Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-04-2015
Ran by User (administrator) on KOMP-046817C30D on 29-04-2015 14:56:09
Running from E:\
Loaded Profiles: User & UpdatusUser (Available profiles: User & UpdatusUser)
Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINDOWS1\system32\smss.exe
(Microsoft Corporation) C:\WINDOWS1\system32\csrss.exe
(Microsoft Corporation) C:\WINDOWS1\system32\winlogon.exe
(Microsoft Corporation) C:\WINDOWS1\system32\services.exe
(Microsoft Corporation) C:\WINDOWS1\system32\lsass.exe
(ATI Technologies Inc.) C:\WINDOWS1\system32\ati2evxx.exe
(Microsoft Corporation) C:\WINDOWS1\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS1\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS1\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS1\system32\svchost.exe
(ATI Technologies Inc.) C:\WINDOWS1\system32\ati2evxx.exe
(Microsoft Corporation) C:\WINDOWS1\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS1\system32\spoolsv.exe
(Microsoft Corporation) C:\WINDOWS1\explorer.exe
(Microsoft Corporation) C:\WINDOWS1\system32\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\WINDOWS1\system32\PnkBstrA.exe
(Realtek Semiconductor Corp.) C:\WINDOWS1\RTHDCPL.EXE
(Microsoft Corporation) C:\WINDOWS1\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS1\system32\alg.exe
(Microsoft Corporation) C:\WINDOWS1\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS1\system32\notepad.exe
(Microsoft Corporation) C:\WINDOWS1\system32\wbem\wmiprvse.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [JMB36X IDE Setup] => C:\WINDOWS1\RaidTool\xInsIDE.exe [43608 2000-01-01] ()
HKLM\...\Run: [36X Raid Configurer] => C:\WINDOWS1\system32\xRaidSetup.exe [1976920 2000-01-01] (JMicron Technology Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS1\RTHDCPL.EXE [20145368 2013-10-04] (Realtek Semiconductor Corp.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS1\system32\userinit.exe,
HKLM\...\Winlogon: [UIHost] C:\WINDOWS1\system32\logonui.exe [515072 2008-04-15] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS1\system32\Ati2evxx.dll [2013-09-24] (ATI Technologies Inc.)
Winlogon\Notify\crypt32chain: C:\WINDOWS1\system32\crypt32.dll [2013-10-07] (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS1\system32\cryptnet.dll [2008-04-15] (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS1\system32\cscdll.dll [2008-04-15] (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS1\System32\dimsntfy.dll [2008-04-15] (Microsoft Corporation)
Winlogon\Notify\ScCertProp: C:\WINDOWS1\system32\wlnotify.dll [2008-04-15] (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS1\system32\wlnotify.dll [2008-04-15] (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS1\system32\sclgntfy.dll [2008-04-15] (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS1\system32\WlNotify.dll [2008-04-15] (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS1\system32\wlnotify.dll [2008-04-15] (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS1\system32\wlnotify.dll [2008-04-15] (Microsoft Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS1\System32\logon.scr [220672 2008-04-15] (Microsoft Corporation)
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS1\System32\logon.scr [220672 2008-04-15] (Microsoft Corporation)
HKU\S-1-5-21-1123561945-789336058-682003330-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS1\system32\logon.scr [220672 2008-04-15] (Microsoft Corporation)
HKU\S-1-5-21-1123561945-789336058-682003330-1005\...\Run: [CTFMON.EXE] => C:\WINDOWS1\system32\CTFMON.EXE [15360 2008-04-15] (Microsoft Corporation)
HKU\S-1-5-21-1123561945-789336058-682003330-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS1\System32\logon.scr [220672 2008-04-15] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINDOWS1\system32\CTFMON.EXE [15360 2008-04-15] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS1\system32\logon.scr [220672 2008-04-15] (Microsoft Corporation)
BootExecute: autocheck autochk * ROBoot \??\C:\WINDOWS1\system32\ASOROSet.bin

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1123561945-789336058-682003330-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS1\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1123561945-789336058-682003330-1004\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS1\system32\blank.htm
HKU\S-1-5-21-1123561945-789336058-682003330-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: [S-1-5-21-1123561945-789336058-682003330-1005] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1123561945-789336058-682003330-1004 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-03-01] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-01] (Oracle Corporation)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS1\system32\urlmon.dll [2008-04-14] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS1\system32\mshtml.dll [2013-07-26] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS1\system32\urlmon.dll [2008-04-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS1\system32\urlmon.dll [2008-04-14] (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS1\system32\shell32.dll [8491520 2012-06-08] (Microsoft Corporation)
Winsock: Catalog5 01 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog5 02 C:\WINDOWS1\system32\winrnr.dll [16896 2008-04-15] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 02 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 03 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 04 C:\WINDOWS1\system32\rsvpsp.dll [92672 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 05 C:\WINDOWS1\system32\rsvpsp.dll [92672 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 06 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 07 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 08 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 09 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 10 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 11 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 12 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 13 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 14 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 15 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 16 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Winsock: Catalog9 17 C:\WINDOWS1\system32\mswsock.dll [246784 2008-04-15] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\h7qkpd2f.default-1430263158375
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS1\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS1\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-01] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Extension: Flashblock - C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\h7qkpd2f.default-1430263158375\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-04-29]
FF Extension: Disconnect - C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\h7qkpd2f.default-1430263158375\Extensions\2.0@disconnect.me.xpi [2015-04-29]
FF Extension: NASA Night Launch - C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\h7qkpd2f.default-1430263158375\Extensions\nasanightlaunch@example.com.xpi [2015-04-29]
FF Extension: Text to Voice - C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\h7qkpd2f.default-1430263158375\Extensions\text2voice@vik.josh.xpi [2015-04-29]
FF Extension: Adblock Plus - C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\h7qkpd2f.default-1430263158375\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-01-22]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.oursurfing.com/?type=hp&ts=1430260888&from=amt&uid=ST3200827AS_4ND2DS5AXXXX4ND2DS5A"
CHR DefaultSearchKeyword: Default -> oursurfing
CHR DefaultSearchURL: Default -> http://www.oursurfing.com/web/?type=ds&ts=1430260888&from=amt&uid=ST3200827AS_4ND2DS5AXXXX4ND2DS5A&q={searchTerms}
CHR Profile: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-13]
CHR Extension: (Google Wallet) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS1\system32\Macromed\Flash\FlashPlayerUpdateService.exe [268464 2015-04-14] (Adobe Systems Incorporated)
S4 Alerter; C:\WINDOWS1\system32\alrsvc.dll [17408 2008-04-15] (Microsoft Corporation)
R3 ALG; C:\WINDOWS1\System32\alg.exe [44544 2008-04-15] (Microsoft Corporation)
S3 aspnet_state; C:\WINDOWS1\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation)
R2 Ati HotKey Poller; C:\WINDOWS1\system32\Ati2evxx.exe [643072 2013-09-24] (ATI Technologies Inc.)
R2 AudioSrv; C:\WINDOWS1\System32\audiosrv.dll [42496 2008-04-15] (Microsoft Corporation)
S3 BITS; C:\WINDOWS1\system32\qmgr.dll [409088 2008-04-15] (Microsoft Corporation)
R2 Browser; C:\WINDOWS1\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
S3 CiSvc; C:\WINDOWS1\system32\cisvc.exe [5632 2008-04-15] (Microsoft Corporation)
S3 ClipSrv; C:\WINDOWS1\system32\clipsrv.exe [33280 2008-04-15] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_32; C:\WINDOWS1\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632 2008-07-25] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\WINDOWS1\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
R2 CryptSvc; C:\WINDOWS1\System32\cryptsvc.dll [62464 2008-04-15] (Microsoft Corporation)
R2 DcomLaunch; C:\WINDOWS1\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS1\System32\dhcpcsvc.dll [126464 2008-04-15] (Microsoft Corporation)
S3 dmadmin; C:\WINDOWS1\System32\dmadmin.exe [225280 2008-04-15] (Microsoft Corp., Veritas Software)
S3 dmserver; C:\WINDOWS1\System32\dmserver.dll [24064 2008-04-15] (Microsoft Corp.)
R2 Dnscache; C:\WINDOWS1\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation)
S3 Dot3svc; C:\WINDOWS1\System32\dot3svc.dll [133632 2008-04-15] (Microsoft Corporation)
S3 EapHost; C:\WINDOWS1\System32\eapsvc.dll [33792 2008-04-15] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS1\system32\EasyAntiCheat.exe [237864 2015-04-27] (EasyAntiCheat Ltd) [File not signed]
R2 ERSvc; C:\WINDOWS1\System32\ersvc.dll [23040 2008-04-15] (Microsoft Corporation)
R2 Eventlog; C:\WINDOWS1\system32\services.exe [111104 2009-02-09] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS1\system32\es.dll [253952 2008-07-07] (Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINDOWS1\System32\shsvcs.dll [135680 2009-07-28] (Microsoft Corporation)
S3 FontCache3.0.0.0; c:\WINDOWS1\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
R2 helpsvc; C:\WINDOWS1\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-15] (Microsoft Corporation)
R2 HidServ; C:\WINDOWS1\System32\hidserv.dll [21504 2008-04-15] (Microsoft Corporation)
S3 hkmsvc; C:\WINDOWS1\System32\kmsvc.dll [61440 2008-04-15] (Microsoft Corporation)
R3 HTTPFilter; C:\WINDOWS1\System32\w3ssl.dll [15872 2008-04-15] (Microsoft Corporation)
S3 idsvc; c:\WINDOWS1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664 2008-07-29] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS1\system32\imapi.exe [150528 2008-04-15] (Microsoft Corporation)
R2 LanmanServer; C:\WINDOWS1\System32\srvsvc.dll [96768 2008-04-15] (Microsoft Corporation)
R2 lanmanworkstation; C:\WINDOWS1\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation)
R2 LmHosts; C:\WINDOWS1\System32\lmhsvc.dll [13824 2008-04-15] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 Messenger; C:\WINDOWS1\System32\msgsvc.dll [33792 2008-04-15] (Microsoft Corporation)
S3 mnmsrvc; C:\WINDOWS1\system32\mnmsrvc.exe [32768 2008-04-15] (Microsoft Corporation)
S3 MSDTC; C:\WINDOWS1\system32\msdtc.exe [6144 2008-04-15] (Microsoft Corporation)
S3 MSIServer; C:\WINDOWS1\System32\msiexec.exe [78848 2008-04-15] (Microsoft Corporation)
S3 napagent; C:\WINDOWS1\System32\qagentrt.dll [293376 2008-04-15] (Microsoft Corporation)
S4 NetDDE; C:\WINDOWS1\system32\netdde.exe [114688 2008-04-15] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINDOWS1\system32\netdde.exe [114688 2008-04-15] (Microsoft Corporation)
S3 Netlogon; C:\WINDOWS1\system32\lsass.exe [13312 2008-04-15] (Microsoft Corporation)
R3 Netman; C:\WINDOWS1\System32\netman.dll [198144 2008-04-15] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\WINDOWS1\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
R3 Nla; C:\WINDOWS1\System32\mswsock.dll [246784 2008-06-20] (Microsoft Corporation)
S3 NtLmSsp; C:\WINDOWS1\system32\lsass.exe [13312 2008-04-15] (Microsoft Corporation)
S3 NtmsSvc; C:\WINDOWS1\system32\ntmssvc.dll [435712 2008-04-15] (Microsoft Corporation)
S2 NVSvc; C:\WINDOWS1\system32\nvsvc32.exe [164200 2012-08-30] (NVIDIA Corporation)
R2 PlugPlay; C:\WINDOWS1\system32\services.exe [111104 2009-02-09] (Microsoft Corporation) [File not signed]
R2 PnkBstrA; C:\WINDOWS1\system32\PnkBstrA.exe [76888 2015-01-02] ()
R2 PolicyAgent; C:\WINDOWS1\system32\lsass.exe [13312 2008-04-15] (Microsoft Corporation)
R2 ProtectedStorage; C:\WINDOWS1\system32\lsass.exe [13312 2008-04-15] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS1\System32\rasauto.dll [88576 2008-04-15] (Microsoft Corporation)
R3 RasMan; C:\WINDOWS1\System32\rasmans.dll [186368 2008-04-15] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS1\system32\sessmgr.exe [142336 2008-04-15] (Microsoft Corporation)
S4 RemoteAccess; C:\WINDOWS1\System32\mprdim.dll [53248 2008-04-15] (Microsoft Corporation)
S3 RpcLocator; C:\WINDOWS1\system32\locator.exe [75264 2008-04-15] (Microsoft Corporation)
R2 RpcSs; C:\WINDOWS1\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
S3 RSVP; C:\WINDOWS1\system32\rsvp.exe [132608 2008-04-15] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS1\system32\lsass.exe [13312 2008-04-15] (Microsoft Corporation)
S3 SCardSvr; C:\WINDOWS1\System32\SCardSvr.exe [98304 2008-04-15] (Microsoft Corporation)
R2 Schedule; C:\WINDOWS1\system32\schedsvc.dll [193536 2008-04-15] (Microsoft Corporation)
R2 seclogon; C:\WINDOWS1\System32\seclogon.dll [18944 2008-04-15] (Microsoft Corporation)
R2 SENS; C:\WINDOWS1\system32\sens.dll [39424 2008-04-15] (Microsoft Corporation)
R2 SharedAccess; C:\WINDOWS1\System32\ipnathlp.dll [330752 2008-04-15] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS1\System32\shsvcs.dll [135680 2009-07-28] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS1\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation)
S2 srservice; C:\WINDOWS1\system32\srsvc.dll [171520 2008-04-15] (Microsoft Corporation)
R3 SSDPSRV; C:\WINDOWS1\System32\ssdpsrv.dll [71680 2008-04-15] (Microsoft Corporation)
S3 stisvc; C:\WINDOWS1\system32\wiaservc.dll [334336 2008-04-15] (Microsoft Corporation)
S3 SysmonLog; C:\WINDOWS1\system32\smlogsvc.exe [91136 2008-04-15] (Microsoft Corporation)
R3 TapiSrv; C:\WINDOWS1\System32\tapisrv.dll [249856 2008-04-15] (Microsoft Corporation)
R3 TermService; C:\WINDOWS1\System32\termsrv.dll [296448 2008-04-15] (Microsoft Corporation)
R2 Themes; C:\WINDOWS1\System32\shsvcs.dll [135680 2009-07-28] (Microsoft Corporation)
R2 TrkWks; C:\WINDOWS1\system32\trkwks.dll [90112 2008-04-15] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS1\System32\upnphost.dll [186880 2008-04-15] (Microsoft Corporation)
S3 UPS; C:\WINDOWS1\System32\ups.exe [18432 2008-04-15] (Microsoft Corporation)
S3 VSS; C:\WINDOWS1\System32\vssvc.exe [291840 2008-04-15] (Microsoft Corporation)
R2 W32Time; C:\WINDOWS1\system32\w32time.dll [176128 2008-04-15] (Microsoft Corporation)
R2 WebClient; C:\WINDOWS1\System32\webclnt.dll [68096 2008-04-15] (Microsoft Corporation)
R2 winmgmt; C:\WINDOWS1\system32\wbem\WMIsvc.dll [145408 2008-04-15] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS1\system32\MsPMSNSv.dll [27136 2006-10-18] (Microsoft Corporation)
S3 WmiApSrv; C:\WINDOWS1\system32\wbem\wmiapsrv.exe [126464 2008-04-15] (Microsoft Corporation)
S3 WPFFontCache_v0400; C:\WINDOWS1\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [753504 2010-03-18] (Microsoft Corporation)
R2 wscsvc; C:\WINDOWS1\system32\wscsvc.dll [80896 2008-04-15] (Microsoft Corporation)
R2 wuauserv; C:\WINDOWS1\system32\wuauserv.dll [6656 2008-04-15] (Microsoft Corporation)
S3 WudfSvc; C:\WINDOWS1\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation)
R2 WZCSVC; C:\WINDOWS1\System32\wzcsvc.dll [483840 2008-04-15] (Microsoft Corporation)
S3 xmlprov; C:\WINDOWS1\System32\xmlprov.dll [129024 2008-04-15] (Microsoft Corporation)
S3 SwPrv; C:\WINDOWS1\system32\dllhost.exe /Processid:{75A29C81-B09C-4CF9-8F2C-4EB9CEAFB585}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 ACPI; C:\WINDOWS1\System32\DRIVERS\ACPI.sys [188544 2008-04-15] (Microsoft Corporation)
S4 ACPIEC; C:\WINDOWS1\system32\Drivers\ACPIEC.sys [12032 2008-04-15] (Microsoft Corporation)
S3 aec; C:\WINDOWS1\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation)
R1 AFD; C:\WINDOWS1\System32\drivers\afd.sys [138112 2008-04-14] (Microsoft Corporation)
S3 Ambfilt; C:\WINDOWS1\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S3 AR9271; C:\WINDOWS1\System32\DRIVERS\athuw.sys [1714176 2010-01-05] (Atheros Communications, Inc.) [File not signed]
S3 Arp1394; C:\WINDOWS1\System32\DRIVERS\arp1394.sys [60800 2008-04-15] (Microsoft Corporation)
S3 AsyncMac; C:\WINDOWS1\System32\DRIVERS\asyncmac.sys [14336 2008-04-15] (Microsoft Corporation)
R0 atapi; C:\WINDOWS1\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation)
R3 ati2mtag; C:\WINDOWS1\System32\DRIVERS\ati2mtag.sys [6852096 2013-09-24] (ATI Technologies Inc.)
R3 AtiHDAudioService; C:\WINDOWS1\System32\drivers\AtihdXP3.sys [96256 2013-07-09] (Advanced Micro Devices) [File not signed]
S3 Atmarpc; C:\WINDOWS1\System32\DRIVERS\atmarpc.sys [59904 2008-04-15] (Microsoft Corporation)
R3 audstub; C:\WINDOWS1\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
R1 Beep; C:\WINDOWS1\system32\Drivers\Beep.sys [4224 2008-04-15] (Microsoft Corporation)
S4 cbidf2k; C:\WINDOWS1\system32\Drivers\cbidf2k.sys [13952 2008-04-15] (Microsoft Corporation)
S1 Cdaudio; C:\WINDOWS1\system32\Drivers\Cdaudio.sys [18688 2008-04-15] (Microsoft Corporation)
R4 Cdfs; C:\WINDOWS1\system32\Drivers\Cdfs.sys [63744 2008-04-15] (Microsoft Corporation)
R1 Cdrom; C:\WINDOWS1\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation)
R0 Disk; C:\WINDOWS1\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation)
S4 dmboot; C:\WINDOWS1\System32\drivers\dmboot.sys [800000 2008-04-15] (Microsoft Corp., Veritas Software)
S4 dmio; C:\WINDOWS1\System32\drivers\dmio.sys [153856 2008-04-15] (Microsoft Corp., Veritas Software)
S4 dmload; C:\WINDOWS1\System32\drivers\dmload.sys [5888 2008-04-15] (Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINDOWS1\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation)
S3 drmkaud; C:\WINDOWS1\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS1\System32\DRIVERS\dtsoftbus01.sys [243128 2014-09-07] (Disc Soft Ltd)
R4 Fastfat; C:\WINDOWS1\system32\Drivers\Fastfat.sys [143744 2008-04-15] (Microsoft Corporation)
R3 Fdc; C:\WINDOWS1\System32\DRIVERS\fdc.sys [27392 2008-04-15] (Microsoft Corporation)
R1 Fips; C:\WINDOWS1\system32\Drivers\Fips.sys [44672 2008-04-15] (Microsoft Corporation)
R3 Flpydisk; C:\WINDOWS1\System32\DRIVERS\flpydisk.sys [20480 2008-04-15] (Microsoft Corporation)
R0 FltMgr; C:\WINDOWS1\System32\drivers\fltmgr.sys [129792 2008-04-15] (Microsoft Corporation)
U1 Fs_Rec; C:\WINDOWS1\system32\Drivers\Fs_Rec.sys [7936 2008-04-15] (Microsoft Corporation)
R0 Ftdisk; C:\WINDOWS1\System32\DRIVERS\ftdisk.sys [125568 2008-04-15] (Microsoft Corporation)
R3 Gpc; C:\WINDOWS1\System32\DRIVERS\msgpc.sys [35072 2008-04-15] (Microsoft Corporation)
R3 HDAudBus; C:\WINDOWS1\System32\DRIVERS\HDAudBus.sys [144384 2008-04-15] (Windows (R) Server 2003 DDK provider)
R3 hidusb; C:\WINDOWS1\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation)
R3 HTTP; C:\WINDOWS1\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation)
R1 i8042prt; C:\WINDOWS1\System32\DRIVERS\i8042prt.sys [53248 2008-04-14] (Microsoft Corporation)
S1 Imapi; C:\WINDOWS1\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
R3 IntcAzAudAddService; C:\WINDOWS1\System32\drivers\RtkHDAud.sys [5630168 2013-12-10] (Realtek Semiconductor Corp.)
R1 intelppm; C:\WINDOWS1\System32\DRIVERS\intelppm.sys [40448 2008-04-14] (Microsoft Corporation)
S3 Ip6Fw; C:\WINDOWS1\System32\drivers\ip6fw.sys [36608 2008-04-15] (Microsoft Corporation)
S3 IpFilterDriver; C:\WINDOWS1\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-15] (Microsoft Corporation)
S3 IpInIp; C:\WINDOWS1\System32\DRIVERS\ipinip.sys [20864 2008-04-15] (Microsoft Corporation)
R3 IpNat; C:\WINDOWS1\System32\DRIVERS\ipnat.sys [152832 2008-04-15] (Microsoft Corporation)
R1 IPSec; C:\WINDOWS1\System32\DRIVERS\ipsec.sys [75264 2008-04-15] (Microsoft Corporation)
S3 IRENUM; C:\WINDOWS1\System32\DRIVERS\irenum.sys [11264 2008-04-15] (Microsoft Corporation)
R0 isapnp; C:\WINDOWS1\System32\DRIVERS\isapnp.sys [37632 2008-04-14] (Microsoft Corporation)
R0 JRAID; C:\WINDOWS1\System32\DRIVERS\jraid.sys [106296 2000-01-01] (JMicron Technology Corp.)
R1 Kbdclass; C:\WINDOWS1\System32\DRIVERS\kbdclass.sys [24960 2008-04-15] (Microsoft Corporation)
S1 kbdhid; C:\WINDOWS1\System32\DRIVERS\kbdhid.sys [14720 2008-04-15] (Microsoft Corporation)
R3 kmixer; C:\WINDOWS1\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation)
R0 KSecDD; C:\WINDOWS1\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
R3 MBAMProtector; C:\WINDOWS1\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R1 mnmdd; C:\WINDOWS1\system32\Drivers\mnmdd.sys [4224 2008-04-15] (Microsoft Corporation)
S3 Modem; C:\WINDOWS1\system32\Drivers\Modem.sys [30208 2008-04-15] (Microsoft Corporation)
S3 Monfilt; C:\WINDOWS1\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R1 Mouclass; C:\WINDOWS1\System32\DRIVERS\mouclass.sys [23296 2008-04-14] (Microsoft Corporation)
R3 mouhid; C:\WINDOWS1\System32\DRIVERS\mouhid.sys [12160 2001-10-26] (Microsoft Corporation)
R0 MountMgr; C:\WINDOWS1\system32\Drivers\MountMgr.sys [42368 2008-04-15] (Microsoft Corporation)
R3 MRxDAV; C:\WINDOWS1\System32\DRIVERS\mrxdav.sys [180608 2008-04-15] (Microsoft Corporation)
R1 MRxSmb; C:\WINDOWS1\System32\DRIVERS\mrxsmb.sys [456576 2008-04-15] (Microsoft Corporation)
R1 Msfs; C:\WINDOWS1\system32\Drivers\Msfs.sys [19072 2008-04-15] (Microsoft Corporation)
S3 MSKSSRV; C:\WINDOWS1\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\WINDOWS1\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation)
S3 MSPQM; C:\WINDOWS1\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation)
R3 mssmbios; C:\WINDOWS1\System32\DRIVERS\mssmbios.sys [15488 2008-04-15] (Microsoft Corporation)
R0 Mup; C:\WINDOWS1\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\WINDOWS1\system32\Drivers\NDIS.sys [182656 2008-04-15] (Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS1\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\WINDOWS1\System32\DRIVERS\ndisuio.sys [14592 2008-04-15] (Microsoft Corporation)
R3 NdisWan; C:\WINDOWS1\System32\DRIVERS\ndiswan.sys [91520 2008-04-15] (Microsoft Corporation)
R3 NDProxy; C:\WINDOWS1\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\WINDOWS1\System32\DRIVERS\netbios.sys [34688 2008-04-15] (Microsoft Corporation)
R1 NetBT; C:\WINDOWS1\System32\DRIVERS\netbt.sys [162816 2008-04-15] (Microsoft Corporation)
S3 NIC1394; C:\WINDOWS1\System32\DRIVERS\nic1394.sys [61824 2008-04-15] (Microsoft Corporation)
R1 Npfs; C:\WINDOWS1\system32\Drivers\Npfs.sys [30848 2008-04-15] (Microsoft Corporation)
R4 Ntfs; C:\WINDOWS1\system32\Drivers\Ntfs.sys [574976 2008-04-15] (Microsoft Corporation)
R1 Null; C:\WINDOWS1\system32\Drivers\Null.sys [2944 2008-04-15] (Microsoft Corporation)
S3 nv; C:\WINDOWS1\System32\DRIVERS\nv4_mini.sys [12555680 2012-08-30] (NVIDIA Corporation)
S3 NVHDA; C:\WINDOWS1\System32\drivers\nvhda32.sys [124264 2012-07-03] (NVIDIA Corporation)
S3 NwlnkFlt; C:\WINDOWS1\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-15] (Microsoft Corporation)
S3 NwlnkFwd; C:\WINDOWS1\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-15] (Microsoft Corporation)
R0 ohci1394; C:\WINDOWS1\System32\DRIVERS\ohci1394.sys [61696 2008-04-15] (Microsoft Corporation)
R3 Parport; C:\WINDOWS1\System32\DRIVERS\parport.sys [80256 2008-04-15] (Microsoft Corporation)
R0 PartMgr; C:\WINDOWS1\system32\Drivers\PartMgr.sys [19712 2008-04-15] (Microsoft Corporation)
R2 ParVdm; C:\WINDOWS1\system32\Drivers\ParVdm.sys [6912 2008-04-15] (Microsoft Corporation)
R0 PCI; C:\WINDOWS1\System32\DRIVERS\pci.sys [68608 2008-04-14] (Microsoft Corporation)
R0 PCIIde; C:\WINDOWS1\System32\DRIVERS\pciide.sys [3456 2001-10-26] (Microsoft Corporation)
S4 Pcmcia; C:\WINDOWS1\system32\Drivers\Pcmcia.sys [120320 2008-04-15] (Microsoft Corporation)
S3 PortTalk; C:\WINDOWS1\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org) [File not signed]
R3 PptpMiniport; C:\WINDOWS1\System32\DRIVERS\raspptp.sys [48384 2008-04-15] (Microsoft Corporation)
R3 PSched; C:\WINDOWS1\System32\DRIVERS\psched.sys [69120 2008-04-15] (Microsoft Corporation)
R3 Ptilink; C:\WINDOWS1\System32\DRIVERS\ptilink.sys [17792 2008-04-15] (Parallel Technologies, Inc.)
R1 RasAcd; C:\WINDOWS1\System32\DRIVERS\rasacd.sys [8832 2008-04-15] (Microsoft Corporation)
R3 Rasl2tp; C:\WINDOWS1\System32\DRIVERS\rasl2tp.sys [51328 2008-04-15] (Microsoft Corporation)
R3 RasPppoe; C:\WINDOWS1\System32\DRIVERS\raspppoe.sys [41472 2008-04-15] (Microsoft Corporation)
R3 Raspti; C:\WINDOWS1\System32\DRIVERS\raspti.sys [16512 2008-04-15] (Microsoft Corporation)
R1 Rdbss; C:\WINDOWS1\System32\DRIVERS\rdbss.sys [175744 2008-04-15] (Microsoft Corporation)
R1 RDPCDD; C:\WINDOWS1\System32\DRIVERS\RDPCDD.sys [4224 2008-04-15] (Microsoft Corporation)
S3 RDPWD; C:\WINDOWS1\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation)
R1 redbook; C:\WINDOWS1\System32\DRIVERS\redbook.sys [58880 2008-04-14] (Microsoft Corporation)
R3 RTLE8023xp; C:\WINDOWS1\System32\DRIVERS\Rtenicxp.sys [415832 2000-01-01] (Realtek Semiconductor Corporation                           )
S3 Secdrv; C:\WINDOWS1\System32\DRIVERS\secdrv.sys [20480 2008-04-15] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 serenum; C:\WINDOWS1\System32\DRIVERS\serenum.sys [15744 2008-04-15] (Microsoft Corporation)
R1 Serial; C:\WINDOWS1\System32\DRIVERS\serial.sys [65280 2008-04-15] (Microsoft Corporation)
S1 Sfloppy; C:\WINDOWS1\system32\Drivers\Sfloppy.sys [11392 2008-04-15] (Microsoft Corporation)
S3 splitter; C:\WINDOWS1\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation)
S4 sr; C:\WINDOWS1\system32\DRIVERS\sr.sys [73472 2008-04-15] (Microsoft Corporation)
R3 Srv; C:\WINDOWS1\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
R3 swenum; C:\WINDOWS1\System32\DRIVERS\swenum.sys [4352 2008-04-15] (Microsoft Corporation)
S3 swmidi; C:\WINDOWS1\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation)
R3 sysaudio; C:\WINDOWS1\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation)
R1 Tcpip; C:\WINDOWS1\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation)
S3 TDPIPE; C:\WINDOWS1\system32\Drivers\TDPIPE.sys [12040 2008-04-15] (Microsoft Corporation)
S3 TDTCP; C:\WINDOWS1\system32\Drivers\TDTCP.sys [21896 2008-04-15] (Microsoft Corporation)
R1 TermDD; C:\WINDOWS1\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)
S4 Udfs; C:\WINDOWS1\system32\Drivers\Udfs.sys [66048 2008-04-15] (Microsoft Corporation)
R3 Update; C:\WINDOWS1\System32\DRIVERS\update.sys [384768 2008-04-15] (Microsoft Corporation)
S3 usbccgp; C:\WINDOWS1\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\WINDOWS1\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\WINDOWS1\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation)
R3 USBSTOR; C:\WINDOWS1\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] (Microsoft Corporation)
R3 usbuhci; C:\WINDOWS1\System32\DRIVERS\usbuhci.sys [20608 2008-04-15] (Microsoft Corporation)
R1 VBoxDrv; C:\WINDOWS1\System32\DRIVERS\VBoxDrv.sys [744520 2014-11-21] (Oracle Corporation)
S3 VBoxNetAdp; C:\WINDOWS1\System32\DRIVERS\VBoxNetAdp.sys [116184 2014-11-21] (Oracle Corporation)
R1 VgaSave; C:\WINDOWS1\System32\drivers\vga.sys [20992 2008-04-15] (Microsoft Corporation)
R0 VolSnap; C:\WINDOWS1\system32\Drivers\VolSnap.sys [52864 2008-04-15] (Microsoft Corporation)
R3 Wanarp; C:\WINDOWS1\System32\DRIVERS\wanarp.sys [34560 2008-04-15] (Microsoft Corporation)
R3 wdmaud; C:\WINDOWS1\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation)
R1 WS2IFSL; C:\WINDOWS1\System32\drivers\ws2ifsl.sys [12032 2008-04-15] (Microsoft Corporation)
S3 WudfPf; C:\WINDOWS1\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation)
S3 WudfRd; C:\WINDOWS1\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] (Microsoft Corporation)
S3 catchme; \??\C:\DOCUME~1\User\USTAWI~1\Temp\catchme.sys [X]
S3 cpuz130; \??\C:\DOCUME~1\User\USTAWI~1\Temp\cpuz130\cpuz_x32.sys [X]
S3 EagleXNt; \??\C:\WINDOWS1\system32\drivers\EagleXNt.sys [X]
S4 IntelIde; No ImagePath
S3 OSFMount; \??\C:\CS GO\Counter-Strike Global Offensive\image\x86\OSFMount.sys [X]
U5 ScsiPort; C:\WINDOWS1\system32\drivers\scsiport.sys [96384 2008-04-15] (Microsoft Corporation)
S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X]
U3 TlntSvr; No ImagePath
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-29 14:56 - 2015-04-29 14:56 - 00000000 ____D () C:\FRST
2015-04-29 02:53 - 2008-04-14 00:16 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\avc.sys
2015-04-29 02:53 - 2008-04-14 00:16 - 00013696 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\avcstrm.sys
2015-04-29 02:53 - 2001-10-26 17:29 - 00104832 ____C (ATI Technologies Inc.) C:\WINDOWS1\system32\dllcache\atiraged.dll
2015-04-29 02:53 - 2001-10-26 16:50 - 00070528 ____C (ATI Technologies Inc.) C:\WINDOWS1\system32\dllcache\atiragem.sys
2015-04-29 02:53 - 2001-08-17 22:01 - 00036096 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\avcaudio.sys
2015-04-29 02:53 - 2001-08-17 20:49 - 00049920 ____C () C:\WINDOWS1\system32\dllcache\atirtcap.sys
2015-04-29 02:53 - 2001-08-17 20:49 - 00026880 ____C () C:\WINDOWS1\system32\dllcache\atirtsnd.sys
2015-04-29 02:53 - 2001-08-17 20:49 - 00026624 ____C () C:\WINDOWS1\system32\dllcache\ativxbar.sys
2015-04-29 02:53 - 2001-08-17 20:49 - 00023552 ____C () C:\WINDOWS1\system32\dllcache\atixbar.sys
2015-04-29 02:53 - 2001-08-17 20:49 - 00019456 ____C () C:\WINDOWS1\system32\dllcache\ativttxx.sys
2015-04-29 02:53 - 2001-08-17 20:49 - 00017152 ____C () C:\WINDOWS1\system32\dllcache\atitvsnd.sys
2015-04-29 02:53 - 2001-08-17 20:49 - 00017152 ____C () C:\WINDOWS1\system32\dllcache\atitunep.sys
2015-04-29 02:53 - 2001-08-17 20:49 - 00009472 ____C () C:\WINDOWS1\system32\dllcache\ativmdcd.sys
2015-04-29 02:52 - 2008-04-14 00:16 - 00048128 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\61883.sys
2015-04-29 02:52 - 2008-04-14 00:10 - 00012288 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\4mmdat.sys
2015-04-29 02:52 - 2008-04-13 22:06 - 00231552 ____C (Acer Laboratories Inc.) C:\WINDOWS1\system32\dllcache\ac97ali.sys
2015-04-29 02:52 - 2008-04-13 22:06 - 00084480 ____C (VIA Technologies, Inc.) C:\WINDOWS1\system32\dllcache\ac97via.sys
2015-04-29 02:52 - 2008-04-13 22:06 - 00010880 ____C (Aureal, Inc.) C:\WINDOWS1\system32\dllcache\admjoy.sys
2015-04-29 02:52 - 2008-04-13 22:05 - 00036224 ____C (ADMtek Incorporated.) C:\WINDOWS1\system32\dllcache\an983.sys
2015-04-29 02:52 - 2001-10-26 17:30 - 00024576 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\agcgauge.ax
2015-04-29 02:52 - 2001-10-26 17:29 - 00689216 ____C (3dfx Interactive, Inc.) C:\WINDOWS1\system32\dllcache\3dfxvs.dll
2015-04-29 02:52 - 2001-10-26 17:29 - 00462848 ____C (Aureal Inc.) C:\WINDOWS1\system32\dllcache\a3dapi.dll
2015-04-29 02:52 - 2001-10-26 17:29 - 00382592 ____C (ATI Technologies Inc.) C:\WINDOWS1\system32\dllcache\atidrab.dll
2015-04-29 02:52 - 2001-10-26 17:29 - 00268160 ____C (ATI Technologies Inc.) C:\WINDOWS1\system32\dllcache\atidvai.dll
2015-04-29 02:52 - 2001-10-26 17:29 - 00137216 ____C (ATI Technologies Inc.) C:\WINDOWS1\system32\dllcache\atidrae.dll
2015-04-29 02:52 - 2001-10-26 17:29 - 00098304 ____C (Aureal Semiconductor) C:\WINDOWS1\system32\dllcache\a3d.dll
2015-04-29 02:52 - 2001-10-26 17:29 - 00096128 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\ati.dll
2015-04-29 02:52 - 2001-10-26 17:29 - 00061440 ____C (Kolorowy skaner płaski) C:\WINDOWS1\system32\dllcache\acerscad.dll
2015-04-29 02:52 - 2001-10-26 17:29 - 00038400 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\8514a.dll
2015-04-29 02:52 - 2001-10-26 17:29 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\atievxx.exe
2015-04-29 02:52 - 2001-10-26 16:49 - 00289664 ____C (ATI Technologies Inc.) C:\WINDOWS1\system32\dllcache\atimpab.sys
2015-04-29 02:52 - 2001-10-26 16:49 - 00281600 ____C (ATI Technologies Inc.) C:\WINDOWS1\system32\dllcache\atimtai.sys
2015-04-29 02:52 - 2001-10-26 16:49 - 00077696 ____C (ATI Technologies, Inc.) C:\WINDOWS1\system32\dllcache\ati.sys
2015-04-29 02:52 - 2001-10-26 16:49 - 00075136 ____C (ATI Technologies Inc.) C:\WINDOWS1\system32\dllcache\atimpae.sys
2015-04-29 02:52 - 2001-08-17 22:07 - 00101888 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\adpu160m.sys
2015-04-29 02:52 - 2001-08-17 22:07 - 00056960 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\aic78xx.sys
2015-04-29 02:52 - 2001-08-17 22:07 - 00055168 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\aic78u2.sys
2015-04-29 02:52 - 2001-08-17 22:06 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\1394vdbg.sys
2015-04-29 02:52 - 2001-08-17 21:53 - 00007424 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\adicvls.sys
2015-04-29 02:52 - 2001-08-17 21:52 - 00026496 ____C (Advanced System Products, Inc.) C:\WINDOWS1\system32\dllcache\asc.sys
2015-04-29 02:52 - 2001-08-17 21:52 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\abp480n5.sys
2015-04-29 02:52 - 2001-08-17 21:52 - 00022400 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\asc3350p.sys
2015-04-29 02:52 - 2001-08-17 21:52 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\aha154x.sys
2015-04-29 02:52 - 2001-08-17 21:52 - 00012032 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\amsint.sys
2015-04-29 02:52 - 2001-08-17 21:51 - 00014848 ____C (Advanced System Products, Inc.) C:\WINDOWS1\system32\dllcache\asc3550.sys
2015-04-29 02:52 - 2001-08-17 21:51 - 00005248 ____C (Acer Laboratories Inc.) C:\WINDOWS1\system32\dllcache\aliide.sys
2015-04-29 02:52 - 2001-08-17 21:49 - 00026624 ____C (Acer Laboratories Inc.) C:\WINDOWS1\system32\dllcache\alifir.sys
2015-04-29 02:52 - 2001-08-17 21:47 - 00006272 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\apmbatt.sys
2015-04-29 02:52 - 2001-08-17 21:28 - 00762780 ____C (3Com, Inc.) C:\WINDOWS1\system32\dllcache\3cwmcru.sys
2015-04-29 02:52 - 2001-08-17 20:49 - 00046464 ____C () C:\WINDOWS1\system32\dllcache\atibt829.sys
2015-04-29 02:52 - 2001-08-17 20:49 - 00010240 ____C () C:\WINDOWS1\system32\dllcache\atipcxxx.sys
2015-04-29 02:52 - 2001-08-17 20:48 - 00148352 ____C (3dfx Interactive, Inc.) C:\WINDOWS1\system32\dllcache\3dfxvsm.sys
2015-04-29 02:52 - 2001-08-17 20:20 - 00297728 ____C (Silicon Integrated Systems Corp.) C:\WINDOWS1\system32\dllcache\ac97sis.sys
2015-04-29 02:52 - 2001-08-17 20:20 - 00096256 ____C (Intel Corporation) C:\WINDOWS1\system32\dllcache\ac97intc.sys
2015-04-29 02:52 - 2001-08-17 20:19 - 00747392 ____C (Aureal, Inc.) C:\WINDOWS1\system32\dllcache\adm8830.sys
2015-04-29 02:52 - 2001-08-17 20:19 - 00584448 ____C (Aureal, Inc.) C:\WINDOWS1\system32\dllcache\adm8810.sys
2015-04-29 02:52 - 2001-08-17 20:19 - 00553984 ____C (Aureal, Inc.) C:\WINDOWS1\system32\dllcache\adm8820.sys
2015-04-29 02:52 - 2001-08-17 20:12 - 00097354 ____C (Bay Networks, Inc.) C:\WINDOWS1\system32\dllcache\aspndis3.sys
2015-04-29 02:52 - 2001-08-17 20:11 - 00046112 ____C (Adaptec, Inc ) C:\WINDOWS1\system32\dllcache\adptsf50.sys
2015-04-29 02:52 - 2001-08-17 20:11 - 00027678 ____C (Acer Laboratories Inc.) C:\WINDOWS1\system32\dllcache\ali5261.sys
2015-04-29 02:52 - 2001-08-17 20:11 - 00020160 ____C (ADMtek Incorporated) C:\WINDOWS1\system32\dllcache\adm8511.sys
2015-04-29 02:52 - 2001-08-17 20:11 - 00016969 ____C (AmbiCom, Inc.) C:\WINDOWS1\system32\dllcache\amb8002.sys
2015-04-29 02:51 - 2001-10-26 17:29 - 00066048 ____C (Microsoft Corporation) C:\WINDOWS1\system32\dllcache\s3legacy.dll
2015-04-29 02:46 - 2015-04-29 02:46 - 00003932 _____ () C:\WINDOWS1\tsoc.log
2015-04-29 02:46 - 2015-04-29 02:46 - 00002309 _____ () C:\WINDOWS1\comsetup.log
2015-04-29 02:46 - 2015-04-29 02:46 - 00001917 _____ () C:\WINDOWS1\imsins.log
2015-04-29 02:46 - 2015-04-29 02:46 - 00001599 _____ () C:\WINDOWS1\ntdtcsetup.log
2015-04-29 02:46 - 2015-04-29 02:46 - 00000978 _____ () C:\WINDOWS1\iis6.log
2015-04-29 02:44 - 2015-04-29 02:44 - 00000060 _____ () C:\WINDOWS1\setupact.log
2015-04-29 02:44 - 2015-04-29 02:44 - 00000000 _____ () C:\WINDOWS1\setuperr.log
2015-04-29 02:28 - 2015-04-29 14:56 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\temp
2015-04-29 02:28 - 2015-04-29 13:58 - 00000000 ____D () C:\WINDOWS1\temp
2015-04-29 02:28 - 2015-04-29 13:53 - 00000000 ____D () C:\Documents and Settings\Jano\Ustawienia lokalne\temp
2015-04-29 02:28 - 2015-04-29 02:28 - 00042452 _____ () C:\ComboFix.txt
2015-04-29 02:28 - 2015-04-29 02:28 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Ustawienia lokalne\temp
2015-04-29 02:28 - 2015-04-29 02:28 - 00000000 ____D () C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Ustawienia lokalne\temp
2015-04-29 02:28 - 2015-04-29 02:28 - 00000000 ____D () C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\temp
2015-04-29 02:28 - 2015-04-29 02:28 - 00000000 ____D () C:\Documents and Settings\Default User\Ustawienia lokalne\temp
2015-04-29 02:28 - 2015-04-29 02:28 - 00000000 ____D () C:\Documents and Settings\Default User.WINDOWS1\Ustawienia lokalne\temp
2015-04-29 02:18 - 2015-04-29 02:18 - 00000000 _RSHD () C:\cmdcons
2015-04-29 02:18 - 2004-08-03 23:00 - 00262400 __RSH () C:\cmldr
2015-04-29 02:15 - 2015-04-29 02:34 - 00000000 ____D () C:\WINDOWS1\erdnt
2015-04-29 02:15 - 2015-04-29 02:15 - 00000000 ___RD () C:\Documents and Settings\User\Moje dokumenty\Moje wideo
2015-04-29 02:11 - 2015-04-29 02:31 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS1\system32\Drivers\MBAMSwissArmy.sys
2015-04-29 02:10 - 2015-04-29 02:10 - 00000778 _____ () C:\Documents and Settings\All Users.WINDOWS1\Pulpit\Malwarebytes Anti-Malware.lnk
2015-04-29 02:10 - 2015-04-29 02:10 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-29 02:10 - 2015-04-29 02:10 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Malwarebytes Anti-Malware
2015-04-29 02:10 - 2015-04-29 02:10 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Malwarebytes Anti-Malware
2015-04-29 02:10 - 2015-04-29 02:10 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Dane aplikacji\Malwarebytes
2015-04-29 02:10 - 2015-04-29 02:10 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Dane aplikacji\Malwarebytes
2015-04-29 02:10 - 2015-04-14 09:37 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS1\system32\Drivers\mbamchameleon.sys
2015-04-29 02:10 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS1\system32\Drivers\mbam.sys
2015-04-29 01:18 - 2015-04-29 01:18 - 00610118 _____ () C:\Documents and Settings\User\Pulpit\bookmarks.html
2015-04-29 01:18 - 2015-04-29 01:18 - 00288537 _____ () C:\Documents and Settings\User\Pulpit\bookmarks-2015-04-29.json
2015-04-29 01:02 - 2015-04-29 14:43 - 00030257 _____ () C:\WINDOWS1\setupapi.log
2015-04-29 01:02 - 2015-04-29 01:02 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-04-28 01:18 - 2015-04-28 01:18 - 00000823 _____ () C:\Documents and Settings\User\Pulpit\Real Boxing.lnk
2015-04-28 01:18 - 2015-04-28 01:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Real Boxing
2015-04-28 01:18 - 2015-04-28 01:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Real Boxing
2015-04-28 01:16 - 2015-04-28 01:18 - 00000000 ____D () C:\Program Files\Real Boxing
2015-04-27 22:21 - 2015-04-28 23:04 - 00027764 _____ () C:\WINDOWS1\MiniCarRacing.ini
2015-04-27 22:18 - 2015-04-27 22:18 - 00001559 _____ () C:\Documents and Settings\User\Pulpit\eGames.lnk
2015-04-27 22:18 - 2015-04-27 22:18 - 00000000 ____D () C:\Program Files\eGames
2015-04-27 22:18 - 2015-04-27 22:18 - 00000000 ____D () C:\Documents and Settings\User\Menu Start\Programy\eGames
2015-04-27 22:18 - 2000-07-17 13:41 - 00070088 _____ (xx) C:\WINDOWS1\system32\Project2-1.ocx
2015-04-27 22:18 - 2000-03-21 15:37 - 00001760 _____ () C:\WINDOWS1\system32\objsafe.tlb
2015-04-27 22:18 - 1999-05-07 00:00 - 00082960 _____ (Microsoft Corporation) C:\WINDOWS1\system32\Picclp32.ocx
2015-04-27 22:17 - 2015-04-27 22:17 - 00000000 ____D () C:\MINI CARS RACING
2015-04-27 20:01 - 2015-04-27 20:01 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Freejam
2015-04-27 20:01 - 2015-04-27 20:01 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\.mono
2015-04-27 20:00 - 2015-04-27 19:55 - 00237864 _____ (EasyAntiCheat Ltd) C:\WINDOWS1\system32\EasyAntiCheat.exe
2015-04-27 19:50 - 2015-04-27 19:50 - 00000000 ____D () C:\Documents and Settings\User\Menu Start\Programy\Robocraft
2015-04-23 01:03 - 2015-04-23 01:03 - 00001609 _____ () C:\Documents and Settings\All Users.WINDOWS1\Pulpit\Ballance.lnk
2015-04-23 01:02 - 2015-04-23 01:03 - 00000000 ____D () C:\Program Files\Ballance
2015-04-23 01:02 - 2015-04-23 01:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Ballance
2015-04-23 01:02 - 2015-04-23 01:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Ballance
2015-04-21 21:13 - 2015-04-21 21:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-15 20:27 - 2015-04-15 20:28 - 00000000 ____D () C:\Documents and Settings\User\Moje dokumenty\Heroes of the Storm
2015-04-15 20:12 - 2015-04-15 20:12 - 00000883 _____ () C:\Documents and Settings\All Users.WINDOWS1\Pulpit\Heroes of the Storm.lnk
2015-04-15 20:12 - 2015-04-15 20:12 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Heroes of the Storm
2015-04-15 20:12 - 2015-04-15 20:12 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Heroes of the Storm
2015-04-15 20:02 - 2015-04-26 21:06 - 00000000 ____D () C:\Program Files\Heroes of the Storm
2015-04-15 20:00 - 2015-04-27 00:08 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Battle.net
2015-04-15 20:00 - 2015-04-15 20:02 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\Battle.net
2015-04-15 20:00 - 2015-04-15 20:00 - 00000820 _____ () C:\Documents and Settings\All Users.WINDOWS1\Pulpit\Battle.net.lnk
2015-04-15 20:00 - 2015-04-15 20:00 - 00000000 ____D () C:\Program Files\Battle.net
2015-04-15 20:00 - 2015-04-15 20:00 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Blizzard Entertainment
2015-04-15 20:00 - 2015-04-15 20:00 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Battle.net
2015-04-15 20:00 - 2015-04-15 20:00 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Battle.net
2015-04-15 20:00 - 2015-04-15 20:00 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Dane aplikacji\Blizzard Entertainment
2015-04-15 20:00 - 2015-04-15 20:00 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Dane aplikacji\Blizzard Entertainment
2015-04-15 19:59 - 2015-04-15 19:59 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Dane aplikacji\Battle.net
2015-04-15 19:59 - 2015-04-15 19:59 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Dane aplikacji\Battle.net
2015-04-15 16:46 - 2015-04-15 16:46 - 00000852 _____ () C:\Documents and Settings\User\Pulpit\Format Factory.lnk
2015-04-15 16:46 - 2015-04-15 16:46 - 00000000 ____D () C:\Documents and Settings\User\Menu Start\Programy\FormatFactory
2015-04-15 14:49 - 2015-04-15 14:52 - 00000000 ____D () C:\Program Files\Product Key Finder
2015-04-15 14:49 - 2015-04-15 14:49 - 00000066 _____ () C:\Documents and Settings\User\Pulpit\moj cd-key dowindows.txt
2015-04-14 23:35 - 2015-04-14 23:35 - 18178736 _____ (Adobe Systems Incorporated) C:\WINDOWS1\system32\FlashPlayerInstaller.exe
2015-04-13 01:16 - 2015-04-13 01:17 - 00000097 _____ () C:\WINDOWS1\system32\Userdata.ini
2015-04-13 01:08 - 2015-04-13 01:08 - 00000041 _____ () C:\Documents and Settings\User\Moje dokumenty\mt-x_hook.txt
2015-04-13 01:08 - 2015-04-13 01:08 - 00000008 _____ () C:\Documents and Settings\User\Moje dokumenty\mt-e_hook.txt
2015-04-13 01:06 - 2015-04-13 01:06 - 00000000 ____D () C:\Program Files\MegaDev
2015-04-01 20:25 - 2015-04-01 20:25 - 00001439 _____ () C:\Documents and Settings\User\Pulpit\qqq.lnk
2015-04-01 20:16 - 2015-04-01 20:16 - 00000000 ____D () C:\Program Files\WTFast
2015-04-01 20:16 - 2015-04-01 20:16 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\WTFast
2015-04-01 20:16 - 2015-04-01 20:16 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\WTFast
2015-04-01 20:16 - 2014-10-15 15:18 - 00072296 _____ (Initex) C:\WINDOWS1\system32\WTFastDrv.dll
2015-03-31 21:48 - 2015-03-31 21:48 - 00000859 _____ () C:\Documents and Settings\User\Pulpit\Matura to bzdura 2.txt
2015-03-30 23:30 - 2015-03-30 23:30 - 00000248 _____ () C:\Documents and Settings\User\Pulpit\marketing.txt
2015-03-30 13:29 - 2015-03-30 13:29 - 00000000 ____D () C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji\Overwolf
2015-03-30 00:17 - 2015-04-28 21:25 - 00000000 ____D () C:\Documents and Settings\User\Pulpit\zdjecia
2015-03-30 00:17 - 2015-03-30 00:17 - 00000000 ____D () C:\Documents and Settings\User\Overwolf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-29 14:41 - 2014-03-09 23:13 - 00006144 ___SH () C:\Documents and Settings\User\Pulpit\Thumbs.db
2015-04-29 14:36 - 2008-04-15 14:00 - 00555462 _____ () C:\WINDOWS1\system32\perfh015.dat
2015-04-29 14:36 - 2008-04-15 14:00 - 00104494 _____ () C:\WINDOWS1\system32\perfc015.dat
2015-04-29 14:36 - 2008-03-05 03:36 - 01254092 _____ () C:\WINDOWS1\system32\PerfStringBackup.INI
2015-04-29 14:35 - 2014-01-22 15:04 - 00000932 _____ () C:\WINDOWS1\Tasks\Adobe Flash Player Updater.job
2015-04-29 14:33 - 2014-05-14 16:00 - 00001036 _____ () C:\WINDOWS1\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-29 14:33 - 2008-03-05 02:48 - 01156386 _____ () C:\WINDOWS1\WindowsUpdate.log
2015-04-29 14:32 - 2008-03-05 03:20 - 00000000 ____D () C:\WINDOWS1
2015-04-29 14:31 - 2014-05-14 16:00 - 00001032 _____ () C:\WINDOWS1\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-29 14:31 - 2008-04-15 14:00 - 00002422 _____ () C:\WINDOWS1\system32\wpa.dbl
2015-04-29 14:31 - 2008-03-05 02:55 - 00000006 ____H () C:\WINDOWS1\Tasks\SA.DAT
2015-04-29 14:22 - 2008-03-05 03:15 - 00000188 ___SH () C:\Documents and Settings\User\ntuser.ini
2015-04-29 14:22 - 2008-03-05 02:55 - 00032472 _____ () C:\WINDOWS1\SchedLgU.Txt
2015-04-29 13:54 - 2014-01-21 02:32 - 00000188 ___SH () C:\Documents and Settings\Jano\ntuser.ini
2015-04-29 13:32 - 2014-01-21 02:31 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-04-29 12:08 - 2014-01-22 16:46 - 00000000 __HDC () C:\WINDOWS1\$NtUninstallKB2727528$
2015-04-29 12:08 - 2008-03-05 03:32 - 00155568 _____ () C:\WINDOWS1\system32\FNTCACHE.DAT
2015-04-29 03:32 - 2008-03-05 03:15 - 00000000 ___HD () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji
2015-04-29 02:56 - 2014-01-24 17:47 - 00000188 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2015-04-29 02:34 - 2014-06-11 20:01 - 00000000 ____D () C:\Documents and Settings\User\Moje dokumenty\Pobrane
2015-04-29 02:28 - 2014-01-24 17:47 - 00000000 ___HD () C:\Documents and Settings\UpdatusUser\Ustawienia lokalne
2015-04-29 02:28 - 2014-01-21 03:17 - 00000000 __RHD () C:\Documents and Settings\Default User\Ustawienia lokalne
2015-04-29 02:28 - 2014-01-21 02:32 - 00000000 ___HD () C:\Documents and Settings\Jano\Ustawienia lokalne
2015-04-29 02:28 - 2014-01-21 02:31 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-04-29 02:28 - 2008-03-05 03:35 - 00000000 __RHD () C:\Documents and Settings\Default User.WINDOWS1\Ustawienia lokalne
2015-04-29 02:28 - 2008-03-05 03:15 - 00000000 ___HD () C:\Documents and Settings\User\Ustawienia lokalne
2015-04-29 02:28 - 2008-03-05 02:55 - 00000000 ___HD () C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne
2015-04-29 02:28 - 2008-03-05 02:53 - 00000000 ___HD () C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Ustawienia lokalne
2015-04-29 02:26 - 2008-04-15 14:00 - 00000227 _____ () C:\WINDOWS1\system.ini
2015-04-29 02:26 - 2008-03-05 03:33 - 00000000 __RHD () C:\Documents and Settings\All Users.WINDOWS1\Dane aplikacji
2015-04-29 02:26 - 2008-03-05 03:15 - 00000000 __RHD () C:\Documents and Settings\User\Dane aplikacji
2015-04-29 02:18 - 2014-01-21 03:13 - 00000439 __RSH () C:\boot.ini
2015-04-29 02:15 - 2008-03-05 03:35 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS1\Dokumenty
2015-04-29 02:15 - 2008-03-05 03:15 - 00000000 ___RD () C:\Documents and Settings\User\Moje dokumenty
2015-04-29 02:10 - 2008-03-05 03:35 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy
2015-04-29 02:10 - 2008-03-05 03:35 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy
2015-04-29 02:10 - 2008-03-05 03:35 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Pulpit
2015-04-29 02:06 - 2008-03-05 03:15 - 00000000 ____D () C:\Documents and Settings\User\Pulpit
2015-04-29 01:09 - 2008-03-05 03:15 - 00001607 _____ () C:\Documents and Settings\User\Menu Start\Programy\Pomoc zdalna.lnk
2015-04-29 01:08 - 2014-01-24 17:47 - 00001607 _____ () C:\Documents and Settings\UpdatusUser\Menu Start\Programy\Pomoc zdalna.lnk
2015-04-29 01:07 - 2014-01-21 02:32 - 00001607 _____ () C:\Documents and Settings\Jano\Menu Start\Programy\Pomoc zdalna.lnk
2015-04-29 01:07 - 2014-01-21 02:28 - 00001607 _____ () C:\Documents and Settings\Default User\Menu Start\Programy\Pomoc zdalna.lnk
2015-04-29 01:07 - 2008-03-05 02:49 - 00001607 _____ () C:\Documents and Settings\Default User.WINDOWS1\Menu Start\Programy\Pomoc zdalna.lnk
2015-04-29 01:07 - 2008-03-05 02:49 - 00001571 _____ () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Określ dostęp do programów i ich ustawienia domyślne.lnk
2015-04-29 01:07 - 2008-03-05 02:49 - 00001571 _____ () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Określ dostęp do programów i ich ustawienia domyślne.lnk
2015-04-29 01:07 - 2008-03-05 02:49 - 00001515 _____ () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Windows Update.lnk
2015-04-29 01:07 - 2008-03-05 02:49 - 00001515 _____ () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Windows Update.lnk
2015-04-29 01:05 - 2014-12-18 23:12 - 00000000 ____D () C:\Documents and Settings\User\Pulpit\pobrane z pozilli
2015-04-29 01:02 - 2014-01-22 13:45 - 00000730 _____ () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Mozilla Firefox.lnk
2015-04-29 01:02 - 2014-01-22 13:45 - 00000730 _____ () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Mozilla Firefox.lnk
2015-04-29 01:02 - 2014-01-22 13:45 - 00000724 _____ () C:\Documents and Settings\All Users.WINDOWS1\Pulpit\Mozilla Firefox.lnk
2015-04-29 01:02 - 2008-03-05 03:16 - 00000803 _____ () C:\Documents and Settings\User\Menu Start\Programy\Internet Explorer.lnk
2015-04-29 00:53 - 2014-02-12 21:02 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\Media Player Classic
2015-04-29 00:44 - 2014-03-02 02:17 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\DAEMON Tools Lite
2015-04-29 00:44 - 2014-02-17 00:52 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\uTorrent
2015-04-29 00:44 - 2014-02-13 01:33 - 00000000 ____D () C:\Program Files\Steam
2015-04-29 00:41 - 2014-01-24 00:39 - 00001324 _____ () C:\WINDOWS1\system32\d3d9caps.dat
2015-04-28 23:38 - 2014-03-29 18:47 - 00000000 ____D () C:\FILMY
2015-04-28 23:07 - 2014-01-22 16:39 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\Skype
2015-04-28 22:12 - 2008-04-15 14:00 - 00000983 _____ () C:\WINDOWS1\win.ini
2015-04-28 21:28 - 2015-03-21 21:10 - 00000000 ____D () C:\Documents and Settings\User\Menu Start\Programy\Steam
2015-04-28 02:49 - 2014-03-02 05:24 - 01135544 _____ () C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2015-04-28 02:49 - 2008-03-05 02:55 - 00000000 ___HD () C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji
2015-04-28 01:22 - 2014-07-11 01:16 - 00000000 ____D () C:\Documents and Settings\User\Moje dokumenty\My Games
2015-04-27 22:20 - 2008-03-05 03:15 - 00000000 ___RD () C:\Documents and Settings\User\Menu Start
2015-04-27 22:19 - 2008-03-05 03:15 - 00000000 ___RD () C:\Documents and Settings\User\Menu Start\Programy
2015-04-27 19:50 - 2015-02-15 17:29 - 00000000 ____D () C:\Games
2015-04-27 19:18 - 2014-02-17 22:56 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\TS3Client
2015-04-23 01:39 - 2014-03-09 23:11 - 00000000 ____D () C:\FFOutput
2015-04-23 01:36 - 2014-11-18 17:11 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\vlc
2015-04-23 01:02 - 2014-01-21 02:41 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-04-23 01:02 - 2014-01-21 02:35 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-22 16:12 - 2014-01-21 02:44 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-20 22:11 - 2014-01-21 03:04 - 00000000 ___RD () C:\Program Files\Skype
2015-04-20 22:10 - 2014-01-22 16:39 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Dane aplikacji\Skype
2015-04-20 22:10 - 2014-01-22 16:39 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Dane aplikacji\Skype
2015-04-17 16:29 - 2015-02-01 20:09 - 00000000 ____D () C:\Program Files\Battlefield2
2015-04-16 23:18 - 2014-10-11 02:34 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\SKIDROW
2015-04-16 21:26 - 2008-03-05 03:20 - 00000000 ____D () C:\WINDOWS1\Help
2015-04-14 23:35 - 2014-01-22 15:04 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS1\system32\FlashPlayerApp.exe
2015-04-14 23:35 - 2014-01-22 15:04 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS1\system32\FlashPlayerCPLApp.cpl
2015-04-09 00:47 - 2015-01-02 18:31 - 00000000 ____D () C:\Documents and Settings\User\Moje dokumenty\Battlefield Play4Free
2015-04-04 02:24 - 2014-12-04 19:44 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\screenSHU
2015-03-31 21:47 - 2015-02-16 23:58 - 00010372 _____ () C:\Documents and Settings\User\Pulpit\Matura to bzdura.odt
2015-03-31 19:41 - 2008-03-05 03:35 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Autostart
2015-03-31 19:41 - 2008-03-05 03:35 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS1\Menu Start\Programy\Autostart
2015-03-31 15:37 - 2014-09-01 23:06 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Adobe
2015-03-30 23:35 - 2008-03-05 01:05 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Dane aplikacji\AVAST Software
2015-03-30 23:35 - 2008-03-05 01:05 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS1\Dane aplikacji\AVAST Software

==================== Files in the root of some directories =======

2014-05-19 00:02 - 2014-08-02 00:03 - 0000080 _____ () C:\Documents and Settings\User\Dane aplikacji\mBot.ini
2014-02-23 01:28 - 2015-01-02 18:20 - 0138056 _____ () C:\Documents and Settings\User\Dane aplikacji\PnkBstrK.sys

Files to move or delete:
====================
C:\Windows\Tasks\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}.job


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS1\explorer.exe => File is digitally signed
C:\WINDOWS1\system32\winlogon.exe => File is digitally signed
C:\WINDOWS1\system32\svchost.exe => File is digitally signed
C:\WINDOWS1\system32\services.exe
[2008-04-15 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f     

C:\WINDOWS1\system32\User32.dll => File is digitally signed
C:\WINDOWS1\system32\userinit.exe => File is digitally signed
C:\WINDOWS1\system32\rpcss.dll
[2008-04-15 14:00] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3     

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS1\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================