Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by Pc (administrator) on PC-C10F478E272D on 12-03-2015 20:37:58 Running from G:\Narzedzia\Diagnostyka dla Picasso\FIRST Loaded Profiles: Pc (Available profiles: Pc) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) G:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) G:\WINDOWS\system32\ati2evxx.exe (Microsoft Corporation) G:\WINDOWS\system32\rundll32.exe (Google Inc.) G:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe () G:\Program Files\ver1BetterDeals\R5BetterDealsW24.exe (Lid) G:\Program Files\App Lid\9669df1b-c81b-40fb-acd9-e7d6bfacf362-6.exe (Realtek Semiconductor Corp.) G:\WINDOWS\RTHDCPL.EXE (Hewlett-Packard Company) G:\Program Files\HP\hpcoretech\hpcmpmgr.exe (HP) G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe (Hewlett-Packard Company) G:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe () G:\Program Files\ver1BetterDeals\n5F.exe (SEIKO EPSON CORPORATION) G:\Program Files\Epson Software\Event Manager\EEventManager.exe () G:\Program Files\Winamp\winampa.exe (Nuance Communications, Inc.) G:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Brother Industries, Ltd.) G:\Program Files\Browny02\Brother\BrStMonW.exe (Oracle Corporation) G:\Program Files\Common Files\Java\Java Update\jusched.exe () G:\Program Files\DivX\DivX Update\DivXUpdate.exe () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\45443439-1425853726-4639-4637-3743FFFFFFFF\bnse228.exe () G:\Program Files\gmsd_pl_65\gmsd_pl_65.exe () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\gmsd_pl_65\upgmsd_pl_65.exe (Lid) G:\Program Files\App Lid\9669df1b-c81b-40fb-acd9-e7d6bfacf362-1-6.exe (SoftBrain Technologies Ltd.) G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\SmartWeb\SmartWebHelper.exe (Brother Industries, Ltd.) G:\Program Files\ControlCenter4\BrCtrlCntr.exe (BitTorrent Inc.) G:\Documents and Settings\Pc\Dane aplikacji\uTorrent\uTorrent.exe (InstallMoonV09.03) G:\Program Files\GoHDV09.03\3f41dd1f-4ab7-47c5-b477-97b75e4a1a74-6.exe (Super PC Tools Ltd) G:\DOCUME~1\ALLUSE~1\DANEAP~1\{BA121~1\SUPERP~1.EXE (Brother Industries, Ltd.) G:\Program Files\ControlCenter4\BrCcUxSys.exe (Hewlett-Packard Company) G:\Program Files\HP\hpcoretech\comp\hptskmgr.exe (InstallMoonV09.03) G:\Program Files\GoHDV09.03\3f41dd1f-4ab7-47c5-b477-97b75e4a1a74-1-6.exe (HD CinemaV09.03) G:\Program Files\HD Cinema Pro 1.8cV09.03\1d04c31d-baab-41ad-8d43-42e7f8102059-6.exe (HD CinemaV09.03) G:\Program Files\HD Cinema Pro 1.8cV09.03\1d04c31d-baab-41ad-8d43-42e7f8102059-1-6.exe (ABBYY) G:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ArcSoft Inc.) G:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (BD Inc.) G:\Program Files\IGS\BasementDuster.exe () G:\Program Files\ver1BetterDeals\K6Ey189.exe (Oracle Corporation) G:\Program Files\Java\jre7\bin\jqs.exe () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\45443439-1425933115-4639-4637-3743FFFFFFFF\insv16B.tmp (Quick Ref) G:\Program Files\QuickRef_1.10.0.9\Service\qrsvc.exe () G:\Documents and Settings\Pc\Dane aplikacji\ASPackage\ASSrv.exe () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\45443439-1425853738-4639-4637-3743FFFFFFFF\cnst236.tmp (Brother Industries, Ltd.) G:\Program Files\Browny02\BrYNSvc.exe (Microsoft Corporation) G:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) G:\WINDOWS\system32\wbem\unsecapp.exe () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\45443439-1425933115-4639-4637-3743FFFFFFFF\jnsf169.exe () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\45443439-1425853738-4639-4637-3743FFFFFFFF\ansy233.exe (Oracle Corporation) G:\Program Files\Common Files\Java\Java Update\jucheck.exe (SoftBrain Technologies Ltd.) G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\SmartWeb\SmartWebApp.exe () G:\Program Files\digi docket\bin\utildigidocket.exe () G:\Program Files\digi docket\bin\digidocket.expext.exe () G:\Program Files\digi docket\bin\digidocket.BrowserAdapter.exe () G:\Program Files\digi docket\bin\digidocket.PurBrowse.exe () G:\Program Files\digi docket\updatedigidocket.exe () G:\Program Files\gmsd_pl_65\gmsd_pl_65.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => G:\WINDOWS\RTHDCPL.EXE [20117648 2012-10-30] (Realtek Semiconductor Corp.) HKLM\...\Run: [Adobe ARM] => G:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [HP Component Manager] => G:\Program Files\HP\hpcoretech\hpcmpmgr.exe [241664 2003-12-22] (Hewlett-Packard Company) HKLM\...\Run: [HPDJ Taskbar Utility] => G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [172032 2004-03-04] (HP) HKLM\...\Run: [HP Software Update] => G:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [49152 2004-02-18] (Hewlett-Packard Company) HKLM\...\Run: [BCSSync] => G:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [ArcSoft Connection Service] => G:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM\...\Run: [EEventManager] => G:\Program Files\Epson Software\Event Manager\EEventManager.exe [976832 2009-12-17] (SEIKO EPSON CORPORATION) HKLM\...\Run: [APSDaemon] => G:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => G:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM\...\Run: [WinampAgent] => G:\Program Files\Winamp\winampa.exe [33792 2003-12-13] () HKLM\...\Run: [upfst_pl_6.exe] => G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\fst_pl_6\upfst_pl_6.exe -runhelper HKLM\...\Run: [fst_pl_19] => [X] HKLM\...\Run: [fst_pl_6] => [X] HKLM\...\Run: [fst_pl_73] => [X] HKLM\...\Run: [fst_pl_99] => [X] HKLM\...\Run: [NeroCheck] => G:\WINDOWS\system32\NeroCheck.exe [155648 2001-08-06] (Ahead Software Gmbh) HKLM\...\Run: [PDFHook] => G:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM\...\Run: [PDF5 Registry Controller] => G:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM\...\Run: [ControlCenter4] => G:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM\...\Run: [BrStsMon00] => G:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM\...\Run: [SunJavaUpdateSched] => G:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM\...\Run: [PowerDVD14Agent] => G:\Program Files\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-08-12] (CyberLink Corp.) HKLM\...\Run: [DivXMediaServer] => G:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC) HKLM\...\Run: [DivXUpdate] => G:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM\...\Run: [WinCheck] => G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\45443439-1425853726-4639-4637-3743FFFFFFFF\bnse228.exe [247808 2015-03-08] () HKLM\...\Run: [gmsd_pl_65] => G:\Program Files\gmsd_pl_65\gmsd_pl_65.exe [3976872 2015-03-09] () HKLM\...\Run: [upgmsd_pl_65.exe] => G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\gmsd_pl_65\upgmsd_pl_65.exe [3311784 2015-03-09] () HKLM\...\Run: [SmartWeb] => G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.) Winlogon\Notify\AtiExtEvent: G:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-1275210071-117609710-839522115-1003\...\Run: [BearShare] => "G:\Program Files\BearShare Applications\BearShare\BearShare.exe" --lightmode HKU\S-1-5-21-1275210071-117609710-839522115-1003\...\Run: [ISUSPM] => G:\Documents and Settings\All Users\Dane aplikacji\FLEXnet\Connect\11\ISUSPM.exe -scheduler HKU\S-1-5-21-1275210071-117609710-839522115-1003\...\Run: [uTorrent] => G:\Documents and Settings\Pc\Dane aplikacji\uTorrent\uTorrent.exe [1739088 2015-03-08] (BitTorrent Inc.) HKU\S-1-5-21-1275210071-117609710-839522115-1003\...\Run: [Super Optimizer] => G:\Program Files\Super Optimizer\SupOptLauncher.exe [676968 2015-02-09] (SUPER PC TOOLS LIMITED) HKU\S-1-5-18\...\Run: [DWQueuedReporting] => G:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [520424 2013-03-06] (Microsoft Corporation) Startup: G:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk ShortcutTarget: Adobe Gamma Loader.lnk -> G:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: G:\Documents and Settings\Pc\Menu Start\Programy\Autostart\SmartWeb.lnk ShortcutTarget: SmartWeb.lnk -> G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.) Startup: G:\Documents and Settings\Pc\Menu Start\Programy\Autostart\superpc_soft_partner.lnk ShortcutTarget: superpc_soft_partner.lnk -> G:\Documents and Settings\All Users\Dane aplikacji\{ba121210-d50e-5ae8-ba12-21210d504843}\superpc_soft_partner.exe (Super PC Tools Ltd) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [S-1-5-21-1275210071-117609710-839522115-1003] => Internet Explorer proxy is enabled. ProxyServer: [S-1-5-21-1275210071-117609710-839522115-1003] => http=127.0.0.1:13988;https=127.0.0.1:13988 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E&q={searchTerms} HKU\S-1-5-21-1275210071-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E HKU\S-1-5-21-1275210071-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org/?bsrc=hmior&chid=c169741 HKU\S-1-5-21-1275210071-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E HKU\S-1-5-21-1275210071-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page Before = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki HKU\S-1-5-21-1275210071-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page Before = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://search.b1.org/?bsrc=ecior&chid=c169741&qq=" <======= ATTENTION SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E&q={searchTerms} SearchScopes: HKU\S-1-5-21-1275210071-117609710-839522115-1003 -> DefaultScope {D38EA3F6-CA97-48E6-B3FE-820C6EBBDF8C} URL = http://search.b1.org/?bsrc=scior&chid=c169741&qq={searchTerms} SearchScopes: HKU\S-1-5-21-1275210071-117609710-839522115-1003 -> DefaultScopeBefore {0633EE93-D776-472f-A0FF-E1416B8B2E3A} SearchScopes: HKU\S-1-5-21-1275210071-117609710-839522115-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E&q={searchTerms} SearchScopes: HKU\S-1-5-21-1275210071-117609710-839522115-1003 -> {D38EA3F6-CA97-48E6-B3FE-820C6EBBDF8C} URL = http://search.b1.org/?bsrc=scior&chid=c169741&qq={searchTerms} BHO: BetterDeals -> {05156942-7E94-3334-C8BD-DEC8D6785E65} -> G:\Program Files\ver1BetterDeals\189.dll [2015-03-08] () BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> G:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) BHO: digi docket 1.0.0.7 -> {6d5a1e81-0205-4ac0-8990-39b27c653334} -> G:\Program Files\digi docket\digidocketbho.dll [2015-03-08] (digi docket) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> G:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> G:\Program Files\Java\jre7\bin\ssv.dll [2014-10-02] (Oracle Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> G:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-01] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> G:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: PriuceLesss -> {c90563c3-29ae-4220-a46e-909444c31676} -> G:\Program Files\PriuceLesss\eat1UVoMwGx8bh.dll [2015-03-08] () BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> G:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-02] (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - G:\Program Files\HP\hpcoretech\comp\hpuiprot.dll [2003-12-22] (Hewlett-Packard Company) Winsock: Catalog9 01 G:\WINDOWS\system32\BDL.dll [319392] (BD Inc.) Winsock: Catalog9 02 G:\WINDOWS\system32\BDL.dll [319392] (BD Inc.) Winsock: Catalog9 16 G:\WINDOWS\system32\BDL.dll [319392] (BD Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 StartMenuInternet: IEXPLORE.EXE - G:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E FireFox: ======== FF ProfilePath: G:\Documents and Settings\Pc\Dane aplikacji\Mozilla\Firefox\Profiles\yygpirum.default-1404846490562 FF NewTab: chrome://quick_start/content/index.html FF DefaultSearchEngine: mystartsearch FF SelectedSearchEngine: mystartsearch FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> G:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> G:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> G:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC) FF Plugin: @Google.com/GoogleEarthPlugin -> G:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @java.com/DTPlugin,version=10.67.2 -> G:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-02] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> G:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-02] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> g:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> G:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> G:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> g:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> G:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-03-09] (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> G:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-03-09] (globalUpdate) FF Plugin: @tools.google.com/Google Update;version=3 -> G:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> G:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.) FF Plugin: Adobe Reader -> G:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF user.js: detected! => G:\Documents and Settings\Pc\Dane aplikacji\Mozilla\Firefox\Profiles\yygpirum.default-1404846490562\user.js [2015-03-08] FF SearchPlugin: G:\Documents and Settings\Pc\Dane aplikacji\Mozilla\Firefox\Profiles\yygpirum.default-1404846490562\searchplugins\improvedsearch.xml [2015-03-08] FF SearchPlugin: G:\Documents and Settings\Pc\Dane aplikacji\Mozilla\Firefox\Profiles\yygpirum.default-1404846490562\searchplugins\mystartsearch.xml [2015-03-08] FF Extension: HD Cinema Pro 1.8cV09.03 - G:\Documents and Settings\Pc\Dane aplikacji\Mozilla\Firefox\Profiles\yygpirum.default-1404846490562\Extensions\9852e04d-7923-4f02-84e5-c1a1b9fe8c30@gmail.com [2015-03-10] FF Extension: App Lid - G:\Documents and Settings\Pc\Dane aplikacji\Mozilla\Firefox\Profiles\yygpirum.default-1404846490562\Extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com [2015-03-11] FF Extension: GoHDV09.03 - G:\Documents and Settings\Pc\Dane aplikacji\Mozilla\Firefox\Profiles\yygpirum.default-1404846490562\Extensions\sonnypenn@aol.com [2015-03-11] FF Extension: Zoom It - G:\Documents and Settings\Pc\Dane aplikacji\Mozilla\Firefox\Profiles\yygpirum.default-1404846490562\Extensions\{1e5df710-26cb-92ed-5272-4b38f175d40e} [2015-03-12] FF Extension: Adblock Plus - G:\Documents and Settings\Pc\Dane aplikacji\Mozilla\Firefox\Profiles\yygpirum.default-1404846490562\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-01] FF Extension: digi docket 1.0.1 - G:\Documents and Settings\Pc\Dane aplikacji\Mozilla\Firefox\Profiles\yygpirum.default-1404846490562\Extensions\{e4db71b5-18d7-401c-9152-e63e79440e72}.xpi [2015-03-11] FF HKLM\...\Firefox\Extensions: [searchengine@gmail.com] - G:\Documents and Settings\Pc\Dane aplikacji\Mozilla\Firefox\Profiles\yygpirum.default-1404846490562\extensions\searchengine@gmail.com FF HKLM\...\Firefox\Extensions: [istart_ffnt@gmail.com] - G:\Documents and Settings\Pc\Dane aplikacji\Mozilla\Firefox\Profiles\yygpirum.default-1404846490562\extensions\istart_ffnt@gmail.com FF HKU\S-1-5-21-1275210071-117609710-839522115-1003\...\Firefox\Extensions: [{A3616CBE-2AD9-B4CD-2255-9F7DA2C037FE}] - G:\Program Files\ver1BetterDeals\189.xpi FF Extension: BetterDeals - G:\Program Files\ver1BetterDeals\189.xpi [2015-03-08] StartMenuInternet: FIREFOX.EXE - G:\Program Files\Mozilla Firefox\firefox.exe http://www.mystartsearch.com/?type=sc&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E" CHR DefaultSearchKeyword: Default -> mystartsearch CHR DefaultSuggestURL: Default -> CHR Plugin: (Widevine Content Decryption Module) - G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll No File CHR Plugin: (Shockwave Flash) - G:\Program Files\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - G:\Program Files\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - G:\Program Files\Google\Chrome\Application\40.0.2214.115\pdf.dll () CHR Plugin: (QuickTime Plug-in 7.7.4) - G:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - G:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - G:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - G:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - G:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (Microsoft® DRM) - G:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - G:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft® DRM) - G:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - G:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - G:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - G:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - G:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - G:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File CHR Plugin: (Shockwave Flash) - G:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll No File CHR Plugin: (Silverlight Plug-In) - g:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File CHR Plugin: (Windows Presentation Foundation) - g:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Profile: G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (digi docket) - G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dgjbhcmpomlddhkjnpalcmnfehnalpkj [2015-03-08] CHR Extension: (Google Wallet) - G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-29] StartMenuInternet: chrome.exe - G:\Program Files\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1425850244&from=epom2&uid=ST500DM002-1BD142_S2AH3K6EXXXXS2AH3K6E ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 43522951; g:\Program Files\Super Optimizer\SupOptStats.dll [1645160 2015-03-11] () R2 ABBYY.Licensing.FineReader.Sprint.9.0; G:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 ACDaemon; G:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S3 AppleChargerSrv; G:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 BasementDuster; G:\Program Files\IGS\BasementDuster.exe [1494192 2015-03-06] (BD Inc.) [File not signed] R2 BetterDeals; G:\Program Files\ver1BetterDeals\K6Ey189.exe [347136 2015-03-08] () [File not signed] R3 BrYNSvc; G:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] S2 globalUpdate; G:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-09] (globalUpdate) [File not signed] S3 globalUpdatem; G:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-09] (globalUpdate) [File not signed] R2 JavaQuickStarterService; G:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-10-02] (Oracle Corporation) R2 jorolofe; G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\45443439-1425933115-4639-4637-3743FFFFFFFF\insv16B.tmp [137216 2015-03-09] () [File not signed] S2 KMService; G:\WINDOWS\system32\srvany.exe [8192 2013-10-31] () [File not signed] R2 qrsvc_1.10.0.9; G:\Program Files\QuickRef_1.10.0.9\Service\qrsvc.exe [278592 2015-02-06] (Quick Ref) R2 serveras; G:\Documents and Settings\Pc\Dane aplikacji\ASPackage\ASSrv.exe [63488 2015-03-08] () [File not signed] R2 tubyjofy; G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\45443439-1425853738-4639-4637-3743FFFFFFFF\cnst236.tmp [76288 2015-03-08] () [File not signed] R2 Update digi docket; G:\Program Files\digi docket\updatedigidocket.exe [402168 2015-03-12] () R2 Util digi docket; G:\Program Files\digi docket\bin\utildigidocket.exe [402168 2015-03-12] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 Afc; G:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.) S3 Ambfilt; G:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R1 AmdPPM; G:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices) R1 AppleCharger; G:\WINDOWS\System32\DRIVERS\AppleCharger.sys [19608 2012-10-25] () R3 AR9271; G:\WINDOWS\System32\DRIVERS\athuw.sys [1763584 2012-10-18] (Atheros Communications, Inc.) S3 BrScnUsb; G:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2010-03-16] (Brother Industries Ltd.) R3 L1c; G:\WINDOWS\System32\DRIVERS\l1c51x86.sys [82032 2012-04-25] (Atheros Communications, Inc.) S3 Monfilt; G:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) R0 PxHelp20; G:\WINDOWS\System32\DRIVERS\PxHelp20.sys [20016 2003-10-28] (Sonic Solutions) [File not signed] R1 qrnfd_1_10_0_9; G:\WINDOWS\System32\drivers\qrnfd_1_10_0_9.sys [52720 2015-02-06] (Quick Ref) S3 SONYPVU1; G:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation) R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; G:\Program Files\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [26824 2014-08-12] (CyberLink Corp.) R1 {d2c0ab1d-6370-4786-b3bc-16a62a2a98bb}Gt; G:\WINDOWS\System32\drivers\{d2c0ab1d-6370-4786-b3bc-16a62a2a98bb}Gt.sys [55824 2015-03-08] (StdLib) R1 {e4db71b5-18d7-401c-9152-e63e79440e72}Gt; G:\WINDOWS\System32\drivers\{e4db71b5-18d7-401c-9152-e63e79440e72}Gt.sys [55824 2015-03-10] (StdLib) U3 arzoqgq6; G:\WINDOWS\system32\Drivers\arzoqgq6.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder) S4 IntelIde; No ImagePath U5 ScsiPort; G:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) R4 sptd; System32\Drivers\sptd.sys [X] U3 awliqpod; \??\G:\DOCUME~1\Pc\USTAWI~1\Temp\awliqpod.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-11 06:42 - 2015-03-11 11:20 - 00000000 ____D () G:\Documents and Settings\All Users\Dane aplikacji\{ba121210-d50e-5ae8-ba12-21210d504843} 2015-03-11 06:42 - 2015-03-11 06:42 - 00000761 _____ () G:\Documents and Settings\Pc\Pulpit\Super Optimizer.lnk 2015-03-11 06:42 - 2015-03-11 06:42 - 00000000 ____D () G:\Program Files\Super Optimizer 2015-03-11 06:42 - 2015-03-11 06:42 - 00000000 ____D () G:\Documents and Settings\All Users\Menu Start\Programy\Super Optimizer 2015-03-10 22:46 - 2015-03-10 03:19 - 00055824 _____ (StdLib) G:\WINDOWS\system32\Drivers\{e4db71b5-18d7-401c-9152-e63e79440e72}Gt.sys 2015-03-09 20:38 - 2015-03-12 20:38 - 00005142 _____ () G:\WINDOWS\Tasks\3f41dd1f-4ab7-47c5-b477-97b75e4a1a74-7.job 2015-03-09 20:38 - 2015-03-12 20:38 - 00004118 _____ () G:\WINDOWS\Tasks\3f41dd1f-4ab7-47c5-b477-97b75e4a1a74-4.job 2015-03-09 20:38 - 2015-03-12 20:38 - 00003434 _____ () G:\WINDOWS\Tasks\3f41dd1f-4ab7-47c5-b477-97b75e4a1a74-1-7.job 2015-03-09 20:38 - 2015-03-12 20:38 - 00002406 _____ () G:\WINDOWS\Tasks\3f41dd1f-4ab7-47c5-b477-97b75e4a1a74-5.job 2015-03-09 20:38 - 2015-03-12 20:38 - 00001706 _____ () G:\WINDOWS\Tasks\IUKBUKHL.job 2015-03-09 20:38 - 2015-03-12 20:38 - 00001358 _____ () G:\WINDOWS\Tasks\UBMCFE.job 2015-03-09 20:38 - 2015-03-12 20:38 - 00000364 _____ () G:\WINDOWS\Tasks\APSnotifierPP3.job 2015-03-09 20:38 - 2015-03-12 20:15 - 00005478 _____ () G:\WINDOWS\Tasks\3f41dd1f-4ab7-47c5-b477-97b75e4a1a74-6.job 2015-03-09 20:38 - 2015-03-12 20:15 - 00003098 _____ () G:\WINDOWS\Tasks\3f41dd1f-4ab7-47c5-b477-97b75e4a1a74-1-6.job 2015-03-09 20:38 - 2015-03-09 20:58 - 00000366 _____ () G:\WINDOWS\Tasks\APSnotifierPP1.job 2015-03-09 20:38 - 2015-03-09 20:38 - 01854464 _____ (InstallMoonV09.03) G:\Documents and Settings\Pc\Dane aplikacji\IUKBUKHL.exe 2015-03-09 20:38 - 2015-03-09 20:38 - 01371136 _____ (InstallMoonV09.03) G:\Documents and Settings\Pc\Dane aplikacji\UBMCFE.exe 2015-03-09 20:38 - 2015-03-09 20:38 - 00000364 _____ () G:\WINDOWS\Tasks\APSnotifierPP2.job 2015-03-09 20:38 - 2015-03-09 20:38 - 00000000 ____D () G:\Program Files\0f88a956-294b-4ac2-97c6-30c00289d840 2015-03-09 20:37 - 2015-03-12 20:37 - 00002072 _____ () G:\WINDOWS\Tasks\3f41dd1f-4ab7-47c5-b477-97b75e4a1a74-10_user.job 2015-03-09 20:37 - 2015-03-09 20:38 - 00000000 ____D () G:\Program Files\GoHDV09.03 2015-03-09 20:37 - 2015-03-09 20:38 - 00000000 ____D () G:\Documents and Settings\Pc\Dane aplikacji\systweak 2015-03-09 20:37 - 2014-12-08 17:01 - 00018168 _____ () G:\WINDOWS\system32\roboot.exe 2015-03-09 20:36 - 2015-03-12 20:36 - 00005506 _____ () G:\WINDOWS\Tasks\1d04c31d-baab-41ad-8d43-42e7f8102059-7.job 2015-03-09 20:36 - 2015-03-12 20:36 - 00004482 _____ () G:\WINDOWS\Tasks\1d04c31d-baab-41ad-8d43-42e7f8102059-4.job 2015-03-09 20:36 - 2015-03-12 20:36 - 00004482 _____ () G:\WINDOWS\Tasks\1d04c31d-baab-41ad-8d43-42e7f8102059-3.job 2015-03-09 20:36 - 2015-03-12 20:36 - 00003462 _____ () G:\WINDOWS\Tasks\1d04c31d-baab-41ad-8d43-42e7f8102059-1-7.job 2015-03-09 20:36 - 2015-03-12 20:36 - 00002434 _____ () G:\WINDOWS\Tasks\1d04c31d-baab-41ad-8d43-42e7f8102059-5.job 2015-03-09 20:36 - 2015-03-12 20:36 - 00002100 _____ () G:\WINDOWS\Tasks\1d04c31d-baab-41ad-8d43-42e7f8102059-10_user.job 2015-03-09 20:36 - 2015-03-12 20:36 - 00001704 _____ () G:\WINDOWS\Tasks\MBNIHAR.job 2015-03-09 20:36 - 2015-03-12 20:36 - 00001354 _____ () G:\WINDOWS\Tasks\CCVL.job 2015-03-09 20:36 - 2015-03-12 20:15 - 00005506 _____ () G:\WINDOWS\Tasks\1d04c31d-baab-41ad-8d43-42e7f8102059-6.job 2015-03-09 20:36 - 2015-03-12 20:15 - 00003126 _____ () G:\WINDOWS\Tasks\1d04c31d-baab-41ad-8d43-42e7f8102059-1-6.job 2015-03-09 20:36 - 2015-03-09 20:36 - 01854464 _____ (HD CinemaV09.03) G:\Documents and Settings\Pc\Dane aplikacji\MBNIHAR.exe 2015-03-09 20:36 - 2015-03-09 20:36 - 01371136 _____ (HD CinemaV09.03) G:\Documents and Settings\Pc\Dane aplikacji\CCVL.exe 2015-03-09 20:36 - 2015-03-09 20:36 - 00613255 _____ (CMI Limited) G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\nsb195.tmp 2015-03-09 20:36 - 2015-03-09 20:36 - 00000000 __SHD () G:\Documents and Settings\Pc\Dane aplikacji\AnyProtectEx 2015-03-09 20:36 - 2015-03-09 20:36 - 00000000 ____D () G:\Program Files\HD Cinema Pro 1.8cV09.03 2015-03-09 20:36 - 2015-03-09 20:36 - 00000000 ____D () G:\Program Files\9efdd5cb-655d-43c9-a6e6-1e01e31fc891 2015-03-09 20:33 - 2015-03-09 20:33 - 00000000 _____ () G:\WINDOWS\system32\TempWmicBatchFile.bat 2015-03-09 20:32 - 2015-03-09 20:32 - 00008608 _____ () G:\WINDOWS\system32\BasementDusterOff.ini 2015-03-09 20:32 - 2015-03-09 20:32 - 00000000 ____D () G:\Program Files\IGS 2015-03-09 20:32 - 2015-03-06 10:29 - 00319392 _____ (BD Inc.) G:\WINDOWS\system32\BDL.dll 2015-03-09 20:31 - 2015-03-12 20:21 - 00000000 ____D () G:\Documents and Settings\Pc\Dane aplikacji\SmartWeb 2015-03-09 20:31 - 2015-03-12 20:18 - 00000000 ____D () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\gmsd_pl_65 2015-03-09 20:31 - 2015-03-09 20:32 - 00000000 ____D () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\45443439-1425933115-4639-4637-3743FFFFFFFF 2015-03-09 20:31 - 2015-03-09 20:31 - 00000342 _____ () G:\WINDOWS\Tasks\SmartWeb Upgrade Trigger Task.job 2015-03-09 20:31 - 2015-03-09 20:31 - 00000000 ____D () G:\Program Files\QuickRef_1.10.0.9 2015-03-09 20:31 - 2015-03-09 20:31 - 00000000 ____D () G:\Program Files\gmsd_pl_65 2015-03-09 20:31 - 2015-03-09 20:31 - 00000000 ____D () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\SmartWeb 2015-03-08 22:36 - 2015-03-08 12:19 - 00055824 _____ (StdLib) G:\WINDOWS\system32\Drivers\{d2c0ab1d-6370-4786-b3bc-16a62a2a98bb}Gt.sys 2015-03-08 22:35 - 2015-03-09 20:00 - 00000000 _____ () G:\Documents and Settings\Pc\TempWmicBatchFile.bat 2015-03-08 22:34 - 2015-03-12 20:37 - 00000004 _____ () G:\WINDOWS\system32\029B560A371F4E00AB32838EBC01B9E7 2015-03-08 22:32 - 2015-03-08 22:32 - 00000000 ____D () G:\Documents and Settings\Pc\Menu Start\Programy\VOPackage 2015-03-08 22:32 - 2015-03-08 22:32 - 00000000 ____D () G:\Documents and Settings\Pc\Dane aplikacji\VOPackage 2015-03-08 22:32 - 2015-03-08 22:32 - 00000000 ____D () G:\Documents and Settings\Pc\Dane aplikacji\45443439-1425850326-4639-4637-3743FFFFFFFF 2015-03-08 22:31 - 2015-03-08 22:31 - 00000000 ____D () G:\Program Files\PriuceLesss 2015-03-08 22:31 - 2015-03-08 22:31 - 00000000 ____D () G:\Documents and Settings\Pc\Dane aplikacji\mystartsearch 2015-03-08 22:31 - 2015-03-08 22:31 - 00000000 ____D () G:\Documents and Settings\All Users\Dane aplikacji\9651896652148095366 2015-03-08 22:30 - 2015-03-12 20:24 - 00000000 ____D () G:\Program Files\digi docket 2015-03-08 22:30 - 2015-03-12 20:15 - 00000388 _____ () G:\WINDOWS\Tasks\BetterDeals Update.job 2015-03-08 22:30 - 2015-03-08 22:30 - 00000000 ____D () G:\Program Files\ver1BetterDeals 2015-03-08 22:30 - 2015-03-08 22:30 - 00000000 ____D () G:\Documents and Settings\All Users\Dane aplikacji\fmhcfkifjpdlmcallfafjkgjemhiddnf 2015-03-08 22:28 - 2015-03-08 22:28 - 00000000 ____D () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\45443439-1425853738-4639-4637-3743FFFFFFFF 2015-03-08 22:28 - 2015-03-08 22:28 - 00000000 ____D () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\45443439-1425853726-4639-4637-3743FFFFFFFF 2015-03-08 22:27 - 2015-03-12 20:15 - 00004792 _____ () G:\WINDOWS\Tasks\9669df1b-c81b-40fb-acd9-e7d6bfacf362-4.job 2015-03-08 22:27 - 2015-03-12 20:15 - 00003428 _____ () G:\WINDOWS\Tasks\9669df1b-c81b-40fb-acd9-e7d6bfacf362-1-7.job 2015-03-08 22:27 - 2015-03-12 20:15 - 00003092 _____ () G:\WINDOWS\Tasks\9669df1b-c81b-40fb-acd9-e7d6bfacf362-1-6.job 2015-03-08 22:27 - 2015-03-12 20:15 - 00002400 _____ () G:\WINDOWS\Tasks\9669df1b-c81b-40fb-acd9-e7d6bfacf362-5.job 2015-03-08 22:27 - 2015-03-09 20:40 - 00000000 ____D () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\FilesFrog Update Checker 2015-03-08 22:26 - 2015-03-12 20:26 - 00002066 _____ () G:\WINDOWS\Tasks\9669df1b-c81b-40fb-acd9-e7d6bfacf362-10_user.job 2015-03-08 22:26 - 2015-03-12 20:15 - 00005472 _____ () G:\WINDOWS\Tasks\9669df1b-c81b-40fb-acd9-e7d6bfacf362-7.job 2015-03-08 22:26 - 2015-03-12 20:15 - 00005472 _____ () G:\WINDOWS\Tasks\9669df1b-c81b-40fb-acd9-e7d6bfacf362-6.job 2015-03-08 22:26 - 2015-03-12 20:15 - 00000952 _____ () G:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job 2015-03-08 22:26 - 2015-03-11 20:43 - 00000956 _____ () G:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job 2015-03-08 22:26 - 2015-03-08 22:27 - 00000000 ____D () G:\Program Files\App Lid 2015-03-08 22:26 - 2015-03-08 22:26 - 00000000 ____D () G:\Program Files\globalUpdate 2015-03-08 22:26 - 2015-03-08 22:26 - 00000000 ____D () G:\Program Files\298e4e1f-f5d7-470e-81cf-dad347b847f8 2015-03-08 22:26 - 2015-03-08 22:26 - 00000000 ____D () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\globalUpdate 2015-03-08 22:26 - 2015-03-08 22:26 - 00000000 ____D () G:\Documents and Settings\Pc\Menu Start\Programy\ASPackage 2015-03-08 22:26 - 2015-03-08 22:26 - 00000000 ____D () G:\Documents and Settings\Pc\Dane aplikacji\ASPackage 2015-03-08 22:25 - 2015-03-12 20:35 - 00000000 ____D () G:\Documents and Settings\Pc\Dane aplikacji\uTorrent 2015-03-08 22:25 - 2015-03-08 22:25 - 00718497 _____ () G:\WINDOWS\unins000.exe 2015-03-08 22:25 - 2015-03-08 22:25 - 00118263 _____ () G:\WINDOWS\unins000.dat 2015-03-08 22:25 - 2015-03-08 22:25 - 00000807 _____ () G:\Documents and Settings\Pc\Pulpit\µTorrent.lnk 2015-03-08 22:25 - 2015-03-08 22:25 - 00000807 _____ () G:\Documents and Settings\Pc\Menu Start\µTorrent.lnk 2015-02-17 15:26 - 2015-02-17 15:26 - 01217184 _____ (Microsoft Corporation) G:\WINDOWS\system32\FM20.DLL ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-12 20:38 - 2014-07-06 12:19 - 00000000 ____D () G:\FRST 2015-03-12 20:38 - 2013-10-29 15:47 - 00000000 ____D () G:\Documents and Settings\Pc\Ustawienia lokalne\Temp 2015-03-12 20:24 - 2004-08-04 13:00 - 00000654 _____ () G:\WINDOWS\win.ini 2015-03-12 20:18 - 2013-10-29 15:41 - 01217827 _____ () G:\WINDOWS\WindowsUpdate.log 2015-03-12 20:15 - 2014-03-09 14:26 - 00000216 _____ () G:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-03-12 20:15 - 2013-10-29 23:32 - 00000159 _____ () G:\WINDOWS\wiadebug.log 2015-03-12 20:15 - 2013-10-29 23:32 - 00000050 _____ () G:\WINDOWS\wiaservc.log 2015-03-12 20:15 - 2013-10-29 16:21 - 00001032 _____ () G:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-12 20:15 - 2013-10-29 15:47 - 00032450 _____ () G:\WINDOWS\SchedLgU.Txt 2015-03-12 20:15 - 2013-10-29 15:47 - 00000006 ____H () G:\WINDOWS\Tasks\SA.DAT 2015-03-12 20:15 - 2004-08-04 13:00 - 00013646 _____ () G:\WINDOWS\system32\wpa.dbl 2015-03-12 06:41 - 2013-10-29 15:47 - 00000188 ___SH () G:\Documents and Settings\Pc\ntuser.ini 2015-03-11 23:12 - 2013-10-29 16:21 - 00001036 _____ () G:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-11 22:50 - 2013-10-29 16:21 - 00000930 _____ () G:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-03-11 22:18 - 2013-10-31 21:52 - 00002499 _____ () G:\Documents and Settings\Pc\Pulpit\Word 2010.lnk 2015-03-11 22:02 - 2013-10-29 23:31 - 00000000 ___RD () G:\Documents and Settings\All Users\Menu Start\Programy 2015-03-11 22:02 - 2013-10-29 23:31 - 00000000 ____D () G:\Documents and Settings\All Users\Pulpit 2015-03-11 22:02 - 2013-10-29 15:47 - 00000000 ___RD () G:\Documents and Settings\Pc\Moje dokumenty 2015-03-11 21:04 - 2013-10-31 21:53 - 00002493 _____ () G:\Documents and Settings\Pc\Pulpit\Excel 2010.lnk 2015-03-11 19:35 - 2013-10-29 15:47 - 00000000 ____D () G:\Documents and Settings\Pc\Pulpit 2015-03-11 06:50 - 2013-10-31 21:44 - 00131072 _____ () G:\WINDOWS\system32\config\OAlerts.evt 2015-03-11 06:50 - 2013-10-31 21:40 - 00000000 ____D () G:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2015-03-11 06:49 - 2013-11-28 18:43 - 00000000 ____D () G:\WINDOWS\system32\MRT 2015-03-11 06:43 - 2013-10-29 15:47 - 00000000 ____D () G:\Documents and Settings\Pc 2015-03-11 06:42 - 2013-10-29 23:30 - 00000000 __RHD () G:\Documents and Settings\All Users\Dane aplikacji 2015-03-11 06:42 - 2013-10-29 15:47 - 00000000 ___RD () G:\Documents and Settings\Pc\Menu Start\Programy\Autostart 2015-03-11 06:39 - 2013-11-03 01:13 - 119837696 _____ (Microsoft Corporation) G:\WINDOWS\system32\MRT.exe 2015-03-10 06:53 - 2014-07-05 07:18 - 00000000 ____D () G:\Documents and Settings\Pc\Moje dokumenty\Pobrane 2015-03-10 06:44 - 2013-10-29 15:47 - 00000000 ___HD () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji 2015-03-09 22:14 - 2013-10-29 15:47 - 00000000 __RHD () G:\Documents and Settings\Pc\Dane aplikacji 2015-03-09 22:14 - 2013-10-29 15:47 - 00000000 ____D () G:\Documents and Settings\Pc\Menu Start\Programy 2015-03-09 20:38 - 2014-09-29 08:01 - 00000000 ____D () G:\Documents and Settings\Pc\Moje dokumenty\Pliki programu Outlook 2015-03-09 20:36 - 2013-10-31 21:31 - 00000000 ____D () G:\Program Files\7-Zip 2015-03-09 16:33 - 2014-01-25 17:26 - 00000472 __RSH () G:\Documents and Settings\All Users\ntuser.pol 2015-03-08 23:36 - 2014-01-25 17:26 - 00000000 ___HD () G:\WINDOWS\system32\GroupPolicy 2015-03-08 22:31 - 2013-11-22 06:57 - 00000664 _____ () G:\WINDOWS\system32\d3d9caps.dat 2015-03-08 22:30 - 2014-01-09 20:34 - 00000942 _____ () G:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2015-03-08 22:30 - 2014-01-09 20:34 - 00000936 _____ () G:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2015-03-08 22:30 - 2013-10-29 16:23 - 00000973 _____ () G:\Documents and Settings\Pc\Pulpit\Internet Explorer.lnk 2015-03-08 22:30 - 2013-10-29 16:22 - 00002031 _____ () G:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2015-03-08 22:30 - 2013-10-29 15:47 - 00001015 _____ () G:\Documents and Settings\Pc\Menu Start\Programy\Internet Explorer.lnk 2015-03-08 22:26 - 2013-10-31 23:13 - 00000000 ____D () G:\Program Files\ABBYY FineReader 9.0 Sprint 2015-03-08 22:25 - 2013-10-29 15:47 - 00000000 ___RD () G:\Documents and Settings\Pc\Menu Start 2015-03-08 15:00 - 2014-03-09 14:26 - 00000210 _____ () G:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2015-03-08 12:32 - 2013-10-30 21:21 - 00000000 ____D () G:\Zdjęcia 2015-03-08 12:30 - 2014-01-09 20:34 - 00000000 ____D () G:\Program Files\Mozilla Maintenance Service 2015-03-06 17:48 - 2014-01-09 20:34 - 00000000 ____D () G:\Program Files\Mozilla Firefox 2015-03-05 22:30 - 2014-08-29 19:43 - 00014053 _____ () G:\WINDOWS\HCOMW.LOG 2015-03-05 21:55 - 2013-11-01 22:30 - 00000055 _____ () G:\WINDOWS\hcomw32.ini 2015-03-05 21:55 - 2013-11-01 22:30 - 00000000 ____D () G:\My Projects 2015-03-02 07:44 - 2013-10-29 23:31 - 01265788 _____ () G:\WINDOWS\system32\PerfStringBackup.INI 2015-03-02 07:44 - 2004-08-04 13:00 - 00559526 _____ () G:\WINDOWS\system32\perfh015.dat 2015-03-02 07:44 - 2004-08-04 13:00 - 00106464 _____ () G:\WINDOWS\system32\perfc015.dat 2015-03-01 15:58 - 2013-11-03 11:29 - 00000000 ____D () G:\Zdjęcia z komórki 2015-02-18 22:02 - 2013-11-12 06:03 - 00000000 ____D () G:\ANR 2015-02-11 22:48 - 2013-10-29 15:58 - 00000000 ____D () G:\WINDOWS\Microsoft.NET 2015-02-10 20:17 - 2014-07-19 13:59 - 00000000 ____D () G:\Documents and Settings\Pc\Moje dokumenty\DVDVideoSoft ==================== Files in the root of some directories ======= 2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () G:\Documents and Settings\Pc\Dane aplikacji\CCVL 2015-03-09 20:36 - 2015-03-09 20:36 - 1371136 _____ (HD CinemaV09.03) G:\Documents and Settings\Pc\Dane aplikacji\CCVL.exe 2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () G:\Documents and Settings\Pc\Dane aplikacji\IUKBUKHL 2015-03-09 20:38 - 2015-03-09 20:38 - 1854464 _____ (InstallMoonV09.03) G:\Documents and Settings\Pc\Dane aplikacji\IUKBUKHL.exe 2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () G:\Documents and Settings\Pc\Dane aplikacji\MBNIHAR 2015-03-09 20:36 - 2015-03-09 20:36 - 1854464 _____ (HD CinemaV09.03) G:\Documents and Settings\Pc\Dane aplikacji\MBNIHAR.exe 2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () G:\Documents and Settings\Pc\Dane aplikacji\UBMCFE 2015-03-09 20:38 - 2015-03-09 20:38 - 1371136 _____ (InstallMoonV09.03) G:\Documents and Settings\Pc\Dane aplikacji\UBMCFE.exe 2013-10-30 20:55 - 2014-11-26 23:12 - 0007168 _____ () G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-09 20:36 - 2015-03-09 20:36 - 0613255 _____ (CMI Limited) G:\Documents and Settings\Pc\Ustawienia lokalne\Dane aplikacji\nsb195.tmp Files to move or delete: ==================== G:\Documents and Settings\Pc\TempWmicBatchFile.bat Some content of TEMP: ==================== G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\69DE1485-8FDB-4DE0-16B6-9F544D7FC47C.dll G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\69DE1485-8FDB-4DE0-16B6-9F544D7FC47C.exe G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\appshat_generic.exe G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\bitool.dll G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\E52D827A-654C-3CBA-F7FA-9D12C80767F3.exe G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\ICReinstall_Pazera-Free-Audio-Extractor(12809).exe G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\IeSearchProvider3551951462967847007.exe G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\iF7.tmp.exe G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\InstallGenieo.exe G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\qEfEFA.exe G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\setup.exe G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\SpOrder.dll G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\sqlite-3.7.2-sqlitejdbc.dll G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\supoptsetup.exe G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\Uninstall.exe G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\UpdateCheckerSetup.exe G:\Documents and Settings\Pc\Ustawienia lokalne\Temp\utt57.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) G:\WINDOWS\explorer.exe => File is digitally signed G:\WINDOWS\system32\winlogon.exe => File is digitally signed G:\WINDOWS\system32\svchost.exe => File is digitally signed G:\WINDOWS\system32\services.exe => File is digitally signed G:\WINDOWS\system32\User32.dll => File is digitally signed G:\WINDOWS\system32\userinit.exe => File is digitally signed G:\WINDOWS\system32\rpcss.dll => File is digitally signed G:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================