Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2015 03 Ran by Michaela (administrator) on MICHAELA-LAPTOP (22-08-2015 15:48:12) Running from F:\ Loaded Profiles: Michaela (Available Profiles: Michaela) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Polski (Polska) Internet Explorer Version 9 (Default browser path: "D:\Oprogramowanie\Opera\Opera.exe" "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (COMODO) D:\Oprogramowanie\COMODO\COMODO Internet Security\cmdagent.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe () C:\Windows\System32\WLTRYSVC.EXE (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE (Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Kontiki Inc.) C:\Program Files\Kontiki\KService.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Creative Technology Ltd.) C:\Windows\OEM02Mon.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Dell Inc.) C:\Windows\System32\WLTRAY.EXE (IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (COMODO) D:\Oprogramowanie\COMODO\COMODO Internet Security\CisTray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (IDT, Inc.) C:\Windows\System32\stacsv.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (COMODO) D:\Oprogramowanie\COMODO\COMODO Internet Security\cavwp.exe (COMODO) D:\Oprogramowanie\COMODO\COMODO Internet Security\cis.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Opera Software) D:\Oprogramowanie\Opera\opera.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe (COMODO) D:\Oprogramowanie\COMODO\COMODO Internet Security\cmdupd.exe (COMODO) D:\Oprogramowanie\COMODO\COMODO Internet Security\cavwp.exe (COMODO) D:\Oprogramowanie\COMODO\COMODO Internet Security\cis.exe (COMODO) D:\Oprogramowanie\COMODO\COMODO Internet Security\cmdvirth.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [167936 2008-05-04] (Alps Electric Co., Ltd.) HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2008-03-04] (Creative Technology Ltd.) HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-03-21] (Intel Corporation) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3444736 2007-12-08] (Dell Inc.) HKLM\...\Run: [] => [X] HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [236016 2008-09-19] (Sonic Solutions) HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-11-12] (IDT, Inc.) HKLM\...\Run: [Plus Internet] => C:\Program Files\Plus Internet\PlusInternetChecker.exe [645040 2012-09-28] () HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation) HKLM\...\Run: [COMODO Internet Security] => D:\Oprogramowanie\COMODO\COMODO Internet Security\cistray.exe [1361088 2015-08-05] (COMODO) Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2008-10-28] (Citrix Online, a division of Citrix Systems, Inc.) HKU\S-1-5-21-1445831302-2848165502-626848564-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-1445831302-2848165502-626848564-1000\...\InprocServer32: [Default-pngfilt] <==== ATTENTION Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2008-10-28] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2008-10-28] ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2008-10-28] ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2008-10-28] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2008-10-28] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 [2015-06-17] () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1445831302-2848165502-626848564-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1445831302-2848165502-626848564-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=3081028 SearchScopes: HKU\S-1-5-21-1445831302-2848165502-626848564-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1445831302-2848165502-626848564-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=110819&tt=190712_n_mont_3012_8&babsrc=SP_ss&mntrId=58810bed00000000000000225f31f205 BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation) BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Dell\BAE\BAE.dll [2006-11-09] (Dell Inc.) Toolbar: HKU\S-1-5-21-1445831302-2848165502-626848564-1000 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File Toolbar: HKU\S-1-5-21-1445831302-2848165502-626848564-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKU\S-1-5-21-1445831302-2848165502-626848564-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-1445831302-2848165502-626848564-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-11-28] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{163E3CF0-84B0-4C65-B263-284D0E35D5D4}: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-20] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-08] Opera: ======= StartMenuInternet: (HKLM) Opera - D:\Oprogramowanie\Opera\Opera.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 CmdAgent; D:\Oprogramowanie\COMODO\COMODO Internet Security\cmdagent.exe [4353840 2015-08-05] (COMODO) R3 cmdvirth; D:\Oprogramowanie\COMODO\COMODO Internet Security\cmdvirth.exe [1664704 2015-08-05] (COMODO) R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [161048 2008-05-02] (Stardock Corporation) S3 GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [16680 2008-10-28] (Citrix Online, a division of Citrix Systems, Inc.) S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-03-25] (Hewlett-Packard Co.) [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 KService; C:\Program Files\Kontiki\KService.exe [3098152 2009-01-02] (Kontiki Inc.) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336 2008-10-09] (Vodafone) [File not signed] S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2506752 2007-12-08] (Dell Inc.) [File not signed] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17064 2015-08-05] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [627824 2015-08-05] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [40712 2015-08-05] (COMODO) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [15968 2014-11-18] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2014-11-18] () R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91176 2015-08-05] (COMODO) S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2012-09-28] (MBB Incorporated) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2015-08-22] (Duplex Secure Ltd.) R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed] S3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [130048 2012-09-28] (ZTE Corporation) S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 USBAAPL; System32\Drivers\usbaapl.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-22 15:47 - 2015-08-22 15:48 - 00000000 ____D C:\FRST 2015-08-22 13:52 - 2015-08-22 13:52 - 00466008 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2015-08-22 13:41 - 2015-08-22 13:45 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\DAEMON Tools Lite 2015-08-22 13:35 - 2015-08-22 13:39 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2015-08-22 13:30 - 2015-08-22 13:31 - 00099208 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll 2015-08-22 13:30 - 2015-08-22 13:30 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\pdfforge 2015-08-22 13:30 - 2015-08-22 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2015-08-22 09:32 - 2015-08-22 09:33 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\WinRAR 2015-08-22 09:32 - 2015-08-22 09:32 - 00000645 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk 2015-08-22 09:32 - 2015-08-22 09:32 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-08-22 09:32 - 2015-08-22 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-08-21 22:55 - 2015-08-22 15:46 - 00002756 _____ C:\Windows\system32\Drivers\fvstore.dat 2015-08-21 22:53 - 2015-08-21 22:59 - 00000000 ____D C:\Users\Michaela\Documents\DVDFab Media Player 2015-08-21 22:52 - 2015-08-21 22:52 - 00000707 _____ C:\Users\Public\Desktop\DVDFab Media Player 2.lnk 2015-08-21 22:52 - 2015-08-21 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab Media Player 2 2015-08-21 22:22 - 2015-08-21 22:22 - 00000000 ____D C:\Windows\system32\0415 2015-08-21 22:21 - 2015-08-21 22:25 - 00000000 ____D C:\Windows\pl-PL 2015-08-21 11:11 - 2015-08-21 22:26 - 00000000 ____D C:\Windows\system32\Drivers\pl-PL 2015-08-21 11:11 - 2015-08-21 22:22 - 00000000 ____D C:\Windows\system32\pl 2015-08-21 11:05 - 2015-08-21 11:05 - 00000000 ____D C:\Windows\system32\Vistalizator 2015-08-20 18:14 - 2015-08-20 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2015-08-20 18:11 - 2015-08-20 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP2 2015-08-20 18:00 - 2015-08-20 18:00 - 00000743 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk 2015-08-20 17:59 - 2015-08-22 15:33 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-20 17:59 - 2015-08-20 17:59 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-08-20 17:59 - 2015-08-20 17:59 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-08-20 16:49 - 2015-08-20 16:49 - 00000639 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-08-20 16:49 - 2015-08-20 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-08-20 16:19 - 2015-08-22 15:39 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat 2015-08-20 16:15 - 2015-08-20 16:15 - 00001623 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk 2015-08-20 16:15 - 2015-08-20 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO 2015-08-20 16:14 - 2015-08-20 16:14 - 00000000 ____D C:\ProgramData\Shared Space 2015-08-20 16:13 - 2015-08-20 16:13 - 00000000 ____D C:\ProgramData\Comodo Downloader 2015-08-20 16:12 - 2015-08-20 16:23 - 00000000 ____D C:\ProgramData\Comodo 2015-08-20 16:03 - 2015-08-20 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.5 2015-08-20 16:03 - 2015-04-16 12:15 - 02536072 _____ C:\Windows\system32\BootMan.exe 2015-08-20 16:03 - 2014-11-18 15:46 - 00021088 _____ C:\Windows\system32\EuEpmGdi.dll 2015-08-20 16:03 - 2014-11-18 15:39 - 00015968 _____ C:\Windows\system32\epmntdrv.sys 2015-08-20 16:03 - 2014-11-18 15:39 - 00010208 _____ C:\Windows\system32\EuGdiDrv.sys 2015-08-20 16:03 - 2014-11-18 15:38 - 00088160 _____ C:\Windows\system32\setupempdrv03.exe 2015-08-20 15:56 - 2015-08-20 15:56 - 00000675 _____ C:\Users\Public\Desktop\Opera.lnk 2015-08-20 15:56 - 2015-08-20 15:56 - 00000675 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-08-20 15:56 - 2015-08-20 15:56 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\Opera 2015-08-20 15:56 - 2015-08-20 15:56 - 00000000 ____D C:\Users\Michaela\AppData\Local\Opera 2015-08-20 14:04 - 2015-08-20 14:12 - 00001399 ____H C:\Windows\EPMBatch.ept 2015-08-20 13:36 - 2015-08-22 14:34 - 00017910 _____ C:\Windows\PFRO.log 2015-08-20 12:20 - 2015-08-20 13:14 - 00002155 _____ C:\Windows\epplauncher.mif 2015-08-20 12:19 - 2015-08-20 13:14 - 00000000 ____D C:\Program Files\Microsoft Security Client 2015-08-20 12:19 - 2015-08-20 13:13 - 00001828 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-08-20 12:18 - 2015-08-20 12:18 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\Mozilla 2015-08-20 12:18 - 2015-08-20 12:18 - 00000000 ____D C:\Users\Michaela\AppData\Local\Mozilla 2015-08-20 12:13 - 2015-08-20 12:13 - 12268544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 09702400 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2015-08-20 12:13 - 2015-08-20 12:13 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-08-20 12:13 - 2015-08-20 12:13 - 01797632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 01785344 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 01427456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-08-20 12:13 - 2015-08-20 12:13 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 01102336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00580608 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-08-20 12:13 - 2015-08-20 12:13 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2015-08-20 12:13 - 2015-08-20 12:13 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2015-08-20 12:13 - 2015-08-20 12:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-08-20 12:13 - 2015-08-20 12:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2015-08-20 12:13 - 2015-08-20 12:13 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2015-08-20 12:13 - 2015-08-20 12:13 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-08-20 12:13 - 2015-08-20 12:13 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2015-08-20 12:13 - 2015-08-20 12:13 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2015-08-20 12:13 - 2015-08-20 12:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-08-20 12:13 - 2015-08-20 12:13 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-08-20 12:13 - 2010-04-05 22:00 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2015-08-20 12:12 - 2015-08-20 12:12 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll 2015-08-20 12:10 - 2015-08-20 12:13 - 00002873 _____ C:\Windows\IE9_main.log 2015-08-14 23:16 - 2015-08-15 00:07 - 00000000 ____D C:\Users\Michaela\AppData\Local\iPQ 2015-08-14 23:16 - 2015-08-14 23:16 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\Plus Internet 2015-08-14 23:15 - 2015-08-14 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plus Internet Monitor 2015-08-14 23:15 - 2015-08-14 23:15 - 00000000 ____D C:\Program Files\Plus Internet Monitor 2015-08-14 23:14 - 2015-08-14 23:14 - 00000866 _____ C:\Users\Public\Desktop\Plus Internet.lnk 2015-08-14 23:14 - 2015-08-14 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plus Internet 2015-08-14 23:14 - 2015-08-14 23:14 - 00000000 ____D C:\Program Files\Plus Internet 2015-08-14 23:14 - 2012-09-28 09:53 - 00130048 _____ (ZTE Corporation) C:\Windows\system32\Drivers\ZTEusbnet.sys 2015-08-14 23:14 - 2012-09-28 09:53 - 00107520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbser6k.sys 2015-08-14 23:14 - 2012-09-28 09:53 - 00107520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmea.sys 2015-08-14 23:14 - 2012-09-28 09:53 - 00107520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbmdm6k.sys 2015-08-14 23:14 - 2012-09-28 09:53 - 00009216 _____ (MBB Incorporated) C:\Windows\system32\Drivers\massfilter.sys 2015-08-05 02:30 - 2015-08-05 02:30 - 00627824 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys 2015-08-05 02:30 - 2015-08-05 02:30 - 00091176 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys 2015-08-05 02:30 - 2015-08-05 02:30 - 00040712 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys 2015-08-05 02:30 - 2015-08-05 02:30 - 00017064 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys 2015-08-05 02:29 - 2015-08-05 02:29 - 00445472 _____ (COMODO) C:\Windows\system32\guard32.dll 2015-08-05 02:29 - 2015-08-05 02:29 - 00033496 _____ (COMODO) C:\Windows\system32\cmdcsr.dll 2015-08-05 02:27 - 2015-08-05 02:27 - 00288448 _____ (COMODO) C:\Windows\system32\cmdvrt32.dll 2015-08-05 02:26 - 2015-08-05 02:26 - 00040640 _____ (COMODO) C:\Windows\system32\cmdkbd32.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-22 15:50 - 2008-11-28 19:15 - 00000000 ____D C:\ProgramData\Kontiki 2015-08-22 15:39 - 2008-10-28 12:29 - 02014488 _____ C:\Windows\WindowsUpdate.log 2015-08-22 15:36 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET 2015-08-22 15:34 - 2006-11-02 12:33 - 00865456 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-22 15:31 - 2008-11-05 11:57 - 00126664 _____ C:\Users\Michaela\AppData\Local\GDIPFONTCACHEV1.DAT 2015-08-22 15:30 - 2006-11-02 14:47 - 00452496 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-22 15:29 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-22 15:29 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-22 15:29 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-22 15:27 - 2008-11-05 12:08 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-08-22 15:27 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-08-22 14:55 - 2009-02-02 18:44 - 00006648 _____ C:\Users\Michaela\AppData\Local\d3d9caps.dat 2015-08-22 14:33 - 2010-11-06 17:11 - 00000000 ____D C:\Users\Michaela\AppData\Local\CrashDumps 2015-08-22 13:52 - 2008-10-28 12:29 - 00002140 _____ C:\Windows\bthservsdp.dat 2015-08-22 13:52 - 2006-11-02 15:01 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-08-22 13:42 - 2008-11-05 11:57 - 00000000 ____D C:\Users\Michaela 2015-08-21 23:39 - 2008-11-05 12:11 - 00000000 ____D C:\Program Files\Microsoft.NET 2015-08-21 23:39 - 2008-10-28 12:04 - 00000000 ____D C:\Program Files\Microsoft Office 2015-08-21 23:39 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\ShellNew 2015-08-21 23:38 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\MSBuild 2015-08-21 23:23 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\System 2015-08-21 23:23 - 2006-11-02 12:23 - 00000163 _____ C:\Windows\win.ini 2015-08-21 22:26 - 2006-11-02 14:42 - 00000000 ____D C:\Windows\WindowsMobile 2015-08-21 22:26 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Defender 2015-08-21 22:26 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\pl-PL 2015-08-21 22:25 - 2006-11-02 14:42 - 00000000 ____D C:\Windows\system32\WCN 2015-08-21 22:25 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal 2015-08-21 22:24 - 2006-11-02 14:42 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2015-08-21 22:24 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Collaboration 2015-08-21 22:24 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\inetsrv 2015-08-21 22:24 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\IME 2015-08-21 22:24 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Help 2015-08-21 22:23 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\DigitalLocker 2015-08-21 22:23 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Calendar 2015-08-21 22:23 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Movie Maker 2015-08-21 22:23 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\com 2015-08-21 22:22 - 2006-11-02 14:42 - 00000000 ____D C:\Windows\system32\winrm 2015-08-21 22:22 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Sidebar 2015-08-21 22:22 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery 2015-08-21 22:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\MSAgent 2015-08-21 22:21 - 2006-11-02 14:42 - 00000000 ____D C:\Windows\system32\slmgr 2015-08-21 22:21 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\MUI 2015-08-21 21:32 - 2008-01-21 04:24 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe 2015-08-21 11:11 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer 2015-08-20 18:25 - 2009-05-11 16:51 - 00000000 ____D C:\Windows\pss 2015-08-20 18:00 - 2012-07-23 21:47 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\SumatraPDF 2015-08-20 17:59 - 2008-10-28 11:57 - 00000000 ____D C:\ProgramData\Adobe 2015-08-20 17:59 - 2008-10-28 11:56 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-08-20 17:59 - 2008-10-28 11:56 - 00000000 ____D C:\Program Files\Adobe 2015-08-20 17:58 - 2008-11-12 19:31 - 00000000 ____D C:\Users\Michaela\AppData\Local\Adobe 2015-08-20 17:23 - 2013-02-22 17:10 - 00000000 ____D C:\Program Files\Canon 2015-08-20 17:20 - 2008-10-28 11:41 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-08-20 16:58 - 2009-03-05 16:37 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\Amazon 2015-08-20 16:58 - 2009-03-05 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon 2015-08-20 16:31 - 2007-12-06 10:51 - 00298496 _____ (Marvell) C:\Windows\system32\Drivers\yk60x86.sys 2015-08-20 16:17 - 2009-02-05 16:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-08-20 16:17 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\twain_32 2015-08-20 14:06 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache 2015-08-20 13:56 - 2011-05-14 01:35 - 00000000 ____D C:\Users\Michaela\AppData\Local\Windows Live 2015-08-20 13:41 - 2008-11-05 12:00 - 00000951 _____ C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-08-20 13:40 - 2008-02-04 01:07 - 00000000 ____D C:\Windows\Panther 2015-08-20 13:36 - 2008-10-28 11:58 - 00000000 ____D C:\Program Files\Google 2015-08-20 13:34 - 2006-11-02 13:18 - 00000000 ___RD C:\Windows\Offline Web Pages 2015-08-20 13:25 - 2008-11-05 12:01 - 00000000 ____D C:\Users\Michaela\AppData\Local\Google 2015-08-20 13:18 - 2012-12-03 15:13 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2015-08-20 13:18 - 2008-11-11 17:46 - 00000000 ____D C:\Program Files\iPod 2015-08-20 12:17 - 2008-10-28 12:01 - 00000000 ____D C:\Program Files\CyberLink 2015-08-20 12:14 - 2010-06-21 23:39 - 00000000 ____D C:\Program Files\Zylom Games 2015-08-20 12:13 - 2006-11-02 08:32 - 00008798 _____ C:\Windows\system32\icrav03.rat 2015-08-20 12:13 - 2006-11-02 08:32 - 00001988 _____ C:\Windows\system32\ticrf.rat 2015-08-20 12:12 - 2009-01-19 14:28 - 00000000 ____D C:\Program Files\Yahoo! 2015-08-20 12:11 - 2008-11-11 17:51 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\Apple Computer 2015-08-20 12:09 - 2008-12-12 17:30 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\Samsung 2015-08-20 12:07 - 2009-04-09 12:06 - 00000000 ____D C:\Program Files\Common Files\Real 2015-08-20 12:06 - 2009-04-09 12:06 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\Real 2015-08-20 12:05 - 2009-06-07 18:00 - 00000000 ____D C:\Program Files\Spotify 2015-08-20 11:53 - 2012-06-08 19:48 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\Dropbox 2015-08-20 11:49 - 2009-02-13 18:01 - 00000000 ____D C:\Users\Michaela\Tracing ==================== Files in the root of some directories ======= 2014-02-24 01:01 - 2014-02-24 01:02 - 0001253 _____ () C:\Users\Michaela\AppData\Roaming\Bubble Dock.boostrap.log 2014-02-24 01:02 - 2014-02-24 01:02 - 0013133 _____ () C:\Users\Michaela\AppData\Roaming\Bubble Dock.installation.log 2009-10-23 18:15 - 2014-02-24 00:55 - 0000908 _____ () C:\Users\Michaela\AppData\Roaming\wklnhst.dat 2009-02-02 18:44 - 2015-08-22 14:55 - 0006648 _____ () C:\Users\Michaela\AppData\Local\d3d9caps.dat 2010-10-21 08:33 - 2010-10-24 19:29 - 0001940 _____ () C:\Users\Michaela\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini 2008-08-20 17:45 - 2008-08-20 17:45 - 0020270 _____ () C:\ProgramData\DeviceInstaller.xml 2008-09-22 15:21 - 2008-09-22 15:21 - 0127092 ____R () C:\ProgramData\DeviceManager.xml.rc4 2009-01-16 22:00 - 2009-01-16 22:00 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2009-02-05 16:47 - 2009-08-03 13:13 - 0001692 _____ () C:\ProgramData\hpzinstall.log 2008-12-12 17:29 - 2009-10-18 21:43 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt Some files in TEMP: ==================== C:\Users\Michaela\AppData\Local\Temp\bpuninstall.exe C:\Users\Michaela\AppData\Local\Temp\uninstall.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed