RTHDCPL.EXE (Oracle Corporation) D:\Program Files\Common Files\Java\Java Update\jusched.exe (Adobe Systems Incorporated) D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Microsoft Corporation) D:\Program Files\Microsoft ActiveSync\wcescomm.exe (SEIKO EPSON CORPORATION) D:\Documents and Settings\All Users\Dane aplikacji\EPSON\EPW!3 SSRP\E_S40ST7.EXE (Sony Ericsson Mobile Communications AB) C:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Microsoft Corporation) D:\Program Files\Microsoft ActiveSync\rapimgr.exe (SEIKO EPSON CORPORATION) D:\Documents and Settings\All Users\Dane aplikacji\EPSON\EPW!3 SSRP\E_S40RP7.EXE (Beepa P/L) D:\Fraps\fraps.exe (Microsoft Corporation) D:\WINDOWS\system32\inetsrv\inetinfo.exe (Oracle Corporation) D:\Program Files\Java\jre7\bin\jqs.exe (Advanced Micro Devices Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (UASSOFT.COM) D:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe (http://libusb-win32.sourceforge.net) D:\WINDOWS\system32\libusbd-nt.exe () C:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe (PC Tools) D:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (pdfforge GmbH) D:\Program Files\PDF Architect\HelperService.exe (ATI Technologies Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (pdfforge GmbH) D:\Program Files\PDF Architect\ConversionService.exe (Microsoft Corporation) D:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation) D:\WINDOWS\system32\snmp.exe (VMware, Inc.) D:\WINDOWS\system32\vmnat.exe (AVG Secure Search) D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe () D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe (VMware, Inc.) E:\Program Files\vmware-authd.exe (VMware, Inc.) D:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.) D:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (Microsoft Corporation) D:\WINDOWS\system32\wuauclt.exe (Oracle Corporation) D:\Program Files\Common Files\Java\Java Update\jucheck.exe (Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [amd_dc_opt] => D:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM\...\Run: [StartCCC] => D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-22] (Advanced Micro Devices, Inc.) HKLM\...\Run: [AVG_UI] => D:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [vProt] => D:\Program Files\AVG Web TuneUp\vprot.exe [3081752 2014-12-09] () HKLM\...\Run: [MSConfig] => D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [171520 2008-04-15] (Microsoft Corporation) HKLM\...\Run: [RTHDCPL] => D:\WINDOWS\RTHDCPL.EXE [20145368 2013-10-04] (Realtek Semiconductor Corp.) HKLM\...\Run: [SunJavaUpdateSched] => D:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM\...\Run: [Adobe ARM] => D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) Winlogon\Notify\AtiExtEvent: D:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-1078081533-299502267-839522115-1003\...\Run: [H/PC Connection Agent] => D:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation) HKU\S-1-5-21-1078081533-299502267-839522115-1003\...\Run: [swg] => D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-03-30] (Google Inc.) HKU\S-1-5-21-1078081533-299502267-839522115-1003\...\Run: [Sony Ericsson PC Suite] => C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [434176 2009-11-20] (Sony Ericsson Mobile Communications AB) HKU\S-1-5-21-1078081533-299502267-839522115-1003\...\Run: [Google Update] => D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [107912 2014-10-24] (Google Inc.) HKU\S-1-5-21-1078081533-299502267-839522115-1003\...\Run: [uTorrent] => D:\Documents and Settings\Kuba i Michał\Dane aplikacji\uTorrent\uTorrent.exe [1942352 2014-09-05] (BitTorrent Inc.) HKU\S-1-5-21-1078081533-299502267-839522115-1003\...\Run: [Fraps] => D:\FRAPS\FRAPS.EXE [2391736 2013-02-26] (Beepa P/L) HKU\S-1-5-21-1078081533-299502267-839522115-1003\...\MountPoints2: {71f187ef-3a7b-11e4-a2e8-001fd0b2eb5d} - I:\LG_PC_Programs.exe HKU\S-1-5-21-1078081533-299502267-839522115-1006\...\Run: [swg] => D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-03-30] (Google Inc.) HKU\S-1-5-21-1078081533-299502267-839522115-1006\...\Run: [SandboxieControl] => D:\Program Files\Sandboxie\SbieCtrl.exe [452880 2012-04-10] (SANDBOXIE L.T.D) HKU\S-1-5-21-1078081533-299502267-839522115-1006\...\Run: [H/PC Connection Agent] => D:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation) BootExecute: PDBoot.exeautocheck autochk * sprestrtD:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1078081533-299502267-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1078081533-299502267-839522115-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyServer: [.DEFAULT] => 203.160.1.94:80 ProxyServer: [S-1-5-21-1078081533-299502267-839522115-1003] => socks=127.0.0.1:9050 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220141118 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1078081533-299502267-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKU\S-1-5-21-1078081533-299502267-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tibia.com/community/?subtopic=worlds&world=ra&order=level_asc HKU\S-1-5-21-1078081533-299502267-839522115-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={3D0C63EB-6D30-486C-98F5-5830D4C48F32}&mid=e9e8e12cc64447d08430d1a90af4e34b-0d067dae5e7e84af70bb79418a28c71df2b2738c&lang=pl&ds=xn011&pr=sa&d=2012-11-20 16:29:30&v=14.0.2.14&pid=avg&sg=&sap=hp HKU\S-1-5-21-1078081533-299502267-839522115-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKU\S-1-5-21-1078081533-299502267-839522115-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com HKU\S-1-5-21-1078081533-299502267-839522115-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: [S-1-5-21-1078081533-299502267-839522115-1006] ATTENTION ==> Default URLSearchHook is missing. URLSearchHook: HKU\S-1-5-21-1078081533-299502267-839522115-1006 - (No Name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - No File SearchScopes: HKLM -> DefaultScope value is missing. SearchScopes: HKLM -> URL http://startsear.ch/?aff=2&src=sp&cf=b365d94a-2514-11e2-be72-00e04c100ab8&q={searchTerms} SearchScopes: HKU\S-1-5-21-1078081533-299502267-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-1078081533-299502267-839522115-1003 -> URL http://startsear.ch/?aff=2&src=sp&cf=b365d94a-2514-11e2-be72-00e04c100ab8&q={searchTerms} SearchScopes: HKU\S-1-5-21-1078081533-299502267-839522115-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-1078081533-299502267-839522115-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={3183B199-3464-49BF-A85F-F7D21EEA8723}&mid=e9e8e12cc64447d08430d1a90af4e34b-0d067dae5e7e84af70bb79418a28c71df2b2738c&lang=pl&ds=AVG&coid=avgtbavg&cmpid=1214tb&pr=fr&d=2014-11-06 18:15:46&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1078081533-299502267-839522115-1006 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={3D0C63EB-6D30-486C-98F5-5830D4C48F32}&mid=e9e8e12cc64447d08430d1a90af4e34b-0d067dae5e7e84af70bb79418a28c71df2b2738c&lang=pl&ds=xn011&pr=sa&d=2012-11-20 16:29:30&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1078081533-299502267-839522115-1006 -> {EB2A09DD-F1AD-4E1B-B0F8-490E6C7C7CEA} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 SearchScopes: HKU\S-1-5-21-1078081533-299502267-839522115-500 -> DefaultScope {58F3B4EB-DC76-48C0-9C29-69EFBF8A54CF} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 SearchScopes: HKU\S-1-5-21-1078081533-299502267-839522115-500 -> {58F3B4EB-DC76-48C0-9C29-69EFBF8A54CF} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 SearchScopes: HKU\S-1-5-21-1078081533-299502267-839522115-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: HistoryTriggerBHO Class -> {21A88CB9-84D2-4020-A2D1-B25A21034884} -> D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics) BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> D:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\program files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> D:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> D:\Program Files\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll (AVG) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> D:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.) BHO: FlashGetBHO -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> D:\Documents and Settings\Kuba i Michał\Dane aplikacji\FlashGetBHO\FlashGetBHO31.dll (Trend Media Group) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\program files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> D:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) BHO: EpsonToolBandKicker Class -> {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} -> D:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKU\S-1-5-21-1078081533-299502267-839522115-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKU\S-1-5-21-1078081533-299502267-839522115-1006 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKU\S-1-5-21-1078081533-299502267-839522115-1006 -> No Name - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File Toolbar: HKU\S-1-5-21-1078081533-299502267-839522115-1006 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File Toolbar: HKU\S-1-5-21-1078081533-299502267-839522115-1006 -> No Name - {E8DE9422-3B2C-4243-BF6F-235DA84D8EF8} - No File Toolbar: HKU\S-1-5-21-1078081533-299502267-839522115-1006 -> EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - D:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) Toolbar: HKU\S-1-5-21-1078081533-299502267-839522115-1006 -> No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File Toolbar: HKU\S-1-5-21-1078081533-299502267-839522115-1006 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File Toolbar: HKU\S-1-5-21-1078081533-299502267-839522115-1006 -> No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No File Toolbar: HKU\S-1-5-21-1078081533-299502267-839522115-1006 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKU\S-1-5-21-1078081533-299502267-839522115-1006 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - D:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - D:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll (AVG Secure Search) Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - D:\WINDOWS\System32\msdxm.ocx (Microsoft Corporation) Winsock: Catalog9 32 D:\WINDOWS\system32\vsocklib.dll [63568] (VMware, Inc.) Winsock: Catalog9 33 D:\WINDOWS\system32\vsocklib.dll [63568] (VMware, Inc.) Hosts: Hosts file not detected in the default directory Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\kstftnmr.default-1384367029078 FF SearchEngineOrder.3: Bing FF Homepage: hxxp://www.google.pl/ FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q= FF NetworkProxy: "http", "201.76.172.110" FF NetworkProxy: "http_port", 8080 FF Plugin: @adobe.com/FlashPlayer -> D:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin: @adobe.com/ShockwavePlayer -> D:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> D:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.2.0\\npsitesafety.dll No File FF Plugin: @bittorrent.com/BitTorrentDNA -> D:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> D:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF Plugin: @gamersfirst.com/LiveLauncher -> H:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll No File FF Plugin: @Google.com/GoogleEarthPlugin -> D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.71.2 -> D:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> D:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @ngm.nexoneu.com/NxGame -> D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon) FF Plugin: @pack.google.com/Google Updater;version=14 -> D:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF Plugin: @pandonetworks.com/PandoWebPlugin -> D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin: @tools.google.com/Google Update;version=3 -> D:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> D:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.3 -> D:\Program Files\VideoLAN\VLC\npvlc.dll No File FF Plugin: @zylom.com/ZylomGamesPlayer -> D:\Documents and Settings\All Users\Dane aplikacji\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @acestream.net/acestreamplugin,version=3.0.1 -> D:\Documents and Settings\Kuba i Michał\Dane aplikacji\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @powerchallenge.com/PowerLoader -> D:\DOCUME~1\KUBAIM~1\DANEAP~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @talk.google.com/GoogleTalkPlugin -> D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @talk.google.com/O1DPlugin -> D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @tools.google.com/Google Update;version=3 -> D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @tools.google.com/Google Update;version=9 -> D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @unity3d.com/UnityPlayer,version=1.0 -> D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: electronicarts.com/GameFacePlugin -> D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: pandonetworks.com/PandoWebPlugin -> D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF user.js: detected! => D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\kstftnmr.default-1384367029078\user.js FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, http://www.openssl.org/) FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll (BitComet) FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.) FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc) FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npganymedenet.dll ( ) FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npImagine.dll () FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\NPROULETTE.dll (Ganymede Technologies) FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\NPWORDSSINGLE.dll (Ganymede Technologies) FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll (Zylom) FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, http://www.openssl.org/) FF Plugin ProgramFiles/Appdata: D:\Documents and Settings\Kuba i Michał\Dane aplikacji\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: D:\Documents and Settings\Kuba i Michał\Dane aplikacji\mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\kstftnmr.default-1384367029078\searchplugins\bingp.xml FF SearchPlugin: D:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml FF SearchPlugin: D:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml FF Extension: Fox Sec 7 - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\kstftnmr.default-1384367029078\Extensions\fx@foxysecureKDJJHVLSDUVFU.com [2014-10-26] FF Extension: IE Tab - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\kstftnmr.default-1384367029078\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2014-05-11] FF Extension: YouTube Video and Audio Downloader - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\kstftnmr.default-1384367029078\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2014-04-09] FF Extension: 1-Click YouTube Video Downloader - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\kstftnmr.default-1384367029078\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-04-09] FF Extension: Easy Youtube Video Downloader Express - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\kstftnmr.default-1384367029078\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2014-10-24] FF Extension: Greasemonkey - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\kstftnmr.default-1384367029078\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-06-10] FF Extension: Adblock Edge - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\kstftnmr.default-1384367029078\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-09-20] FF Extension: BlueSoleil Extension - D:\Program Files\Mozilla Firefox\extensions\{231D7D17-4F1B-4933-AB61-E502DB82FD11}(2) [2015-01-30] FF Extension: BlueSoleil Extension - D:\Program Files\Mozilla Firefox\extensions\{231D7D17-4F1B-4933-AB61-E502DB82FD11}(3) [2015-01-30] FF Extension: flashget3 Extension - D:\Program Files\Mozilla Firefox\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} [2015-01-30] FF HKLM\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - H:\Program Files\Spyware Doctor\BDT\FireFox FF HKLM\...\Firefox\Extensions: [{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}] - D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B} FF Extension: LG Air Sync - D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B} [2012-05-10] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-05-01] FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - D:\Program Files\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - D:\Program Files\PDF Architect\FFPDFArchitectExt [2013-10-23] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=180&d=20140612 CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=180&d=20140612" CHR Plugin: (Shockwave Flash) - D:\Program Files\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - D:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - D:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll () CHR Plugin: (Google Talk Plugin) - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\plugins\npgoogletalk.dll (Google) CHR Plugin: (Google Talk Plugin Video Accelerator) - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\plugins\npgtpo3dautoplugin.dll No File CHR Plugin: (Google Talk Plugin Video Renderer) - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\plugins\npo1d.dll (Google) CHR Plugin: (Adobe Acrobat) - D:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - D:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (BitCometAgent) - D:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll (BitComet) CHR Plugin: (DivX Web Player) - D:\Program Files\Mozilla Firefox\plugins\npdivx32.dll (DivX,Inc.) CHR Plugin: (DivX Player Netscape Plugin) - D:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc) CHR Plugin: (GanymedeNet.Detector) - D:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll ( ) CHR Plugin: (Imagine Plugin) - D:\Program Files\Mozilla Firefox\plugins\npImagine.dll () CHR Plugin: (Ganymede Plugin) - D:\Program Files\Mozilla Firefox\plugins\NPROULETTE.dll (Ganymede Technologies) CHR Plugin: (Winamp Application Detector) - D:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.) CHR Plugin: (Ganymede Plugin) - D:\Program Files\Mozilla Firefox\plugins\NPWORDSSINGLE.dll (Ganymede Technologies) CHR Plugin: (Zylom Plugin) - D:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll (Zylom) CHR Plugin: (Microsoft® DRM) - D:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Microsoft® DRM) - D:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Power Challenge Loader) - D:\DOCUME~1\KUBAIM~1\DANEAP~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB) CHR Plugin: (Nexon Game Controller) - D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon) CHR Plugin: (Game Face Plugin) - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) CHR Plugin: (Google Update) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File CHR Plugin: (Unity Player) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (DNA Plug-in) - D:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) CHR Plugin: (Google Earth Plugin) - D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Updater) - D:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) CHR Plugin: (Java(TM) Platform SE 7 U21) - D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - D:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File CHR Plugin: (Pando Web Plugin) - D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Shockwave for Director) - D:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - D:\WINDOWS\system32\npDeployJava1.dll No File CHR Plugin: (Windows Presentation Foundation) - d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Profile: D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-20] CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - No Path CHR HKLM\...\Chrome\Extension: [pkijdmeepjhpenmighhaodgfoogncnlk] - E:\Program Files\Offline Explorer\mpoe.crx [2013-02-01] Opera: ======= StartMenuInternet: (HKLM) Opera - D:\Program Files\Opera\Opera.exe http://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=sc&from=smt&uid=SAMSUNGXHD252HJ_S17HJ1KQA00137&ts=1381579882 ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.Professional.11.0; E:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC) S4 ABBYY.Licensing.FineReader.Professional.9.0; D:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [566560 2007-09-24] (ABBYY (BIT Software)) S4 Alerter; D:\WINDOWS\system32\alrsvc.dll [17408 2008-04-15] (Microsoft Corporation) [File not signed] R3 ALG; D:\WINDOWS\System32\alg.exe [44544 2008-04-15] (Microsoft Corporation) [File not signed] S3 AppMgmt; D:\WINDOWS\System32\appmgmts.dll [172032 2008-04-15] (Microsoft Corporation) [File not signed] R2 AudioSrv; D:\WINDOWS\System32\audiosrv.dll [42496 2008-04-15] (Microsoft Corporation) [File not signed] S2 AVGIDSAgent; D:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.) R2 avgwd; D:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.) R2 BITS; D:\WINDOWS\system32\qmgr.dll [409088 2008-04-15] (Microsoft Corporation) [File not signed] S2 BstHdAndroidSvc; D:\Program Files\BlueStacks\HD-Service.exe [409304 2014-08-13] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; D:\Program Files\BlueStacks\HD-LogRotatorService.exe [384728 2014-08-13] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; D:\Program Files\BlueStacks\HD-UpdaterService.exe [777944 2014-08-13] (BlueStack Systems, Inc.) S4 BthServ; D:\WINDOWS\System32\bthserv.dll [30208 2008-04-15] (Microsoft Corporation) [File not signed] S3 cisvc; D:\WINDOWS\system32\cisvc.exe [5632 2008-04-15] (Microsoft Corporation) [File not signed] S4 ClipSrv; D:\WINDOWS\system32\clipsrv.exe [33280 2008-04-15] (Microsoft Corporation) [File not signed] R2 CryptSvc; D:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-15] (Microsoft Corporation) [File not signed] R2 DcomLaunch; D:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed] R2 Dhcp; D:\WINDOWS\System32\dhcpcsvc.dll [126464 2008-04-15] (Microsoft Corporation) [File not signed] S3 dmadmin; D:\WINDOWS\System32\dmadmin.exe [225280 2008-04-15] (Microsoft Corp., Veritas Software) [File not signed] S2 dmserver; D:\WINDOWS\System32\dmserver.dll [24064 2008-04-15] (Microsoft Corp.) [File not signed] R2 Dnscache; D:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed] S3 Dot3svc; D:\WINDOWS\System32\dot3svc.dll [133632 2008-04-15] (Microsoft Corporation) [File not signed] S4 DroidExplorerService; D:\Program Files\Droid Explorer\DroidExplorer.Service.exe [255488 2012-10-14] (Ryan Conrad) [File not signed] S3 EapHost; D:\WINDOWS\System32\eapsvc.dll [33792 2008-04-15] (Microsoft Corporation) [File not signed] R2 EPSON_EB_RPCV4_01; D:\Documents and Settings\All Users\Dane aplikacji\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION) [File not signed] R2 EPSON_PM_RPCV4_01; D:\Documents and Settings\All Users\Dane aplikacji\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION) [File not signed] R2 ERSvc; D:\WINDOWS\System32\ersvc.dll [23040 2008-04-15] (Microsoft Corporation) [File not signed] R2 Eventlog; D:\WINDOWS\system32\services.exe [111104 2009-02-09] (Microsoft Corporation) [File not signed] R3 EventSystem; D:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed] R3 FastUserSwitchingCompatibility; D:\WINDOWS\System32\shsvcs.dll [135680 2009-07-28] (Microsoft Corporation) [File not signed] S2 gupdate1c9b159953381da; D:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.) R2 helpsvc; D:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-15] (Microsoft Corporation) [File not signed] S2 HidServ; D:\WINDOWS\System32\hidserv.dll [21504 2009-06-30] (Microsoft Corporation) [File not signed] S3 hkmsvc; D:\WINDOWS\System32\kmsvc.dll [61440 2008-04-15] (Microsoft Corporation) [File not signed] S3 HTTPFilter; D:\WINDOWS\System32\w3ssl.dll [15872 2008-04-15] (Microsoft Corporation) [File not signed] S3 IDriverT; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R3 IISADMIN; D:\WINDOWS\system32\inetsrv\inetinfo.exe [15872 2008-04-15] (Microsoft Corporation) [File not signed] S3 IJPLMSVC; D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [99936 2006-11-10] () S3 ImapiService; D:\WINDOWS\system32\imapi.exe [150528 2008-04-15] (Microsoft Corporation) [File not signed] R2 InCDsrv; D:\Program Files\Ahead\InCD\InCDsrv.exe [871424 2005-07-08] (Nero AG) [File not signed] R2 Iprip; D:\WINDOWS\System32\iprip.dll [35328 2008-04-15] (Microsoft Corporation) [File not signed] R2 Irmon; D:\WINDOWS\System32\irmon.dll [28672 2008-04-14] (Microsoft Corporation) [File not signed] R2 JavaQuickStarterService; D:\Program Files\Java\jre7\bin\jqs.exe [182696 2015-01-02] (Oracle Corporation) R2 KMWDSERVICE; D:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe [2179072 2007-05-08] (UASSOFT.COM) [File not signed] R2 lanmanserver; D:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed] R2 lanmanworkstation; D:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed] R2 libusbd; D:\WINDOWS\System32\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net) [File not signed] R2 LmHosts; D:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-15] (Microsoft Corporation) [File not signed] S3 LPDSVC; D:\WINDOWS\System32\tcpsvcs.exe [19456 2008-04-15] (Microsoft Corporation) [File not signed] S4 Messenger; D:\WINDOWS\System32\msgsvc.dll [33792 2008-04-15] (Microsoft Corporation) [File not signed] S3 Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [30785672 2012-09-20] (Microsoft Corporation) S3 mnmsrvc; D:\WINDOWS\System32\mnmsrvc.exe [32768 2008-04-15] (Microsoft Corporation) [File not signed] S3 MSDTC; D:\WINDOWS\System32\msdtc.exe [6144 2008-04-15] (Microsoft Corporation) [File not signed] S3 napagent; D:\WINDOWS\System32\qagentrt.dll [293376 2008-04-15] (Microsoft Corporation) [File not signed] S4 NetDDE; D:\WINDOWS\system32\netdde.exe [114688 2008-04-15] (Microsoft Corporation) [File not signed] S4 NetDDEdsdm; D:\WINDOWS\system32\netdde.exe [114688 2008-04-15] (Microsoft Corporation) [File not signed] S3 Netlogon; D:\WINDOWS\system32\lsass.exe [13312 2008-04-15] (Microsoft Corporation) [File not signed] R3 Netman; D:\WINDOWS\System32\netman.dll [198144 2008-04-15] (Microsoft Corporation) [File not signed] R3 Nla; D:\WINDOWS\System32\mswsock.dll [246784 2008-06-20] (Microsoft Corporation) [File not signed] S3 npggsvc; D:\WINDOWS\system32\GameMon.des [3882096 2012-10-15] (INCA Internet Co., Ltd.) S3 NtLmSsp; D:\WINDOWS\system32\lsass.exe [13312 2008-04-15] (Microsoft Corporation) [File not signed] S3 NtmsSvc; D:\WINDOWS\system32\ntmssvc.dll [435712 2008-04-15] (Microsoft Corporation) [File not signed] R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed] R2 PCToolsSSDMonitorSvc; D:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2010-08-05] (PC Tools) S4 PDAgent; D:\Program Files\Raxco\PDFree\PDAgent.exe [1346312 2012-03-28] (Raxco Software, Inc.) S4 PDEngine; D:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2117384 2012-03-28] (Raxco Software, Inc.) R2 PDF Architect Helper Service; D:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; D:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 PlugPlay; D:\WINDOWS\system32\services.exe [111104 2009-02-09] (Microsoft Corporation) [File not signed] S4 PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [75136 2014-01-25] () R2 PolicyAgent; D:\WINDOWS\system32\lsass.exe [13312 2008-04-15] (Microsoft Corporation) [File not signed] R2 ProtectedStorage; D:\WINDOWS\system32\lsass.exe [13312 2008-04-15] (Microsoft Corporation) [File not signed] S3 RasAuto; D:\WINDOWS\System32\rasauto.dll [88576 2008-04-15] (Microsoft Corporation) [File not signed] R3 RasMan; D:\WINDOWS\System32\rasmans.dll [186368 2008-04-15] (Microsoft Corporation) [File not signed] S3 RDSessMgr; D:\WINDOWS\system32\sessmgr.exe [142336 2008-04-15] (Microsoft Corporation) [File not signed] S4 RemoteAccess; D:\WINDOWS\System32\mprdim.dll [53248 2008-04-15] (Microsoft Corporation) [File not signed] R2 RemoteRegistry; D:\WINDOWS\system32\regsvc.dll [59904 2008-04-15] (Microsoft Corporation) [File not signed] S3 RpcLocator; D:\WINDOWS\system32\locator.exe [75264 2008-04-15] (Microsoft Corporation) [File not signed] R2 RpcSs; D:\WINDOWS\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed] S3 RSVP; D:\WINDOWS\system32\rsvp.exe [132608 2008-04-15] (Microsoft Corporation) [File not signed] R2 SamSs; D:\WINDOWS\system32\lsass.exe [13312 2008-04-15] (Microsoft Corporation) [File not signed] S3 SCardDrv; D:\WINDOWS\System32\SCardSvr.exe [98304 2008-04-15] (Microsoft Corporation) [File not signed] S3 SCardSvr; D:\WINDOWS\System32\SCardSvr.exe [98304 2008-04-15] (Microsoft Corporation) [File not signed] R2 Schedule; D:\WINDOWS\system32\schedsvc.dll [193536 2008-04-15] (Microsoft Corporation) [File not signed] R2 seclogon; D:\WINDOWS\System32\seclogon.dll [18944 2008-04-15] (Microsoft Corporation) [File not signed] R2 SENS; D:\WINDOWS\system32\sens.dll [39424 2008-04-15] (Microsoft Corporation) [File not signed] R2 SharedAccess; D:\WINDOWS\System32\ipnathlp.dll [330752 2008-04-15] (Microsoft Corporation) [File not signed] R2 ShellHWDetection; D:\WINDOWS\System32\shsvcs.dll [135680 2009-07-28] (Microsoft Corporation) [File not signed] R2 SimpTcp; D:\WINDOWS\System32\tcpsvcs.exe [19456 2008-04-15] (Microsoft Corporation) [File not signed] R2 SMTPSVC; D:\WINDOWS\System32\inetsrv\inetinfo.exe [15872 2008-04-15] (Microsoft Corporation) [File not signed] R2 SNMP; D:\WINDOWS\System32\snmp.exe [32768 2008-04-15] (Microsoft Corporation) [File not signed] S3 SNMPTRAP; D:\WINDOWS\System32\snmptrap.exe [8704 2008-04-15] (Microsoft Corporation) [File not signed] R2 Spooler; D:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed] R2 srservice; D:\WINDOWS\system32\srsvc.dll [171520 2008-04-15] (Microsoft Corporation) [File not signed] S4 SSDPSRV; D:\WINDOWS\system32\svchost.exe [14336 2008-04-15] (Microsoft Corporation) [File not signed] R2 stisvc; D:\WINDOWS\system32\wiaservc.dll [334336 2008-04-15] (Microsoft Corporation) [File not signed] S3 SysmonLog; D:\WINDOWS\system32\smlogsvc.exe [91136 2008-04-15] (Microsoft Corporation) [File not signed] R3 TapiSrv; D:\WINDOWS\System32\tapisrv.dll [249856 2008-04-15] (Microsoft Corporation) [File not signed] R3 TermService; D:\WINDOWS\System32\termsrv.dll [296448 2008-04-15] (Microsoft Corporation) [File not signed] R2 Themes; D:\WINDOWS\System32\shsvcs.dll [135680 2009-07-28] (Microsoft Corporation) [File not signed] S3 TlntSvr; D:\WINDOWS\System32\tlntsvr.exe [75264 2008-04-15] (Microsoft Corporation) [File not signed] R2 TrkWks; D:\WINDOWS\system32\trkwks.dll [90112 2008-04-15] (Microsoft Corporation) [File not signed] S3 UMWdf; D:\WINDOWS\system32\wdfmgr.exe [8704 2006-10-18] (Microsoft Corporation) [File not signed] S4 upnphost; D:\WINDOWS\System32\upnphost.dll [186880 2008-04-15] (Microsoft Corporation) [File not signed] S3 UPS; D:\WINDOWS\System32\ups.exe [18432 2008-04-15] (Microsoft Corporation) [File not signed] S3 usprserv; D:\WINDOWS\System32\svchost.exe [14336 2008-04-15] (Microsoft Corporation) [File not signed] R2 VMAuthdService; E:\Program Files\vmware-authd.exe [86744 2014-10-29] (VMware, Inc.) R2 VMnetDHCP; D:\WINDOWS\system32\vmnetdhcp.exe [359128 2014-10-29] (VMware, Inc.) R2 VMUSBArbService; D:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [722624 2014-02-27] (VMware, Inc.) R2 VMware NAT Service; D:\WINDOWS\system32\vmnat.exe [437976 2014-10-29] (VMware, Inc.) S3 VSS; D:\WINDOWS\System32\vssvc.exe [291840 2008-04-15] (Microsoft Corporation) [File not signed] R2 vToolbarUpdater18.2.0; D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [1850392 2014-12-09] (AVG Secure Search) R2 W32Time; D:\WINDOWS\system32\w32time.dll [176128 2008-04-15] (Microsoft Corporation) [File not signed] R2 W3SVC; D:\WINDOWS\system32\inetsrv\inetinfo.exe [15872 2008-04-15] (Microsoft Corporation) [File not signed] S2 WebClient; D:\WINDOWS\System32\webclnt.dll [68096 2008-04-15] (Microsoft Corporation) [File not signed] R2 winmgmt; D:\WINDOWS\system32\wbem\WMIsvc.dll [145408 2008-04-15] (Microsoft Corporation) [File not signed] S3 WmdmPmSN; D:\WINDOWS\system32\mspmsnsv.dll [27136 2006-10-18] (Microsoft Corporation) [File not signed] S3 Wmi; D:\WINDOWS\System32\advapi32.dll [686592 2009-02-09] (Microsoft Corporation) [File not signed] R3 WmiApSrv; D:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-15] (Microsoft Corporation) [File not signed] S3 WMPNetworkSvc; D:\Program Files\Windows Media Player\WMPNetwk.exe [918016 2006-12-01] (Microsoft Corporation) [File not signed] S4 wscsvc; D:\WINDOWS\system32\wscsvc.dll [80896 2008-04-15] (Microsoft Corporation) [File not signed] R2 wuauserv; D:\WINDOWS\system32\wuauserv.dll [6656 2008-04-15] (Microsoft Corporation) [File not signed] R2 WudfSvc; D:\WINDOWS\System32\WUDFSvc.dll [55808 2009-06-30] (Microsoft Corporation) [File not signed] R2 WZCSVC; D:\WINDOWS\System32\wzcsvc.dll [483840 2009-06-30] (Microsoft Corporation) [File not signed] S3 xmlprov; D:\WINDOWS\System32\xmlprov.dll [129024 2008-04-15] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 ACPI; D:\WINDOWS\System32\DRIVERS\ACPI.sys [188544 2008-04-15] (Microsoft Corporation) [File not signed] S4 ACPIEC; D:\WINDOWS\system32\Drivers\ACPIEC.sys [12032 2008-04-15] (Microsoft Corporation) [File not signed] S3 aec; D:\WINDOWS\System32\drivers\aec.sys [142592 2009-06-30] (Microsoft Corporation) [File not signed] S3 Ambfilt; D:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R1 AmdK8; D:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-06-18] (Advanced Micro Devices) [File not signed] S3 andnetadb; D:\WINDOWS\System32\Drivers\lgandnetadb.sys [25856 2011-09-06] (Google Inc) [File not signed] S3 AndNetDiag; D:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [23040 2011-09-05] (LG Electronics Inc.) [File not signed] S3 ANDNetModem; D:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [27776 2011-09-05] (LG Electronics Inc.) [File not signed] S3 andnetndis; D:\WINDOWS\System32\DRIVERS\lgandnetndis.sys [70400 2011-09-16] (LG Electronics Inc.) [File not signed] S3 AsyncMac; D:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-15] (Microsoft Corporation) [File not signed] R0 atapi; D:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-15] (Microsoft Corporation) [File not signed] R3 ati2mtag; D:\WINDOWS\System32\DRIVERS\ati2mtag.sys [5068288 2010-06-22] (ATI Technologies Inc.) [File not signed] R2 atksgt; D:\WINDOWS\System32\DRIVERS\atksgt.sys [278984 2010-08-31] () S3 Atmarpc; D:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-15] (Microsoft Corporation) [File not signed] R3 audstub; D:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) [File not signed] R1 Avgdiskx; D:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; D:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [192280 2014-07-24] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; D:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; D:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; D:\WINDOWS\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.) R0 Avglogx; D:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; D:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; D:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; D:\WINDOWS\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.) R1 avgtp; D:\WINDOWS\system32\drivers\avgtpx86.sys [43296 2014-12-09] (AVG Technologies) R2 BstHdDrv; D:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-08-13] (BlueStack Systems) R0 BtHidBus; D:\WINDOWS\System32\Drivers\BtHidBus.sys [20104 2010-04-06] (IVT Corporation.) R3 BTHidEnum; D:\WINDOWS\System32\DRIVERS\vbtenum.sys [11860 2005-04-30] () [File not signed] R0 BTHidMgr; D:\WINDOWS\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation) [File not signed] S3 BTHPORT; D:\WINDOWS\System32\Drivers\BTHport.sys [273024 2008-06-14] (Microsoft Corporation) [File not signed] S3 BTHUSB; D:\WINDOWS\System32\Drivers\BTHUSB.sys [18944 2008-04-15] (Microsoft Corporation) [File not signed] R3 btkrnl; D:\WINDOWS\System32\DRIVERS\btkrnl.sys [853258 2005-08-29] (Broadcom Corporation.) [File not signed] S3 btnetBUs; D:\WINDOWS\System32\Drivers\btnetBus.sys [25864 2010-04-06] () S4 cbidf2k; D:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2008-04-15] (Microsoft Corporation) [File not signed] S3 CCDECODE; D:\WINDOWS\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation) [File not signed] S1 Cdaudio; D:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2009-06-30] (Microsoft Corporation) [File not signed] R4 Cdfs; D:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-15] (Microsoft Corporation) [File not signed] R1 Cdrom; D:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-13] (Microsoft Corporation) [File not signed] R2 cpuz133; D:\WINDOWS\system32\drivers\cpuz133_x32.sys [20968 2010-03-30] (Windows (R) Win 7 DDK provider) R2 DefragFS; D:\WINDOWS\system32\Drivers\DefragFS.sys [138768 2011-12-02] (Raxco Software, Inc.) R0 Disk; D:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-13] (Microsoft Corporation) [File not signed] S4 dmboot; D:\WINDOWS\System32\drivers\dmboot.sys [800000 2008-04-15] (Microsoft Corp., Veritas Software) [File not signed] S0 dmio; D:\WINDOWS\System32\DRIVERS\dmio.sys [153856 2008-04-15] (Microsoft Corp., Veritas Software) [File not signed] R0 dmload; D:\WINDOWS\system32\Drivers\dmload.sys [5888 2008-04-15] (Microsoft Corp., Veritas Software.) [File not signed] S3 DMusic; D:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Corporation) [File not signed] S3 drmkaud; D:\WINDOWS\System32\drivers\drmkaud.sys [2944 2009-06-30] (Microsoft Corporation) [File not signed] S3 DrvAgent32; D:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2010-06-17] (Phoenix Technologies) [File not signed] R1 dtsoftbus01; D:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2013-02-01] (DT Soft Ltd) R2 EIO1; D:\WINDOWS\system32\drivers\EIO1.sys [12800 2008-01-18] (ASUSTeK Computer Inc.) [File not signed] R4 Fastfat; D:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-15] (Microsoft Corporation) [File not signed] R3 Fdc; D:\WINDOWS\System32\DRIVERS\fdc.sys [27392 2008-04-15] (Microsoft Corporation) [File not signed] R1 Fips; D:\WINDOWS\system32\Drivers\Fips.sys [44672 2008-04-15] (Microsoft Corporation) [File not signed] R3 Flpydisk; D:\WINDOWS\System32\DRIVERS\flpydisk.sys [20480 2008-04-15] (Microsoft Corporation) [File not signed] R0 FltMgr; D:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-15] (Microsoft Corporation) [File not signed] U1 Fs_Rec; D:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2008-04-15] (Microsoft Corporation) [File not signed] R0 Ftdisk; D:\WINDOWS\System32\DRIVERS\ftdisk.sys [125568 2008-04-15] (Microsoft Corporation) [File not signed] S3 gdrv; D:\WINDOWS\gdrv.sys [15600 2010-12-06] (Windows (R) 2000 DDK provider) R3 Gpc; D:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-15] (Microsoft Corporation) [File not signed] S3 GT72NDISIPXP; D:\WINDOWS\System32\DRIVERS\Gt51Ip.sys [95744 2007-11-13] (Option NV) [File not signed] S3 GT72UBUS; D:\WINDOWS\System32\DRIVERS\gt72ubus.sys [51968 2007-11-13] (Option N.V.) [File not signed] R3 GTPTSER; D:\WINDOWS\System32\DRIVERS\gtptser.sys [8064 2007-11-13] (Option N.V.) [File not signed] R2 hcmon; D:\WINDOWS\system32\drivers\hcmon.sys [43840 2014-02-27] (VMware, Inc.) S3 HdAudAddService; D:\WINDOWS\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.) [File not signed] R3 HDAudBus; D:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-15] (Windows (R) Server 2003 DDK provider) [File not signed] S3 HidNt; D:\WINDOWS\System32\DRIVERS\HIDNt.sys [18992 2008-04-18] (Microsoft Corporation) [File not signed] R3 hidusb; D:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-13] (Microsoft Corporation) [File not signed] S3 HTTP; D:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed] S1 i8042prt; D:\WINDOWS\System32\DRIVERS\i8042prt.sys [53248 2008-04-15] (Microsoft Corporation) [File not signed] R1 Imapi; D:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-13] (Microsoft Corporation) [File not signed] R4 InCDfs; D:\WINDOWS\system32\Drivers\InCDfs.sys [99584 2005-07-08] (Nero AG) [File not signed] R1 InCDPass; D:\WINDOWS\System32\DRIVERS\InCDPass.sys [29696 2005-07-08] (Nero AG) [File not signed] U1 InCDrec; D:\WINDOWS\system32\Drivers\InCDrec.sys [8704 2005-07-08] (Nero AG) [File not signed] R1 incdrm; D:\WINDOWS\system32\Drivers\incdrm.sys [28672 2005-07-08] (Nero AG) [File not signed] S3 ip6fw; D:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-15] (Microsoft Corporation) [File not signed] S3 IpFilterDriver; D:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-15] (Microsoft Corporation) [File not signed] S3 IpInIp; D:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-15] (Microsoft Corporation) [File not signed] R3 IpNat; D:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-15] (Microsoft Corporation) [File not signed] R1 IPSec; D:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-15] (Microsoft Corporation) [File not signed] R2 irda; D:\WINDOWS\System32\DRIVERS\irda.sys [88192 2008-04-13] (Microsoft Corporation) [File not signed] S3 IRENUM; D:\WINDOWS\System32\DRIVERS\irenum.sys [10496 2001-08-17] (Microsoft Corporation) [File not signed] R0 isapnp; D:\WINDOWS\System32\DRIVERS\isapnp.sys [37632 2008-04-15] (Microsoft Corporation) [File not signed] R3 IvtBtBUs; D:\WINDOWS\System32\Drivers\IvtBtBus.sys [23048 2010-04-06] (IVT Corporation.) R1 Kbdclass; D:\WINDOWS\System32\DRIVERS\kbdclass.sys [24960 2008-04-14] (Microsoft Corporation) [File not signed] R1 kbdhid; D:\WINDOWS\System32\DRIVERS\kbdhid.sys [14720 2008-04-14] (Microsoft Corporation) [File not signed] R3 kmixer; D:\WINDOWS\System32\drivers\kmixer.sys [172416 2009-06-30] (Microsoft Corporation) [File not signed] R0 KSecDD; D:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed] R2 LANPkt; D:\WINDOWS\System32\DRIVERS\LANPkt.sys [8440 2003-09-17] (Windows (R) 2000 DDK provider) [File not signed] R3 libusb0; D:\WINDOWS\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed] R2 lirsgt; D:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2010-08-31] () S3 Mac606; D:\WINDOWS\System32\DRIVERS\Mac606.sys [26672 2008-04-18] () [File not signed] R1 mnmdd; D:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2008-04-15] (Microsoft Corporation) [File not signed] R3 Modem; D:\WINDOWS\system32\Drivers\Modem.sys [30208 2009-06-30] (Microsoft Corporation) [File not signed] S3 Monfilt; D:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 MotioninJoyXFilter; D:\WINDOWS\System32\DRIVERS\MijXfilt.sys [81168 2011-01-01] (MotioninJoy) R1 Mouclass; D:\WINDOWS\System32\DRIVERS\mouclass.sys [23296 2008-04-14] (Microsoft Corporation) [File not signed] R3 mouhid; D:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2001-10-26] (Microsoft Corporation) [File not signed] R0 MountMgr; D:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-15] (Microsoft Corporation) [File not signed] R3 MRxDAV; D:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-15] (Microsoft Corporation) [File not signed] S3 MSIRCOMM; D:\WINDOWS\System32\DRIVERS\MSIRCOMM.sys [20096 2001-08-17] (Microsoft Corporation) [File not signed] S3 MSKSSRV; D:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2009-06-30] (Microsoft Corporation) [File not signed] S3 MSPCLOCK; D:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2009-06-30] (Microsoft Corporation) [File not signed] S3 MSPQM; D:\WINDOWS\System32\drivers\MSPQM.sys [4992 2009-06-30] (Microsoft Corporation) [File not signed] R3 mssmbios; D:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2009-06-30] (Microsoft Corporation) [File not signed] S3 MSTEE; D:\WINDOWS\System32\drivers\MSTEE.sys [5504 2002-12-12] (Microsoft Corporation) [File not signed] R0 Mup; D:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed] S3 NABTSFEC; D:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [83968 2004-07-09] (Microsoft Corporation) [File not signed] R0 NDIS; D:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-15] (Microsoft Corporation) [File not signed] S3 NdisIP; D:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2009-06-30] (Microsoft Corporation) [File not signed] R3 NdisTapi; D:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed] R3 Ndisuio; D:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2009-06-30] (Microsoft Corporation) [File not signed] R3 NdisWan; D:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-15] (Microsoft Corporation) [File not signed] R3 NDProxy; D:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2010-11-02] (Microsoft Corporation) [File not signed] R1 NetBIOS; D:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-15] (Microsoft Corporation) [File not signed] R2 NetBT; D:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-15] (Microsoft Corporation) [File not signed] R1 Npfs; D:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-15] (Microsoft Corporation) [File not signed] S3 NPPTNT2; D:\WINDOWS\system32\npptNT2.sys [4682 2005-01-03] (INCA Internet Co., Ltd.) [File not signed] R4 Ntfs; D:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-15] (Microsoft Corporation) [File not signed] R1 Null; D:\WINDOWS\system32\Drivers\Null.sys [2944 2008-04-15] (Microsoft Corporation) [File not signed] R0 nvata; D:\WINDOWS\System32\DRIVERS\nvata.sys [105472 2006-10-18] (NVIDIA Corporation) [File not signed] R3 NVENETFD; D:\WINDOWS\System32\DRIVERS\NVENETFD.sys [58368 2006-11-27] (NVIDIA Corporation) [File not signed] R3 nvnetbus; D:\WINDOWS\System32\DRIVERS\nvnetbus.sys [19968 2006-11-27] (NVIDIA Corporation) [File not signed] S3 NwlnkFlt; D:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-15] (Microsoft Corporation) [File not signed] S3 NwlnkFwd; D:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-15] (Microsoft Corporation) [File not signed] R3 Parport; D:\WINDOWS\System32\DRIVERS\parport.sys [80256 2009-06-30] (Microsoft Corporation) [File not signed] R0 PartMgr; D:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-15] (Microsoft Corporation) [File not signed] R2 ParVdm; D:\WINDOWS\system32\Drivers\ParVdm.sys [6912 2008-04-15] (Microsoft Corporation) [File not signed] S3 PCAMPR5; D:\WINDOWS\system32\PCAMPR5.SYS [34688 2008-01-21] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] S3 PCANDIS5; D:\WINDOWS\system32\PCANDIS5.SYS [32128 2008-01-21] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] R0 PCI; D:\WINDOWS\System32\DRIVERS\pci.sys [68608 2008-04-15] (Microsoft Corporation) [File not signed] R0 PCIIde; D:\WINDOWS\System32\DRIVERS\pciide.sys [3456 2008-04-15] (Microsoft Corporation) [File not signed] S4 Pcmcia; D:\WINDOWS\system32\Drivers\Pcmcia.sys [120320 2008-04-15] (Microsoft Corporation) [File not signed] R3 pcouffin; D:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2009-03-31] (VSO Software) [File not signed] R0 PCTCore; D:\WINDOWS\System32\drivers\PCTCore.sys [207280 2009-09-23] (PC Tools) R3 pfc; D:\WINDOWS\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.) [File not signed] S3 PPJoyBus; D:\WINDOWS\System32\drivers\PPJoyBus.sys [13952 2004-10-24] (Deon van der Westhuysen) [File not signed] S3 PPortJoystick; D:\WINDOWS\System32\drivers\PPortJoy.sys [28800 2004-10-24] (Deon van der Westhuysen) [File not signed] R3 PptpMiniport; D:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-15] (Microsoft Corporation) [File not signed] S1 Processor; D:\WINDOWS\System32\DRIVERS\processr.sys [39936 2009-06-30] (Microsoft Corporation) [File not signed] R3 PSched; D:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-15] (Microsoft Corporation) [File not signed] R3 Ptilink; D:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2008-04-15] (Parallel Technologies, Inc.) [File not signed] R1 RasAcd; D:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2008-04-15] (Microsoft Corporation) [File not signed] R3 Rasirda; D:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) [File not signed] R3 Rasl2tp; D:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-15] (Microsoft Corporation) [File not signed] R3 RasPppoe; D:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-15] (Microsoft Corporation) [File not signed] R3 Raspti; D:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2008-04-15] (Microsoft Corporation) [File not signed] R1 Rdbss; D:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-15] (Microsoft Corporation) [File not signed] R1 RDPCDD; D:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2008-04-15] (Microsoft Corporation) [File not signed] R3 rdpdr; D:\WINDOWS\System32\DRIVERS\rdpdr.sys [196224 2008-04-13] (Microsoft Corporation) [File not signed] R1 redbook; D:\WINDOWS\System32\DRIVERS\redbook.sys [58880 2008-04-14] (Microsoft Corporation) [File not signed] S3 RFCOMM; D:\WINDOWS\System32\DRIVERS\rfcomm.sys [59136 2008-04-15] (Microsoft Corporation) [File not signed] S3 ROOTMODEM; D:\WINDOWS\System32\Drivers\RootMdm.sys [5888 2008-04-15] (Microsoft Corporation) [File not signed] S3 RTL8023xp; D:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [85120 2006-12-14] (Realtek Semiconductor Corporation ) [File not signed] S3 rtl8139; D:\WINDOWS\System32\DRIVERS\R8139n51.SYS [46976 2002-10-04] (Realtek Semiconductor Corporation ) [File not signed] S3 s0016bus; D:\WINDOWS\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation) S3 s0016mdfl; D:\WINDOWS\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation) S3 s0016mdm; D:\WINDOWS\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation) S3 s0016mgmt; D:\WINDOWS\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation) S3 s0016nd5; D:\WINDOWS\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation) S3 s0016obex; D:\WINDOWS\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation) S3 s0016unic; D:\WINDOWS\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation) S3 s1039mdm; D:\WINDOWS\System32\DRIVERS\s1039mdm.sys [124016 2010-03-01] (MCCI Corporation) S3 Secdrv; D:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-15] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed] R3 serenum; D:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-15] (Microsoft Corporation) [File not signed] R1 Serial; D:\WINDOWS\System32\DRIVERS\serial.sys [65280 2008-04-15] (Microsoft Corporation) [File not signed] S1 Sfloppy; D:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-15] (Microsoft Corporation) [File not signed] R0 sfsync03; D:\WINDOWS\System32\drivers\sfsync03.sys [35328 2005-12-06] (Protection Technology) [File not signed] R0 sfsync04; D:\WINDOWS\System32\drivers\sfsync04.sys [59264 2006-06-14] (Protection Technology (StarForce)) R0 sfvfs02; D:\WINDOWS\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed] S3 SLIP; D:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-15] (Microsoft Corporation) [File not signed] R3 splitter; D:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Corporation) [File not signed] R0 sptd; D:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-04-02] (Duplex Secure Ltd.) R0 sr; D:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-15] (Microsoft Corporation) [File not signed] R3 Srv; D:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed] S3 STIrUsb; D:\WINDOWS\System32\DRIVERS\irstusb.sys [26624 2001-08-17] (SigmaTel, Inc.) [File not signed] S3 streamip; D:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-15] (Microsoft Corporation) [File not signed] R3 swenum; D:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2009-06-30] (Microsoft Corporation) [File not signed] S3 swmidi; D:\WINDOWS\System32\drivers\swmidi.sys [56576 2009-06-30] (Microsoft Corporation) [File not signed] R3 sysaudio; D:\WINDOWS\System32\drivers\sysaudio.sys [60800 2009-06-30] (Microsoft Corporation) [File not signed] R1 Tcpip; D:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed] S3 TDPIPE; D:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-15] (Microsoft Corporation) [File not signed] S3 TDTCP; D:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-15] (Microsoft Corporation) [File not signed] R1 TermDD; D:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) [File not signed] S3 TVICHW32; D:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [23600 2009-08-24] (EnTech Taiwan) [File not signed] S4 Udfs; D:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-15] (Microsoft Corporation) [File not signed] R3 Update; D:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-15] (Microsoft Corporation) [File not signed] R3 usbhub; D:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-15] (Microsoft Corporation) [File not signed] R3 usbohci; D:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2008-04-15] (Microsoft Corporation) [File not signed] R3 usbprint; D:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2008-04-13] (Microsoft Corporation) [File not signed] S3 USBSTOR; D:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Corporation) [File not signed] R2 Vcs; D:\WINDOWS\system32\Drivers\Vcs.sys [6852 2004-11-14] () [File not signed] R1 VgaSave; D:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-15] (Microsoft Corporation) [File not signed] R3 vmkbd; D:\WINDOWS\system32\drivers\VMkbd.sys [26456 2014-10-29] (VMware, Inc.) R3 VMnetAdapter; D:\WINDOWS\System32\DRIVERS\vmnetadapter.sys [17104 2014-10-29] (VMware, Inc.) R2 VMnetBridge; D:\WINDOWS\System32\DRIVERS\vmnetbridge.sys [35032 2014-10-29] (VMware, Inc.) R2 VMnetuserif; D:\WINDOWS\system32\drivers\vmnetuserif.sys [26968 2014-10-29] (VMware, Inc.) R2 VMparport; D:\WINDOWS\system32\Drivers\VMparport.sys [24920 2014-10-29] (VMware, Inc.) S3 vmusb; D:\WINDOWS\System32\DRIVERS\vmusb.sys [32320 2014-02-27] (VMware, Inc.) R2 vmx86; D:\WINDOWS\system32\Drivers\vmx86.sys [66136 2014-10-29] (VMware, Inc.) R0 VolSnap; D:\WINDOWS\system32\Drivers\VolSnap.sys [52864 2008-04-15] (Microsoft Corporation) [File not signed] R0 vsock; D:\WINDOWS\System32\drivers\vsock.sys [63824 2013-10-08] (VMware, Inc.) S3 vulfnths; D:\WINDOWS\System32\Drivers\vulfnth.sys [6912 2005-01-05] (VIA Technologies, Inc.) [File not signed] S3 vulfntrs; D:\WINDOWS\System32\Drivers\vulfntr.sys [11264 2005-06-06] (VIA Technologies, Inc.) [File not signed] R3 Wanarp; D:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-15] (Microsoft Corporation) [File not signed] S3 wceusbsh; D:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation) R3 wdmaud; D:\WINDOWS\System32\drivers\wdmaud.sys [83072 2009-06-30] (Microsoft Corporation) [File not signed] S3 WpdUsb; D:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed] R1 WS2IFSL; D:\WINDOWS\System32\drivers\ws2ifsl.sys [12032 2008-04-15] (Microsoft Corporation) [File not signed] S3 WSTCODEC; D:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [18688 2004-07-09] (Microsoft Corporation) [File not signed] R0 WudfPf; D:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2009-06-30] (Microsoft Corporation) [File not signed] S3 WudfRd; D:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2009-06-30] (Microsoft Corporation) [File not signed] S3 EagleXNt; \??\D:\WINDOWS\system32\drivers\EagleXNt.sys [X] S4 IntelIde; No ImagePath U5 ScsiPort; D:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-15] (Microsoft Corporation) [File not signed] S3 XDva413; \??\D:\WINDOWS\system32\XDva413.sys [X] S3 XDva414; \??\D:\WINDOWS\system32\XDva414.sys [X] U3 asnr7jjb; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-14 21:43 - 2015-02-14 21:44 - 00069671 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\FRST.txt 2015-02-14 21:39 - 2015-02-14 21:39 - 00380416 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\yl4nt1bx.exe 2015-02-14 21:38 - 2015-02-14 21:39 - 01125888 _____ (Farbar) D:\Documents and Settings\Kuba i Michał\Pulpit\FRST.exe 2015-02-12 16:34 - 2015-02-12 17:23 - 00409600 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\dziennik.mdb 2015-02-10 21:43 - 2015-02-10 21:46 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Pulpit\Zdjęcia z poczty 2015-02-10 19:42 - 2015-02-10 16:07 - 180081727 ____N () D:\Documents and Settings\Kuba i Michał\Pulpit\20150210_160518.mp4 2015-02-10 18:20 - 2015-02-10 18:28 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Pulpit\E-wyciąg 2015-02-08 14:27 - 2015-02-08 14:27 - 00000753 _____ () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2015-02-08 14:00 - 2015-02-08 14:27 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\.dia 2015-02-08 14:00 - 2015-02-08 14:00 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy\Dia 2015-02-08 13:52 - 2015-02-08 13:52 - 19620143 _____ (The Dia Developers) D:\Documents and Settings\Kuba i Michał\Pulpit\dia-setup-0.97.2-2-unsigned.exe 2015-02-08 13:40 - 2015-02-08 14:26 - 00012268 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\Diagram30.dia 2015-02-08 13:40 - 2015-02-02 12:08 - 00048553 ____N () D:\Documents and Settings\Kuba i Michał\Pulpit\3a12-VLSM.odt 2015-02-08 13:40 - 2015-02-02 12:08 - 00008569 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\Diagram30.dia~ 2015-02-08 13:38 - 2015-02-08 13:38 - 00055637 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\asdasd.zip 2015-02-07 16:12 - 2015-02-07 16:12 - 00001831 _____ () D:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2015-02-07 16:12 - 2015-02-07 16:12 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2015-02-07 16:10 - 2015-02-07 16:10 - 00880208 _____ (Google Inc.) D:\Documents and Settings\Kuba i Michał\Pulpit\ChromeSetup.exe 2015-02-07 13:14 - 2015-02-07 13:15 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Pulpit\pendrive 2015-02-07 12:06 - 2015-02-07 12:44 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\PIT Projekt 2014 2015-02-07 12:06 - 2015-02-07 12:09 - 00000000 ____D () D:\Program Files\PIT Projekt 2014 2015-02-07 12:06 - 2015-02-07 12:06 - 00000831 _____ () D:\Documents and Settings\All Users\Pulpit\PIT Projekt 2014.lnk 2015-02-07 12:06 - 2015-02-07 12:06 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy\GP SOFT 2015-02-07 11:49 - 2015-02-07 11:50 - 23532312 _____ (e-file sp. z o.o. ) D:\Documents and Settings\Kuba i Michał\Pulpit\setup_e-pity2014.exe 2015-02-05 20:38 - 2015-02-05 20:38 - 05070512 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerInstaller.exe 2015-02-04 20:46 - 2015-02-04 20:46 - 00065536 _____ () D:\WINDOWS\Minidump\Mini020415-01.dmp 2015-02-02 13:05 - 2015-02-02 13:05 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\Avanquest 2015-01-30 18:55 - 2015-01-30 18:57 - 00000000 ____D () D:\Program Files\Mozilla Firefox 2015-01-24 21:29 - 2015-01-24 21:29 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Sony Ericsson 2015-01-24 21:28 - 2015-01-24 21:28 - 00148736 _____ (Avanquest Software) D:\Documents and Settings\All Users\Dane aplikacji\hpe38A.dll 2015-01-24 21:28 - 2015-01-24 21:28 - 00000901 _____ () D:\Documents and Settings\All Users\Pulpit\Sony Ericsson PC Suite 6.0.lnk 2015-01-24 21:18 - 2015-01-24 21:29 - 00574092 _____ () D:\WINDOWS\DPINST.LOG 2015-01-15 18:38 - 2015-01-15 18:41 - 00828928 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\Jan Karol Chodkiewicz.ppt 2015-01-15 17:34 - 2015-01-15 18:38 - 00721520 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\Jan Karol Chodkiewicz.pptx ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-14 21:44 - 2010-12-05 21:07 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\temp 2015-02-14 21:43 - 2013-10-24 15:15 - 00000000 ____D () D:\FRST 2015-02-14 21:43 - 2009-03-16 21:02 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Pulpit 2015-02-14 21:38 - 2013-12-19 11:23 - 00000930 _____ () D:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-02-14 20:59 - 2011-10-18 17:10 - 00001164 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-299502267-839522115-1003UA.job 2015-02-14 20:55 - 2011-07-30 08:08 - 00001036 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-14 20:55 - 2011-02-21 12:10 - 00032606 _____ () D:\WINDOWS\SchedLgU.Txt 2015-02-14 20:54 - 2011-01-22 14:57 - 00458752 _____ () D:\WINDOWS\system32\config\ACEEvent.evt 2015-02-14 20:51 - 2009-03-16 21:48 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\uTorrent 2015-02-14 20:50 - 2009-03-16 04:43 - 00000000 ____D () D:\WINDOWS\system32\inetsrv 2015-02-14 20:49 - 2014-12-22 11:12 - 00780702 _____ () D:\WINDOWS\setupapi.log 2015-02-14 20:48 - 2010-08-29 11:14 - 01436875 _____ () D:\WINDOWS\WindowsUpdate.log 2015-02-14 20:47 - 2012-11-04 09:21 - 00000000 ____D () D:\Documents and Settings\LocalService\Dane aplikacji\VMware 2015-02-14 20:47 - 2012-11-03 18:55 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\VMware 2015-02-14 20:47 - 2009-04-06 11:05 - 00000157 _____ () D:\WINDOWS\wiadebug.log 2015-02-14 20:47 - 2009-04-06 11:05 - 00000050 _____ () D:\WINDOWS\wiaservc.log 2015-02-14 20:45 - 2014-01-07 10:23 - 00000326 _____ () D:\WINDOWS\Tasks\PCUTMMW.job 2015-02-14 20:45 - 2011-07-30 08:08 - 00001032 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-14 20:45 - 2009-03-16 20:58 - 00000006 ____H () D:\WINDOWS\Tasks\SA.DAT 2015-02-14 17:44 - 2009-03-16 21:02 - 00000188 ___SH () D:\Documents and Settings\Kuba i Michał\ntuser.ini 2015-02-14 17:44 - 2009-03-16 21:02 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał 2015-02-14 17:43 - 2014-12-15 13:32 - 00014118 _____ () D:\Documents and Settings\Kuba i Michał\debug.log 2015-02-14 17:19 - 2012-07-17 19:32 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\MFAData 2015-02-14 14:59 - 2011-10-18 17:10 - 00001112 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-299502267-839522115-1003Core.job 2015-02-14 13:59 - 2009-07-04 11:47 - 00000000 ____D () D:\Program Files\Tibia 2015-02-14 13:59 - 2009-03-16 03:48 - 00000000 ___HD () D:\Documents and Settings\All Users\Dane aplikacji 2015-02-14 13:39 - 2011-06-29 21:45 - 00000924 _____ () D:\WINDOWS\Tasks\Google Software Updater.job 2015-02-14 11:38 - 2009-03-16 21:02 - 00000000 ___HD () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji 2015-02-14 11:37 - 2001-07-21 23:17 - 00002284 _____ () D:\WINDOWS\system32\wpa.dbl 2015-02-13 23:37 - 2011-10-19 15:49 - 00131072 _____ () D:\WINDOWS\system32\config\OAlerts.evt 2015-02-10 19:43 - 2011-06-10 12:09 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\.smplayer 2015-02-08 20:08 - 2009-12-14 20:16 - 00141824 _____ () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-08 14:00 - 2009-03-16 03:48 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy 2015-02-08 13:59 - 2009-03-16 21:02 - 00000000 ___RD () D:\Documents and Settings\Kuba i Michał\Moje dokumenty 2015-02-07 16:12 - 2009-03-16 03:48 - 00000000 ____D () D:\Documents and Settings\All Users\Pulpit 2015-02-07 12:06 - 2009-03-16 21:02 - 00000000 __RHD () D:\Documents and Settings\Kuba i Michał\Dane aplikacji 2015-02-05 20:38 - 2013-12-19 11:23 - 00701616 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerApp.exe 2015-02-05 20:38 - 2013-12-19 11:23 - 00071344 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-02-04 20:46 - 2015-01-04 19:40 - 1073303552 _____ () D:\WINDOWS\MEMORY.DMP 2015-02-04 20:46 - 2009-03-31 16:10 - 00000000 ____D () D:\WINDOWS\Minidump 2015-02-02 13:05 - 2009-11-03 14:18 - 00000000 ____D () D:\Program Files\Avanquest update 2015-02-01 16:53 - 2009-03-28 16:01 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla 2015-01-31 15:01 - 2012-11-03 18:57 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\VMware 2015-01-31 14:59 - 2012-11-03 18:57 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\VMware 2015-01-31 14:13 - 2012-04-25 07:14 - 00000000 ____D () D:\Program Files\Mozilla Maintenance Service 2015-01-30 22:03 - 2013-11-29 22:34 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Moje dokumenty\Deluxe Ski Jump 4 2015-01-30 19:03 - 2012-04-25 21:52 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Moje dokumenty\Pliki programu Outlook 2015-01-30 13:05 - 2009-03-17 14:58 - 00001324 _____ () D:\WINDOWS\system32\d3d9caps.dat 2015-01-29 10:44 - 2001-07-21 23:16 - 00000885 _____ () D:\WINDOWS\win.ini 2015-01-29 10:44 - 2001-07-21 23:15 - 00000246 _____ () D:\WINDOWS\system.ini 2015-01-26 16:17 - 2012-08-20 18:51 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\ChomikBox 2015-01-26 10:48 - 2009-05-31 21:02 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\.gstreamer-0.10 2015-01-24 21:36 - 2014-12-29 14:15 - 00008968 _____ () D:\WINDOWS\setupact.log 2015-01-24 21:28 - 2009-11-03 14:18 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\Sony Ericsson 2015-01-24 21:17 - 2009-03-16 21:39 - 00000000 ___HD () D:\Program Files\InstallShield Installation Information 2015-01-24 21:13 - 2009-06-25 08:34 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Pulpit\Programy i gry 2015-01-21 21:21 - 2011-06-10 11:46 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Pulpit\Programy i gry 2 ==================== Files in the root of some directories ======= 2010-08-25 17:29 - 2010-08-25 17:30 - 17853214 _____ () D:\Program Files\Chicken Invaders 3 Xmas.rar 2010-07-09 20:58 - 2010-07-09 20:58 - 2355396 _____ () D:\Program Files\ElfBot NG.rar 2011-04-04 15:59 - 2011-04-04 15:59 - 2875392 _____ (Intel Corporation) D:\Program Files\libmmd.dll 2013-09-25 15:23 - 2014-03-20 20:19 - 0003730 _____ () D:\Program Files\Mozilla Firefoxavg-secure-search.xml 2011-04-04 15:59 - 2011-04-04 15:59 - 0000125 _____ () D:\Program Files\plugin.ini 2009-07-18 13:58 - 2009-07-18 13:58 - 3012950 _____ () D:\Program Files\Remere's Map Editor.rar 2009-11-09 19:41 - 2010-05-25 13:31 - 3444170 _____ () D:\Program Files\TibiaBot NG.rar 2009-03-31 11:46 - 2004-10-01 14:00 - 0040960 _____ () D:\Program Files\Uninstall_CDS.exe 2011-04-04 15:59 - 2011-04-04 15:59 - 9752576 _____ (Chaos Group Ltd) D:\Program Files\vray2009.dll 2011-04-04 15:59 - 2011-04-04 15:59 - 0139776 _____ () D:\Program Files\vraydummy2009.max 2011-04-04 15:59 - 2011-04-04 15:59 - 0006213 _____ () D:\Program Files\vraydummy2009.xml 2011-04-04 15:59 - 2011-04-04 15:59 - 0159744 _____ () D:\Program Files\vrayspawner2009.exe 2009-06-13 15:18 - 2009-06-13 15:18 - 0002528 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\$_hpcst$.hpc 2010-08-14 22:36 - 2011-06-16 13:56 - 0000063 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\bynacam_config.ini 2009-03-31 10:34 - 2009-03-31 10:34 - 0087608 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\inst.exe 2013-10-21 18:10 - 2011-01-27 15:54 - 0139783 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\MinecraftSP.jar 2009-03-31 10:34 - 2009-03-31 10:34 - 0007887 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\pcouffin.cat 2009-03-31 10:34 - 2009-03-31 10:34 - 0001144 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\pcouffin.inf 2009-03-31 10:34 - 2009-03-31 10:34 - 0000034 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\pcouffin.log 2009-03-31 10:34 - 2009-03-31 10:34 - 0047360 _____ (VSO Software) D:\Documents and Settings\Kuba i Michał\Dane aplikacji\pcouffin.sys 2010-05-03 20:05 - 2014-01-25 21:59 - 0022328 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\PnkBstrK.sys 2013-10-21 18:10 - 2011-05-26 18:26 - 0000238 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\ReadMe.txt 2012-01-08 16:01 - 2012-01-08 16:11 - 0000042 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\TheHunterSettings_local.cfg 2009-03-31 10:34 - 2009-03-31 10:44 - 0000671 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\vso_ts_preview.xml 2009-12-14 20:16 - 2015-02-08 20:08 - 0141824 _____ () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-08 14:27 - 2015-02-08 14:27 - 0000753 _____ () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\recently-used.xbel Some content of TEMP: ==================== D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\temp\jre-8u31-windows-au.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) D:\WINDOWS\explorer.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a D:\WINDOWS\system32\winlogon.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 D:\WINDOWS\system32\svchost.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce D:\WINDOWS\system32\services.exe [2008-04-15 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f D:\WINDOWS\system32\User32.dll [2008-04-15 13:00] - [2008-04-15 13:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 D:\WINDOWS\system32\userinit.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 D:\WINDOWS\system32\rpcss.dll [2008-04-15 13:00] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. D:\WINDOWS\system32\Drivers\volsnap.sys [2008-04-15 13:00] - [2008-04-15 13:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================