Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-03-2019 Ran by johny (administrator) on LAPTOP-50388EAD (03-03-2019 13:09:19) Running from D:\Downloads Loaded Profiles: johny (Available Profiles: johny) Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 6 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) [File not signed] C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation ) [File not signed] C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Update\1.3.33.23\GoogleCrashHandler.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems) C:\WINDOWS\AGRSMMSG.exe (Microsoft Windows Hardware Compatibility Publisher -> ELANTECH Devices Corp.) C:\Program Files\Elantech\Ktp.exe () [File not signed] C:\WINDOWS\system32\tsnp2std.exe (Microsoft Windows Hardware Compatibility Publisher -> Sonix) C:\WINDOWS\vsnp2std.exe (Intel Corporation) [File not signed] C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation) [File not signed] C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation) [File not signed] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Hewlett-Packard) [File not signed] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (GG Network S.A. -> GG Network S.A.) C:\Documents and Settings\johny\Local Settings\Application Data\GG\Application\gghub.exe (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (Xevin Consulting -> GG Network S.A.) C:\Documents and Settings\johny\Local Settings\Application Data\GG\Application\ggapp.exe (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Hewlett-Packard Company) [File not signed] C:\Program Files\HP\HPBDSService\HPBDSService.exe (HP) [File not signed] C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (Intel Corporation) [File not signed] C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Intel Corporation) [File not signed] C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\alg.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Hewlett-Packard) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [7405568 2006-02-08] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16143872 2006-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-08-25] (Realtek Semiconductor Corp.) [File not signed] HKLM\...\Run: [AGRSMMSG] => C:\WINDOWS\AGRSMMSG.exe [88204 2005-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems) HKLM\...\Run: [KTPWare] => C:\Program Files\Elantech\ktp.exe [512000 2006-03-28] (Microsoft Windows Hardware Compatibility Publisher -> ELANTECH Devices Corp.) HKLM\...\Run: [tsnp2std] => C:\WINDOWS\system32\tsnp2std.exe [331776 2006-06-14] () [File not signed] HKLM\...\Run: [snp2std] => C:\WINDOWS\vsnp2std.exe [675840 2006-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Sonix) HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [667718 2006-04-14] (Intel Corporation) [File not signed] HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [602182 2006-04-14] (Intel Corporation) [File not signed] HKLM\...\Run: [EOUApp] => C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [569413 2006-04-14] (Intel Corporation) [File not signed] HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard) [File not signed] HKLM\...\Run: [hpqSRMon] => [X] HKLM\...\Run: [StatusAlerts] => C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2019-01-31] (AVAST Software s.r.o. -> AVAST Software) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-329068152-527237240-682003330-1004\...\Run: [GG] => C:\Documents and Settings\johny\Local Settings\Application Data\GG\Application\gghub.exe [4078144 2015-11-06] (GG Network S.A. -> GG Network S.A.) HKU\S-1-5-21-329068152-527237240-682003330-1004\...\Run: [Chromium] => c:\documents and settings\johny\local settings\application data\chromium\application\chrome.exe [666624 2015-07-30] (The Chromium Authors) [File not signed] HKLM\...\Drivers32: [msacm.trspch] => C:\WINDOWS\system32\tssoft32.acm [8192 2004-08-04] (Microsoft Windows Component Publisher -> DSP GROUP, INC.) HKLM\...\Drivers32: [VIDC.I420] => C:\WINDOWS\system32\msh263.drv [294912 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [vidc.iv31] => C:\WINDOWS\system32\ir32_32.dll [199168 2004-08-04] (Microsoft Windows Component Publisher -> ) HKLM\...\Drivers32: [vidc.iv32] => C:\WINDOWS\system32\ir32_32.dll [199168 2004-08-04] (Microsoft Windows Component Publisher -> ) HKLM\...\Drivers32: [vidc.iv41] => C:\WINDOWS\system32\ir41_32.ax [848384 2008-04-14] (Microsoft Windows Component Publisher -> Intel Corporation) HKLM\...\Drivers32: [msacm.msg723] => C:\WINDOWS\system32\msg723.acm [118784 2004-08-04] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [vidc.M263] => C:\WINDOWS\system32\msh263.drv [294912 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [vidc.M261] => C:\WINDOWS\system32\msh261.drv [188416 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [msacm.msaudio1] => C:\WINDOWS\system32\msaud32.acm [294912 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [msacm.sl_anet] => C:\WINDOWS\system32\sl_anet.acm [86016 2008-04-14] (Microsoft Windows Component Publisher -> Sipro Lab Telecom Inc.) HKLM\...\Drivers32: [msacm.iac2] => C:\WINDOWS\system32\iac25_32.ax [199680 2008-04-14] (Microsoft Windows Component Publisher -> Intel Corporation) HKLM\...\Drivers32: [vidc.iv50] => C:\WINDOWS\system32\ir50_32.dll [755200 2008-04-14] (Microsoft Windows Component Publisher -> Intel Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\inf\unregmp2.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\WINDOWS\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> C:\WINDOWS\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> C:\WINDOWS\system32\advpack.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{4b218e3e-bc98-4770-93d3-2731b9329278}] -> C:\WINDOWS\inf\ie.inf [2008-04-13] (Microsoft Windows Component Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> C:\WINDOWS\system32\advpack.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\system32\advpack.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2016-04-26] (Google Inc -> Google Inc.) HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> appmgmts.dll Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk [2015-11-26] ShortcutTarget: BlueSoleil.lnk -> C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-11-26] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{D6F5BA87-5032-4863-9FD4-CCA716B29CC2}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{F3B4AED3-5C78-48E0-93F6-0169C1B74F86}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-329068152-527237240-682003330-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-329068152-527237240-682003330-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-329068152-527237240-682003330-1004\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-329068152-527237240-682003330-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= URLSearchHook: HKU\S-1-5-21-329068152-527237240-682003330-1004 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Windows Component Publisher -> Microsoft Corporation) URLSearchHook: HKU\S-1-5-21-329068152-527237240-682003330-1004 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc. -> Yahoo! Inc.) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <==== ATTENTION SearchScopes: HKLM -> DefaultScope value is missing BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-05-30] (Yahoo! Inc. -> Yahoo! Inc.) BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06] (Hewlett-Packard Company -> Hewlett-Packard Co.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2019-02-02] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2019-02-02] (Oracle America, Inc. -> Oracle Corporation) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06] (Hewlett-Packard Company -> Hewlett-Packard Co.) Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-05-30] (Yahoo! Inc. -> Yahoo! Inc.) Toolbar: HKU\S-1-5-21-329068152-527237240-682003330-1004 -> Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-05-30] (Yahoo! Inc. -> Yahoo! Inc.) FireFox: ======== FF ProfilePath: C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\Qr5qAL39.default [2015-11-28] FF Extension: (Avira Browser Safety) - C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\Qr5qAL39.default\Extensions\abs@avira.com [2015-11-28] [Legacy] [not signed] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-11-26] [Legacy] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-02-02] () [File not signed] FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2019-02-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2019-02-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-30] (Google Inc -> Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-30] (Google Inc -> Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.pl/","hxxp://www.google.com","hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxxp://start.qone8.com/?type=hp&ts=1397309854&from=tt4u&uid=WDCXWD2500BEVS-22UST0_WD-WXH80881766217662" CHR Profile: C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default [2019-03-03] CHR Extension: (Prezentacje) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-03] CHR Extension: (Dokumenty) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-03] CHR Extension: (Dysk Google) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-27] CHR Extension: (Turn Off the Lights) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2019-03-03] CHR Extension: (YouTube) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-16] CHR Extension: (Facebook) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2016-01-16] CHR Extension: (Pushbullet) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2019-03-03] CHR Extension: (Spotify - Music for every moment) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2018-08-03] CHR Extension: (Flag for Chrome) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn [2016-01-16] CHR Extension: (WhatsApp Web) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ebknffcmkcmppaghilbjdaklhojicidi [2016-01-16] CHR Extension: (Gmail offline) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2016-01-16] CHR Extension: (Muzyka Google Play) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2019-01-30] CHR Extension: (Arkusze) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-03] CHR Extension: (Word Online) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2016-01-16] CHR Extension: (Full Screen Weather) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-01-16] CHR Extension: (Avira Browser Safety) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-01-30] CHR Extension: (Interia.pl) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gafaimgjobchbajmimikjllgmaiapnia [2016-01-16] CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-01] CHR Extension: (Magisto - Magical Video Editor) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk [2016-01-29] CHR Extension: (Vanilla Cookie Manager) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gieohaicffldbmiilohhggbidhephnjj [2016-01-16] CHR Extension: (AdBlock) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-03-03] CHR Extension: (History Eraser) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2019-01-30] CHR Extension: (Google Kalendarz) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2018-09-16] CHR Extension: (Avast Online Security) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-03] CHR Extension: (Proxmate) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2018-09-16] CHR Extension: (Asystent Allegro) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igiiancficcdgdkokjpecbpkbgkeckbj [2016-01-16] CHR Extension: (Excel Online) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2016-01-16] CHR Extension: (Dropbox) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2018-09-16] CHR Extension: (PDF Viewer) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jccchjobcggajhnmckffhcahkkbioifn [2016-01-16] CHR Extension: (ProxyMate) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lebpnjmmkockepeffbadcnechelmhekc [2016-01-16] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-16] CHR Extension: (Mapy Google) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-01-16] CHR Extension: (Chrono menadżer pobierania) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2018-08-03] CHR Extension: (PowerPoint Online) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2016-01-16] CHR Extension: (Flashcontrol) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe [2016-07-08] CHR Extension: (Sprawdzanie poczty Google) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-01-16] CHR Extension: (OneDrive) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2016-01-16] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-16] CHR Extension: (Przeglądarka dokumentów PDF/PowerPoint (od Google)) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2016-01-16] CHR Extension: (ScriptSafe) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2018-08-03] CHR Extension: (Picasa) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2016-01-16] CHR Extension: (Click&Clean App) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2019-03-03] CHR Extension: (World Clocks 2) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjgoijhajhaahklokegbfnohialajpej [2016-01-16] CHR Extension: (Gmail) - C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-16] CHR Profile: C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\System Profile [2016-01-16] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-329068152-527237240-682003330-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (SurfEasy VPN - Security, Privacy, Unblock) - C:\Documents and Settings\johny\Application Data\Opera Software\Opera Stable\Extensions\ebpielhlnnpkiddeeacoephkilopgblc [2019-01-30] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-02-02] (Adobe Systems Incorporated) [File not signed] R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753 2006-04-14] (Intel Corporation) [File not signed] R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed] R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed] R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed] R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [143426 2006-02-08] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164 2006-04-14] (Intel Corporation) [File not signed] R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2006-04-14] (Intel Corporation ) [File not signed] S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [File not signed] S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{A9C50EDC-D07B-42F2-A0A6-F958AAE08FF7} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2015-11-26] (Meetinghouse Data Communications) [File not signed] R3 AgereSoftModem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [1124097 2005-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167480 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188976 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [165384 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284256 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57904 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [183176 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42736 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [40688 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [135200 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70640 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [72800 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784560 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [397992 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [146584 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310200 2019-01-30] (AVAST Software s.r.o. -> AVAST Software) R3 ATSWPDRV; C:\WINDOWS\System32\Drivers\ATSwpDrv.sys [116594 2005-03-29] (Microsoft Windows Hardware Compatibility Publisher -> AuthenTec, Inc.) R3 BlueletAudio; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [34704 2007-05-11] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R3 BlueletSCOAudio; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [27792 2007-03-05] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R3 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [18320 2007-03-05] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [36496 2007-05-09] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R0 BTHidEnum; C:\WINDOWS\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R0 BTHidMgr; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S0 cercsr6; C:\Windows\System32\Drivers\cercsr6.sys [39904 2005-03-22] (Adaptec, Inc.) [File not signed] R3 EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [61056 2006-03-23] (Microsoft Windows Hardware Compatibility Publisher -> ENE Technology Inc.) R3 ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [37888 2006-03-23] (Microsoft Windows Hardware Compatibility Publisher -> ENE Technology Inc.) S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-10-30] (Microsoft Windows Hardware Compatibility Publisher -> HP) S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-10-30] (Microsoft Windows Hardware Compatibility Publisher -> HP) S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-10-30] (Microsoft Windows Hardware Compatibility Publisher -> HP) R3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [36352 2005-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Infineon Technologies AG) R3 IntcAzAudAddService; C:\WINDOWS\System32\drivers\RtkHDAud.sys [4262912 2006-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) R3 Ktp; C:\WINDOWS\System32\DRIVERS\Ktp.sys [27904 2006-03-17] (Microsoft Windows Hardware Compatibility Publisher -> ELANTECH Devices Corp.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [3640608 2006-02-08] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) R3 RTLE8023xp; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [83584 2006-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation ) R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2006-04-14] (Intel Corporation) [File not signed] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Microsoft Windows Component Publisher -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) S3 SNP2STD; C:\WINDOWS\System32\DRIVERS\snp2sxp.sys [10304384 2006-05-23] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [34448 2007-03-05] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [44304 2007-03-05] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1429632 2006-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel® Corporation) S4 IntelIde; no ImagePath U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-03 13:06 - 2019-03-03 13:09 - 000000000 ____D C:\FRST 2019-03-03 12:53 - 2019-03-03 12:53 - 000106496 _____ C:\WINDOWS\Minidump\Mini030319-01.dmp 2019-02-10 16:29 - 2019-02-10 16:29 - 000106496 _____ C:\WINDOWS\Minidump\Mini021019-01.dmp 2019-02-10 16:23 - 2019-02-10 16:23 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\TEMP 2019-02-10 16:10 - 2019-03-03 12:54 - 000000000 ____D C:\Program Files\Trojan Remover 2019-02-05 23:04 - 2019-02-05 23:04 - 000000000 _____ C:\WINDOWS\system32\last.dump 2019-02-05 23:01 - 2019-02-05 23:03 - 000000000 ____D C:\WINDOWS\pss 2019-02-03 12:54 - 2019-02-03 12:54 - 000008192 __RSH C:\BOOTSECT.BAK 2019-02-03 12:54 - 2017-03-28 09:46 - 000397506 __RSH C:\bootmgr 2019-02-03 12:54 - 2015-11-26 19:26 - 000000211 ____H C:\Boot.BAK 2019-02-03 12:54 - 2015-07-10 09:25 - 000000001 ___SH C:\BOOTNXT 2019-02-03 12:00 - 2019-02-03 12:00 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\createonepart 2019-02-03 11:59 - 2019-02-03 11:59 - 000002102 _____ C:\Documents and Settings\All Users\Desktop\Paragon Partition Manager™ 2014 Free.lnk 2019-02-03 11:59 - 2019-02-03 11:59 - 000000000 ____D C:\Program Files\Paragon Software 2019-02-03 11:59 - 2019-02-03 11:59 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Paragon Partition Manager™ 2014 Free 2019-02-03 11:59 - 2019-02-03 11:59 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\redistpart 2019-02-03 11:59 - 2019-02-03 11:59 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\launcher 2019-02-03 11:59 - 2019-02-03 11:59 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\explauncher 2019-02-03 09:06 - 2019-02-03 09:06 - 000000000 ____D C:\Documents and Settings\johny\Application Data\ImgBurn 2019-02-03 08:55 - 2019-02-03 08:55 - 000001528 _____ C:\Documents and Settings\johny\Desktop\ImgBurn.lnk 2019-02-03 08:55 - 2019-02-03 08:55 - 000000000 ____D C:\Program Files\ImgBurn 2019-02-03 08:55 - 2019-02-03 08:55 - 000000000 ____D C:\Documents and Settings\johny\Start Menu\Programs\ImgBurn 2019-02-03 08:54 - 2019-02-03 08:54 - 000001880 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk 2019-02-03 08:54 - 2019-02-03 08:54 - 000000000 ___RD C:\Program Files\Skype 2019-02-03 08:54 - 2019-02-03 08:54 - 000000000 ____D C:\Program Files\Common Files\Skype 2019-02-03 08:54 - 2019-02-03 08:54 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Skype 2019-02-02 20:37 - 2019-02-02 20:37 - 000000000 ____D C:\Program Files\Common Files\Java 2019-02-02 20:37 - 2019-02-02 20:37 - 000000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\Sun 2019-02-02 20:29 - 2019-02-10 15:45 - 000000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2019-02-02 20:29 - 2019-02-02 21:02 - 000000880 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job 2019-02-02 20:17 - 2019-02-02 20:17 - 000000043 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG 2019-02-02 20:17 - 2019-02-02 20:17 - 000000000 ___HD C:\$AV_ASW ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-03 13:11 - 2015-11-26 19:36 - 000000000 ____D C:\Documents and Settings\johny\Local Settings\Temp 2019-03-03 13:02 - 2019-01-30 22:05 - 000000356 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job 2019-03-03 12:59 - 2015-11-28 15:27 - 000000000 ____D C:\Documents and Settings\johny\Application Data\GG 2019-03-03 12:59 - 2015-11-26 22:45 - 000000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2019-03-03 12:59 - 2015-11-26 20:25 - 000000424 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1448565944.job 2019-03-03 12:59 - 2015-11-26 19:41 - 000045378 _____ C:\WINDOWS\system32\nvapps.xml 2019-03-03 12:59 - 2015-11-26 19:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-03-03 12:56 - 2015-11-26 19:36 - 000000178 ___SH C:\Documents and Settings\johny\ntuser.ini 2019-03-03 12:56 - 2015-11-26 19:36 - 000000000 ____D C:\Documents and Settings\johny 2019-03-03 12:56 - 2015-11-26 19:35 - 000032626 _____ C:\WINDOWS\SchedLgU.Txt 2019-03-03 12:53 - 2015-11-26 19:35 - 000000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp 2019-03-03 12:53 - 2004-08-04 13:00 - 000012984 _____ C:\WINDOWS\system32\wpa.dbl 2019-02-10 16:29 - 2016-08-15 20:34 - 000000000 ____D C:\WINDOWS\Minidump 2019-02-10 16:17 - 2019-01-30 18:17 - 000000634 _____ C:\WINDOWS\Tasks\Chromium docad.job 2019-02-10 16:17 - 2019-01-30 18:17 - 000000000 ____D C:\Documents and Settings\johny\Application Data\Nofeton 2019-02-10 15:49 - 2015-11-26 22:45 - 000000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2019-02-05 23:07 - 2015-11-26 20:21 - 000000355 __RSH C:\boot.ini 2019-02-05 23:07 - 2004-08-04 13:00 - 000000512 _____ C:\WINDOWS\win.ini 2019-02-05 23:07 - 2004-08-04 13:00 - 000000227 _____ C:\WINDOWS\system.ini 2019-02-05 22:28 - 2015-11-26 20:25 - 000000000 ____D C:\Program Files\Opera 2019-02-03 11:01 - 2018-09-16 11:01 - 000000374 _____ C:\WINDOWS\Tasks\At7.job 2019-02-03 10:15 - 2018-09-16 11:01 - 000000374 _____ C:\WINDOWS\Tasks\At5.job 2019-02-03 09:26 - 2015-11-28 10:40 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache 2019-02-03 08:54 - 2015-11-27 15:15 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Skype 2019-02-02 20:47 - 2015-11-26 20:14 - 000281192 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2019-02-02 20:45 - 2018-09-16 11:01 - 000000374 _____ C:\WINDOWS\Tasks\At6.job 2019-02-02 20:37 - 2016-01-16 18:08 - 000095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2019-02-02 20:37 - 2016-01-16 18:08 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java 2019-02-02 20:36 - 2016-01-16 18:09 - 000160256 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2019-02-02 20:36 - 2016-01-16 18:07 - 000000000 ____D C:\Program Files\Java 2019-02-02 20:29 - 2015-11-28 19:34 - 000842240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2019-02-02 20:29 - 2015-11-28 19:34 - 000175104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2019-02-02 20:28 - 2015-11-26 19:30 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-02-02 20:22 - 2015-11-26 20:20 - 000000374 _____ C:\WINDOWS\Tasks\At3.job 2019-02-02 20:17 - 2019-01-30 18:17 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\{326DF70E-B82F-7DC8-3EE9-E38AA4AB6844} ==================== Files in the root of some directories ======= 2015-11-26 19:53 - 2018-03-04 21:55 - 000000795 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log Some files in TEMP: ==================== 2015-11-28 11:10 - 2015-11-28 11:10 - 000000000 ____D () C:\Documents and Settings\johny\Local Settings\Temp\avgnt.exe 2016-05-29 18:40 - 2015-11-06 10:17 - 000986136 _____ () C:\Documents and Settings\johny\Local Settings\Temp\ggdrive-menu.exe 2016-05-29 18:40 - 2015-11-06 10:17 - 001228520 _____ () C:\Documents and Settings\johny\Local Settings\Temp\ggdrive-overlay.exe 2016-05-29 18:40 - 2014-02-05 16:07 - 000056856 _____ () C:\Documents and Settings\johny\Local Settings\Temp\installstats.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\dllhost.exe => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================