Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01 Ran by LENOVO (administrator) on LENOVO-A78B26D0 on 21-02-2015 15:30:26 Running from C:\Users\LENOVO\Desktop\Pulpit Loaded Profiles: LENOVO & Administrator (Available profiles: LENOVO & Administrator) Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe (Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe (Intel) C:\Program Files\Intel\AMT\LMS.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe (Intel) C:\Program Files\Intel\AMT\UNS.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\conime.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680 2010-03-12] (Kaspersky Lab) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation) HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun_KL_notset] 1 HKLM\...\Command Processor: <======= ATTENTION HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-1343024091-764733703-839522115-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-1343024091-764733703-839522115-500\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-1343024091-764733703-839522115-500\...\Run: [GoogleDriveSync] => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart HKU\S-1-5-21-1343024091-764733703-839522115-500\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0FO\adialhk.dll => C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\adialhk.dll [85080 2014-09-15] (Kaspersky Lab ZAO) AppInit_DLLs: ,C:\PROGRA~1\KASPER~1\KASPER~2.0FO\kloehk.dll => C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\kloehk.dll [13056 2014-09-15] (Kaspersky Lab ZAO) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120141209 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1343024091-764733703-839522115-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKU\S-1-5-21-1343024091-764733703-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1343024091-764733703-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1343024091-764733703-839522115-1003\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 HKU\S-1-5-21-1343024091-764733703-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120141209 HKU\S-1-5-21-1343024091-764733703-839522115-500\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKU\S-1-5-21-1343024091-764733703-839522115-500\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1343024091-764733703-839522115-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1343024091-764733703-839522115-500\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 HKU\S-1-5-21-1343024091-764733703-839522115-500\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ig URLSearchHook: HKU\S-1-5-21-1343024091-764733703-839522115-500 - MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - No File SearchScopes: HKLM -> {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-1003 -> {0816EC3C-332B-4CF4-A587-C502B101766D} URL = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?} SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-1003 -> {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms} SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-1003 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}264704 SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.v9.com/web/?q={searchTerms} SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.v9.com/web/?q={searchTerms} SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> {0816EC3C-332B-4CF4-A587-C502B101766D} URL = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?} SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={D428A3CE-6C20-433D-B8F2-EB359B07511C}&mid=5a9b1fe2cc3647d0a7a4d15771c384ab-6900aef64b64e907138e4cc27f10b29becca26c1&lang=en&ds=gl011&pr=sa&d=2012-07-30 11:52:18&v=12.1.0.21&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-search.net/search?sid=492&aid=213&itype=a&ver=12791&tm=367&src=ds&p={searchTerms} SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> {A43FE24F-4BDC-46ED-AB4C-8AB70DE90499} URL = http://mystart.incredimail.com/?search={searchTerms}&loc=ie_search SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms} SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=HJxdm007YYpl&ptnrS=HJxdm007YYpl&si=CLPNtICXwbECFUFO3wodllwA_w&ptb=9747E510-5D25-425F-A75D-E8E59A3101D2&ind=2012090409&n=77ee1029&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredimail.com/?search={searchTerms}&loc=search_box_im2_test_v2 SearchScopes: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}264704 BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Toolbar: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Toolbar: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKU\S-1-5-21-1343024091-764733703-839522115-500 -> No Name - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274982328054 DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\LENOVO\AppData\Roaming\Mozilla\Firefox\Profiles\rxiubkqd.default FF DefaultSearchUrl: FF Homepage: hxxp://www.wp.pl/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\npDeployJava1.dll (Sun Microsystems, Inc.) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Users\LENOVO\AppData\Roaming\Mozilla\Firefox\Profiles\rxiubkqd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-14] FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011-10-26] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-06] FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-08] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext Chrome: ======= CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - No Path CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - No Path CHR HKU\S-1-5-21-1343024091-764733703-839522115-1003\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - No Path ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [176128 2007-05-23] (Intel Corporation) [File not signed] R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680 2010-03-12] (Kaspersky Lab) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2011-10-26] (Sun Microsystems, Inc.) R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [102400 2007-05-23] (Intel) [File not signed] R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed] R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] () S2 TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [520192 2007-12-05] () [File not signed] S2 TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [950272 2007-12-05] (Lenovo Group Limited) [File not signed] S2 TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1122304 2008-04-02] (Lenovo Group Limited) [File not signed] R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2514944 2007-05-23] (Intel) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 ATIAVPCI; C:\Windows\System32\DRIVERS\atinavrr.sys [377472 2006-11-02] (ATI Technologies Inc.) R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [126480 2009-11-12] (Kaspersky Lab) R3 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [24848 2009-09-03] (Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [233560 2014-09-15] (Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [22104 2014-09-15] (Kaspersky Lab ZAO) R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider) S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [9728 2007-01-15] (Microsoft Corporation) S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1083520 2006-11-02] (Philips Semiconductors GmbH) R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2008-03-11] (Microsoft Corporation) [File not signed] R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [39280 2014-07-28] (Synaptics Incorporated) R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2008-03-12] (Acronis) R3 TPM; C:\Windows\System32\drivers\tpm.sys [13824 2012-03-27] (Intel Corporation) R2 tvtfilter; C:\Windows\System32\DRIVERS\tvtfilter.sys [33536 2008-03-11] (Lenovo) [File not signed] S3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1963680 2006-12-05] (Microsoft Corporation) S3 cglptnt; \??\C:\totalcmd\cglptnt.sys [X] S3 cpuz134; \??\C:\Users\LENOVO\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S0 timounter; system32\DRIVERS\timntr.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-21 15:18 - 2015-02-21 15:30 - 00000000 ____D () C:\FRST 2015-02-21 15:12 - 2015-02-21 15:12 - 00044391 _____ () C:\Users\LENOVO\Documents\Documents.7z 2015-02-21 14:35 - 2015-02-19 19:35 - 00156313 _____ () C:\Users\LENOVO\Documents\Mini021915-02.dmp 2015-02-21 14:35 - 2015-02-19 14:03 - 00156313 _____ () C:\Users\LENOVO\Documents\Mini021915-01.dmp 2015-02-21 13:26 - 2015-02-21 13:26 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Systweak 2015-02-21 12:53 - 2015-02-21 12:53 - 00000847 _____ () C:\Users\LENOVO\Desktop\RegClean Pro.lnk 2015-02-21 12:53 - 2015-02-21 12:53 - 00000000 ____D () C:\Users\LENOVO\AppData\Roaming\Systweak 2015-02-21 12:53 - 2015-02-21 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro 2015-02-21 12:53 - 2015-02-21 12:53 - 00000000 ____D () C:\Program Files\RegClean Pro 2015-02-21 12:52 - 2015-02-21 12:52 - 00000000 ____D () C:\Users\LENOVO\Desktop\regcleaner 2015-02-21 11:55 - 2015-02-21 11:57 - 00000720 _____ () C:\Users\Administrator\Desktop\zmiana użytkownika.lnk 2015-02-21 11:50 - 2015-02-21 11:50 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia 2015-02-21 11:50 - 2015-02-21 11:50 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe 2015-02-21 11:50 - 2015-02-21 11:50 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Macromedia 2015-02-21 11:47 - 2015-02-21 11:47 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla 2015-02-21 11:47 - 2015-02-21 11:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla 2015-02-21 11:14 - 2015-02-21 11:14 - 00104352 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT 2015-02-21 11:14 - 2015-02-21 11:14 - 00000915 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk 2015-02-21 11:13 - 2015-02-21 11:13 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini 2015-02-21 10:13 - 2015-02-21 10:13 - 00000000 ____D () C:\Users\LENOVO\Desktop\zdjęcia z 7zip 2015-02-21 09:56 - 2015-02-21 09:56 - 00009712 _____ () C:\Users\LENOVO\Documents\liceencja kaspersky.reg 2015-02-19 23:10 - 2015-02-19 23:10 - 00001065 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2015-02-19 23:10 - 2015-02-19 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2015-02-19 23:10 - 2015-02-19 23:10 - 00000000 ____D () C:\Program Files\VS Revo Group 2015-02-19 23:10 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys 2015-02-19 23:08 - 2015-02-19 23:08 - 00000000 ____D () C:\Users\LENOVO\Desktop\Revo 2015-02-19 22:31 - 2015-02-19 22:32 - 00000000 ____D () C:\Users\LENOVO\Desktop\boostspeed 2015-02-19 21:43 - 2015-02-19 21:43 - 00000000 _____ () C:\Users\LENOVO\regsvr32 2015-02-19 12:10 - 2015-02-19 12:12 - 00000000 ____D () C:\Users\LENOVO\AppData\Roaming\ATViewer 2015-02-18 19:12 - 2015-02-18 19:12 - 00002615 _____ () C:\Users\LENOVO\Desktop\Microsoft Office Publisher 2007.lnk 2015-02-18 15:38 - 2015-02-18 15:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf 2015-02-18 15:38 - 2015-02-18 15:38 - 00000000 ____D () C:\Program Files\Synaptics 2015-02-18 15:35 - 2015-02-18 15:42 - 00002728 _____ () C:\Windows\DPINST.LOG 2015-02-18 15:35 - 2015-02-18 15:35 - 00000000 ____D () C:\Program Files\DIFX 2015-02-18 15:35 - 1999-12-31 19:00 - 08198680 _____ (Intel(R) Corporation) C:\Windows\system32\TVWSetup.exe 2015-02-18 15:35 - 1999-12-31 19:00 - 04391936 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys 2015-02-18 15:35 - 1999-12-31 19:00 - 04116480 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll 2015-02-18 15:35 - 1999-12-31 19:00 - 03829760 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll 2015-02-18 15:35 - 1999-12-31 19:00 - 02678784 _____ (Intel Corporation) C:\Windows\system32\ig4dev32.dll 2015-02-18 15:35 - 1999-12-31 19:00 - 01921265 _____ () C:\Windows\system32\iglhxa32.cpa 2015-02-18 15:35 - 1999-12-31 19:00 - 00668696 _____ (Intel Corporation) C:\Windows\system32\igfxcfg.exe 2015-02-18 15:35 - 1999-12-31 19:00 - 00536576 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll 2015-02-18 15:35 - 1999-12-31 19:00 - 00310784 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00304640 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00303616 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00303104 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00303104 _____ (Intel Corporation) C:\Windows\system32\igfxresp.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00299008 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00294912 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00291328 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00289280 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00288256 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00281088 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00280576 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00279552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00277504 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00275968 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00262656 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00252952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2015-02-18 15:35 - 1999-12-31 19:00 - 00252416 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00249856 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00210432 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2015-02-18 15:35 - 1999-12-31 19:00 - 00206848 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00205312 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00179712 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00178176 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2015-02-18 15:35 - 1999-12-31 19:00 - 00173592 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2015-02-18 15:35 - 1999-12-31 19:00 - 00173080 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2015-02-18 15:35 - 1999-12-31 19:00 - 00155648 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2039.dll 2015-02-18 15:35 - 1999-12-31 19:00 - 00150552 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2015-02-18 15:35 - 1999-12-31 19:00 - 00141848 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2015-02-18 15:35 - 1999-12-31 19:00 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2015-02-18 15:35 - 1999-12-31 19:00 - 00119296 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2015-02-18 15:35 - 1999-12-31 19:00 - 00060226 _____ () C:\Windows\system32\iglhxc32.vp 2015-02-18 15:35 - 1999-12-31 19:00 - 00060015 _____ () C:\Windows\system32\iglhxo32.vp 2015-02-18 15:35 - 1999-12-31 19:00 - 00059392 _____ (Intel Corporation) C:\Windows\system32\oemdspif.dll 2015-02-18 15:35 - 1999-12-31 19:00 - 00036880 _____ () C:\Windows\system32\iglhxs32.vp 2015-02-18 15:35 - 1999-12-31 19:00 - 00023552 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2015-02-18 15:35 - 1999-12-31 19:00 - 00001090 _____ () C:\Windows\system32\iglhxa32.vp 2015-02-18 15:34 - 2014-07-28 12:27 - 00039280 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys 2015-02-18 15:34 - 2012-10-30 01:04 - 00232296 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1e6032.sys 2015-02-18 15:34 - 2012-08-14 11:00 - 00083808 _____ (Intel Corporation) C:\Windows\system32\NicInE6.dll 2015-02-18 15:34 - 2012-04-11 14:52 - 00002760 _____ () C:\Windows\system32\e1e6032.din 2015-02-18 15:34 - 2009-08-07 09:49 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2015-02-18 15:34 - 2007-12-14 12:06 - 00121440 _____ (Intel Corporation) C:\Windows\system32\e1000msg.dll 2015-02-18 15:34 - 2007-08-24 07:58 - 00028272 _____ (Intel Corporation) C:\Windows\system32\NicCo26.dll 2015-02-18 15:34 - 2000-01-01 08:00 - 00378880 _____ (Analog Devices, Inc.) C:\Windows\system32\Drivers\ADIHdAud.sys 2015-02-18 15:33 - 2012-03-27 15:43 - 00013824 _____ (Intel Corporation) C:\Windows\system32\Drivers\tpm.sys 2015-02-18 15:33 - 2012-03-27 15:43 - 00010752 _____ (Intel Corporation) C:\Windows\system32\TDDL.dll 2015-02-17 21:26 - 2014-01-30 08:46 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2015-02-17 21:26 - 2014-01-30 08:46 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2015-02-17 20:57 - 2010-04-21 18:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll 2015-02-17 19:49 - 2009-06-25 12:39 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME 2015-02-17 19:49 - 2009-06-25 12:39 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime 2015-02-17 19:39 - 2009-09-14 15:50 - 03412480 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe 2015-02-17 19:39 - 2009-09-14 10:44 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll 2015-02-17 19:25 - 2015-02-17 19:25 - 00000000 ____D () C:\Program Files\Hyper-V 2015-02-17 19:25 - 2008-06-11 14:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\RemoteFileBrowse.dll 2015-02-17 19:25 - 2008-06-11 14:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\vmclusex.dll 2015-02-17 18:51 - 2015-02-17 18:52 - 00000805 _____ () C:\Windows\KB2845142.log 2015-02-17 15:47 - 2015-02-20 15:59 - 00000000 ____D () C:\Program Files\Windows Doctor 2015-02-17 15:47 - 2015-02-17 15:47 - 00000871 _____ () C:\Users\LENOVO\Desktop\Windows Doctor.lnk 2015-02-17 15:47 - 2015-02-17 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Doctor 2015-02-16 20:16 - 2015-02-18 15:38 - 00001607 _____ () C:\Windows\setupact.log 2015-02-16 20:16 - 2015-02-16 20:16 - 00000000 _____ () C:\Windows\setuperr.log 2015-02-16 18:37 - 2015-02-16 18:37 - 00003356 _____ () C:\Windows\PFRO.log 2015-02-16 18:25 - 2015-02-16 18:36 - 00001896 _____ () C:\Windows\system32\ASOROSet.bin 2015-02-16 18:21 - 2015-02-16 18:21 - 00000000 ____D () C:\Windows\system32\config\RCCBakup 2015-02-16 18:10 - 2015-02-16 18:11 - 00000840 _____ () C:\Users\Public\Desktop\WinThruster.lnk 2015-02-16 18:10 - 2015-02-16 18:11 - 00000000 ____D () C:\Users\LENOVO\AppData\Roaming\Solvusoft 2015-02-16 18:10 - 2015-02-16 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster 2015-02-16 18:10 - 2015-02-16 18:11 - 00000000 ____D () C:\Program Files\WinThruster 2015-02-16 18:10 - 2012-10-15 17:02 - 00017840 _____ (solvusoft) C:\Windows\system32\ROBoot.exe 2015-02-16 17:39 - 2015-02-16 17:39 - 00000000 ____D () C:\47e08c83a5c40b2cfb307eb98f52f555 2015-02-16 16:19 - 2015-02-16 16:19 - 00000000 ____D () C:\d20f2e1850b6a020177473 2015-02-16 16:18 - 2015-02-16 16:18 - 00000000 ____D () C:\Windows\CheckSur 2015-02-16 14:52 - 2015-02-16 14:52 - 00000000 ____D () C:\ProgramData\Oracle 2015-02-15 18:05 - 2015-02-15 18:05 - 00000000 __SHD () C:\found.001 2015-02-15 15:00 - 2015-02-15 15:00 - 00000000 ____D () C:\Windows\pl 2015-02-15 14:59 - 2015-02-15 14:59 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2015-02-15 14:58 - 2015-02-15 14:58 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk 2015-02-15 14:57 - 2015-02-15 14:58 - 00001227 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk 2015-02-15 11:36 - 2015-02-15 11:36 - 00000000 ____D () C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit 2015-02-15 11:36 - 2015-02-15 11:36 - 00000000 ____D () C:\Program Files\Microsoft Windows Performance Toolkit 2015-02-15 11:36 - 2015-02-15 11:36 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer 2015-02-15 11:35 - 2015-02-15 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86) 2015-02-15 11:35 - 2015-02-15 11:35 - 00000000 ____D () C:\Program Files\Debugging Tools for Windows (x86) 2015-02-15 11:34 - 2015-02-19 23:26 - 00000000 ____D () C:\Program Files\Application Verifier 2015-02-15 11:32 - 2015-02-15 11:32 - 00000000 ____D () C:\Windows\symbols 2015-02-15 11:32 - 2015-02-15 11:32 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 10.0 2015-02-15 11:25 - 2015-02-15 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.1 2015-02-15 11:25 - 2015-02-15 11:25 - 00000000 ____D () C:\Program Files\Microsoft SDKs 2015-02-15 10:22 - 2015-02-15 10:22 - 00143344 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmhgfs.sys 2015-02-15 10:22 - 2015-02-15 10:22 - 00107120 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vm3dmp.sys 2015-02-15 10:22 - 2015-02-15 10:22 - 00098928 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmci.sys 2015-02-15 10:22 - 2015-02-15 10:22 - 00063920 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx_svga.sys 2015-02-15 10:22 - 2015-02-15 10:22 - 00025136 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmaudio.sys 2015-02-15 10:22 - 2015-02-15 10:22 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys 2015-02-15 10:22 - 2015-02-15 10:22 - 00011440 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmmouse.sys 2015-02-15 10:21 - 2015-02-15 10:22 - 00000000 ____D () C:\Windows\system32\SPReview 2015-02-15 10:20 - 2015-02-15 10:20 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\WsmProv.dll 2015-02-15 10:19 - 2015-02-15 10:20 - 00001536 _____ (Microsoft Corporation) C:\Windows\system32\WsmCl.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 03223152 _____ (VMware, Inc.) C:\Windows\system32\vm3dgl.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00484192 _____ (ThinPrint AG) C:\Windows\system32\TPSvc.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00316736 _____ (ThinPrint AG) C:\Windows\system32\TPVMMon.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00219248 _____ (VMware, Inc.) C:\Windows\system32\vm3dum.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00173232 _____ (VMware, Inc.) C:\Windows\system32\vmx_fb.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00144664 _____ (ThinPrint AG) C:\Windows\system32\tprdpw32.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\extmgr.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00111912 _____ (ThinPrint AG) C:\Windows\system32\TPVMW32.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00079176 _____ (ThinPrint AG) C:\Windows\system32\TPVMMonUI.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\ieencode.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00063088 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00053360 _____ (VMware, Inc.) C:\Windows\system32\vmGuestLib.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00050800 _____ (VMware, Inc.) C:\Windows\system32\vmhgfs.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00034416 _____ (VMware, Inc.) C:\Windows\system32\vmGuestLibJava.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00023904 _____ (ThinPrint AG) C:\Windows\system32\TPVMMondeu.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00016432 _____ (VMware, Inc.) C:\Windows\system32\vmx_mode.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00009576 _____ (ThinPrint AG) C:\Windows\system32\TPVMMonjpn.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00009072 _____ (ThinPrint AG) C:\Windows\system32\TPVMMonUIjpn.dll 2015-02-15 10:19 - 2015-02-15 10:19 - 00009064 _____ (ThinPrint AG) C:\Windows\system32\TPVMMonUIdeu.dll 2015-02-15 10:18 - 2015-02-15 10:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll 2015-02-15 10:07 - 2015-02-15 10:07 - 00000000 ____D () C:\ProgramData\Weskysoft 2015-02-15 09:43 - 2015-02-15 09:43 - 00000899 _____ () C:\Users\LENOVO\Desktop\DllSuite.lnk 2015-02-15 09:43 - 2015-02-15 09:43 - 00000000 ____D () C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2014 2015-02-15 09:43 - 2015-02-15 09:43 - 00000000 ____D () C:\Program Files\DLLSuite 2015-02-14 19:57 - 2015-02-21 15:30 - 00000000 ____D () C:\Users\LENOVO\Desktop\Pulpit 2015-02-14 18:35 - 2015-02-14 18:35 - 00004608 _____ () C:\Users\LENOVO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-14 16:03 - 2014-11-26 03:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-14 15:55 - 2015-02-14 19:08 - 00000000 ____D () C:\Temp 2015-02-14 15:31 - 2015-02-14 15:32 - 00000000 ____D () C:\de628f5b8323f8fc809a3c6e467562 2015-02-14 15:31 - 2015-01-09 01:20 - 02063360 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-14 15:30 - 2015-01-13 02:39 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-14 15:28 - 2015-01-15 05:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-14 15:27 - 2014-12-08 02:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-14 15:05 - 2015-02-21 14:42 - 00000012 _____ () C:\Windows\bthservsdp.dat 2015-02-14 15:05 - 2015-02-14 15:06 - 00002403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk 2015-02-14 14:39 - 2015-02-14 14:39 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-02-14 14:39 - 2015-02-14 14:39 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-02-14 13:11 - 2015-01-14 02:51 - 12371456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-14 13:11 - 2015-01-14 02:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-02-14 13:11 - 2015-01-14 02:46 - 09742336 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-14 13:11 - 2015-01-14 02:43 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-14 13:11 - 2015-01-14 02:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-14 13:11 - 2015-01-14 02:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-14 13:11 - 2015-01-14 02:41 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-14 13:11 - 2015-01-14 02:41 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-14 13:11 - 2015-01-14 02:41 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-14 13:11 - 2015-01-14 02:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-02-14 13:11 - 2015-01-14 02:41 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-14 13:11 - 2015-01-14 02:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-14 13:11 - 2015-01-14 02:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-14 13:11 - 2015-01-14 02:40 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-14 13:11 - 2015-01-14 02:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-14 13:11 - 2015-01-14 02:40 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-14 13:11 - 2015-01-14 02:40 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-14 13:11 - 2015-01-14 02:40 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-02-14 13:11 - 2015-01-14 02:40 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-02-14 13:11 - 2015-01-14 02:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-02-14 13:01 - 2015-02-14 13:01 - 00000000 ____D () C:\ProgramData\VS Revo Group 2015-02-14 12:09 - 2015-02-14 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-02-14 10:37 - 2015-02-14 10:37 - 00000000 ____D () C:\Users\LENOVO\AppData\Local\VS Revo Group 2015-02-14 10:34 - 2015-02-14 12:09 - 00000000 ____D () C:\Program Files\7-Zip 2015-02-14 10:13 - 2015-02-14 10:13 - 00000000 ____D () C:\Users\LENOVO\AppData\Local\Anvisoft 2015-02-14 09:07 - 2015-01-23 04:00 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-14 09:07 - 2015-01-23 03:51 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-21 15:12 - 2012-04-05 07:34 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-21 15:00 - 2014-03-24 12:10 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2015-02-21 15:00 - 2014-03-14 09:26 - 00000224 _____ () C:\Windows\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-02-21 15:00 - 2012-10-10 08:39 - 00000280 _____ () C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-764733703-839522115-1003.job 2015-02-21 15:00 - 2008-01-21 02:39 - 01254069 _____ () C:\Windows\WindowsUpdate.log 2015-02-21 14:48 - 2014-03-18 14:59 - 00002400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-21 14:48 - 2014-03-18 14:59 - 00002400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-21 14:48 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-21 14:45 - 2008-03-12 08:55 - 00002080 _____ () C:\Windows\system32\ICAutoUpdate.log.bak 2015-02-21 14:42 - 2008-03-11 13:20 - 00032562 _____ () C:\Windows\SchedLgU.Txt 2015-02-21 12:26 - 2010-03-05 12:16 - 00000000 ____D () C:\Users\LENOVO\Documents\Pobieranie 2015-02-21 12:17 - 2008-03-14 17:18 - 00000000 ____D () C:\Users\LENOVO\Documents\Odebrane pliki 2015-02-21 12:06 - 2011-08-25 08:36 - 00307200 _____ () C:\Users\LENOVO\Documents\2011_08_23.mdb 2015-02-21 11:27 - 2008-03-25 11:31 - 00000000 ____D () C:\Users\LENOVO\Documents\WM_Administrat1 Moje dokumenty 2015-02-21 11:14 - 2014-03-18 15:05 - 00000000 ____D () C:\Users\Administrator 2015-02-21 11:02 - 2014-09-15 08:35 - 00002625 _____ () C:\Users\LENOVO\Desktop\Microsoft Office Word 2007.lnk 2015-02-21 10:01 - 2008-03-25 11:31 - 00000000 ____D () C:\Users\LENOVO\Documents\umowy 2015-02-20 16:36 - 2014-12-09 11:33 - 00000000 ____D () C:\Program Files\Wondershare 2015-02-19 21:43 - 2014-03-18 15:06 - 00000000 ____D () C:\Users\LENOVO 2015-02-19 19:35 - 2014-03-24 10:20 - 00000000 ____D () C:\Windows\Minidump 2015-02-19 19:35 - 2010-05-27 20:10 - 00156313 _____ () C:\Windows\Minidump\Mini021915-02.dmp 2015-02-19 14:03 - 2010-05-27 20:10 - 00156313 _____ () C:\Windows\Minidump\Mini021915-01.dmp 2015-02-19 12:17 - 2008-03-14 17:05 - 00000000 ____D () C:\SONY_MAP 2015-02-19 12:17 - 2008-03-14 10:10 - 00000000 ____D () C:\Program Files\Microsoft Works 2015-02-19 10:32 - 2008-03-12 08:59 - 00000000 __SHD () C:\Users\LENOVO\UserData 2015-02-18 21:51 - 2004-08-04 13:00 - 00000768 _____ () C:\Windows\win.ini 2015-02-18 21:21 - 2008-03-25 13:00 - 00000000 ___RD () C:\TOOLS 2015-02-18 21:18 - 2008-04-21 14:02 - 00000000 ____D () C:\ProgramData\Skype 2015-02-18 20:30 - 2011-07-13 12:13 - 00000000 ____D () C:\Users\LENOVO\AppData\Roaming\DVDVideoSoft 2015-02-18 19:16 - 2010-03-22 14:30 - 00000000 ___SD () C:\Users\LENOVO\Documents\Moje źródła danych 2015-02-18 19:03 - 2014-09-15 09:08 - 98296832 _____ () C:\Users\LENOVO\Documents\Outlook.pst 2015-02-18 19:00 - 2008-10-13 09:01 - 00000000 ___RD () C:\Users\LENOVO\Documents\LifeCam Files 2015-02-17 22:15 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache 2015-02-17 22:14 - 2013-01-08 08:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks 2015-02-17 19:27 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2015-02-17 19:25 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pl-PL 2015-02-17 15:46 - 2008-01-21 07:23 - 01691348 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-17 15:46 - 2008-01-21 07:22 - 00740616 _____ () C:\Windows\system32\perfh015.dat 2015-02-17 15:46 - 2008-01-21 07:22 - 00165304 _____ () C:\Windows\system32\perfc015.dat 2015-02-16 20:57 - 2014-06-12 06:46 - 00000000 ____D () C:\Users\LENOVO\AppData\Roaming\trustedshopper 2015-02-16 20:57 - 2014-06-12 06:46 - 00000000 ____D () C:\Users\LENOVO\AppData\Local\UpdateChecker 2015-02-16 18:36 - 2006-11-02 11:22 - 87293952 _____ () C:\Windows\system32\config\SYSTEM.bak 2015-02-16 18:36 - 2006-11-02 11:22 - 54263808 _____ () C:\Windows\system32\config\SOFTWARE.bak 2015-02-16 18:36 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak 2015-02-16 18:28 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\SAM.bak 2015-02-16 14:51 - 2008-03-25 12:43 - 00000000 ____D () C:\Program Files\Java 2015-02-15 18:17 - 2006-11-02 13:47 - 00430984 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-15 15:23 - 2014-03-18 16:03 - 00104352 _____ () C:\Users\LENOVO\AppData\Local\GDIPFONTCACHEV1.DAT 2015-02-15 14:59 - 2008-03-14 17:08 - 00000000 ____D () C:\Program Files\Windows Live 2015-02-15 14:54 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2015-02-15 12:30 - 2014-09-15 09:22 - 00000000 ____D () C:\KAV 2015-02-15 11:25 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\MSBuild 2015-02-14 20:02 - 2012-10-10 08:34 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2015-02-14 20:00 - 2008-03-25 12:38 - 00000000 ____D () C:\Users\LENOVO\AppData\Local\Adobe 2015-02-14 18:37 - 2008-03-31 10:29 - 00000000 ____D () C:\Users\LENOVO\AppData\Local\Apple Computer 2015-02-14 17:36 - 2008-03-11 15:03 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2015-02-14 16:12 - 2013-08-20 11:17 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-14 16:04 - 2006-11-02 11:24 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2015-02-14 16:03 - 2008-03-12 09:31 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-14 15:17 - 2008-03-14 17:07 - 00004195 _____ () C:\Windows\SONYMAP.INI 2015-02-14 15:14 - 2014-03-18 14:51 - 00000000 ____D () C:\Windows\Panther 2015-02-14 15:14 - 2009-01-15 11:51 - 00000000 ____D () C:\Users\LENOVO\Tracing 2015-02-14 15:06 - 2008-01-21 07:22 - 00000000 ____D () C:\Windows\WindowsMobile 2015-02-14 15:06 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\LogFiles 2015-02-14 14:39 - 2011-09-09 10:19 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-02-14 13:53 - 2008-03-25 12:33 - 00000000 ____D () C:\Program Files\Google 2015-02-14 13:51 - 2008-03-25 13:12 - 00000000 ____D () C:\Users\LENOVO\AppData\Local\Google 2015-02-14 13:09 - 2012-01-18 14:32 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-02-14 12:22 - 2014-12-09 09:00 - 00000000 ____D () C:\Program Files\D51D0083-1C6B-4CB4-8FA1-7CF891242EBD 2015-02-14 12:18 - 2008-03-12 08:55 - 20082643 _____ () C:\sysiclog.txt.bak 2015-02-14 11:43 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc 2015-02-14 11:42 - 2006-11-02 11:22 - 84410368 _____ () C:\Windows\system32\config\system_previous 2015-02-14 11:42 - 2006-11-02 11:22 - 54263808 _____ () C:\Windows\system32\config\software_previous 2015-02-14 11:42 - 2006-11-02 11:22 - 46661632 _____ () C:\Windows\system32\config\components_previous 2015-02-14 11:42 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous 2015-02-14 11:42 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous 2015-02-14 11:42 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\default_previous 2015-02-14 11:41 - 2008-03-14 17:22 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2015-02-14 11:41 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool 2015-02-14 11:41 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration 2015-02-12 10:14 - 2012-04-05 07:34 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-02-12 10:14 - 2011-06-21 07:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-01-29 09:11 - 2014-09-15 09:19 - 00002619 _____ () C:\Users\LENOVO\Desktop\Microsoft Office Excel 2007.lnk 2015-01-27 13:38 - 2012-10-10 08:39 - 00000288 _____ () C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-764733703-839522115-1003.job 2015-01-23 14:29 - 2008-03-25 12:55 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2015-01-23 14:29 - 2008-03-25 12:55 - 00000000 ____D () C:\Program Files\Adobe 2015-01-23 12:26 - 2014-02-04 14:14 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 ==================== Files in the root of some directories ======= 2008-03-25 11:40 - 2008-03-25 11:40 - 0002528 _____ () C:\Users\LENOVO\AppData\Roaming\$_hpcst$.hpc 2011-01-13 13:22 - 2011-08-25 08:36 - 0038465 ____C () C:\Users\LENOVO\AppData\Roaming\Microsoft Access 97-2003.ADR 2011-08-22 09:28 - 2011-08-22 09:28 - 0008293 ____C () C:\Users\LENOVO\AppData\Roaming\Microsoft Access 97-2003.JNL 2009-01-28 07:43 - 2011-08-22 09:39 - 0038448 ____C () C:\Users\LENOVO\AppData\Roaming\Microsoft Excel 97-2003.ADR 2009-01-28 10:56 - 2011-08-22 09:44 - 0008276 ____C () C:\Users\LENOVO\AppData\Roaming\Microsoft Excel 97-2003.JNL 2008-09-25 09:25 - 2014-06-16 13:18 - 0000000 _____ () C:\Users\LENOVO\AppData\Roaming\wklnhst.dat 2014-04-02 08:09 - 2014-04-02 08:09 - 0000037 ___SH () C:\Users\LENOVO\AppData\Local\70149b02515b3bb20dd492.47983420 2014-03-18 16:01 - 2014-04-01 09:20 - 0000680 _____ () C:\Users\LENOVO\AppData\Local\d3d9caps.dat 2015-02-14 18:35 - 2015-02-14 18:35 - 0004608 _____ () C:\Users\LENOVO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Files to move or delete: ==================== C:\Users\LENOVO\APNStub.exe Some content of TEMP: ==================== C:\Users\LENOVO\AppData\Local\Temp\VSUSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-21 14:54 ==================== End Of Log ============================