Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-01-2014 Ran by Admin (administrator) on TADEK on 06-01-2014 21:58:59 Running from G:\logi Microsoft Windows XP Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 6 Boot Mode: Normal ATTENTION: If processes are not listed WMI should be repaired. ==================== Processes (Whitelisted) =================== ==================== Registry (Whitelisted) ================== HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [858632 2007-10-17] (Dritek System Inc.) HKLM\...\Run: [Synchronization Manager] - C:\WINDOWS\system32\mobsync.exe [143872 2008-04-14] (Microsoft Corporation) HKLM\...\Run: [HPDJ Taskbar Utility] - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe [188416 2002-11-04] (HP) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated) HKLM\...\Run: [FileOpenBroker] - C:\Program Files\FileOpen\Services\FileOpenBroker32.exe [726912 2011-12-09] (FileOpen Systems Inc.) HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.exe [16132608 2007-05-28] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] - C:\WINDOWS\Alcmtr.exe [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [AzMixerSel] - C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-06-11] (Realtek Semiconductor Corp.) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761945 2005-12-16] (Synaptics, Inc.) HKLM\...\Run: [IntelZeroConfig] - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe [819200 2007-04-16] (Intel Corporation) HKLM\...\Run: [IntelWireless] - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe [970752 2007-04-16] (Intel Corporation) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [AvastUI.exe] - D:\Programy\Avast\avastui.exe [3567800 2013-10-31] (AVAST Software) HKLM\...\Run: [20131121] - D:\Programy\Avast\Setup\emupdate\71f2b6a2-5a32-4ed5-8226-f4ab1c195952.exe [180184 2013-11-23] (AVAST Software) HKLM\...\Run: [BroadcomWireless] - C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe HKCU\...\Run: [Akamai NetSession Interface] - C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKCU\...\Run: [uTorrent] - D:\Programy\uTorrent\uTorrent.exe [328056 2010-10-04] (BitTorrent, Inc.) HKCU\...\Policies\system: [DisableLockWorkstation] 0 HKCU\...\Policies\system: [DisableChangePassword] 0 HKCU\...\Policies\Explorer: [NoLogoff] 0 MountPoints2: {0f6bdf46-aca6-11e2-8208-0017c4161d42} - F:\Install_Nokia_Ovi_Suite.exe MountPoints2: {669a5f7b-2083-11e0-bfe9-0017c4161d42} - rfg.exe MountPoints2: {699af72c-b02b-11df-bf56-0017c4161d42} - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sic32.exe MountPoints2: {8afd6ded-22ce-11e3-825d-0017c4161d42} - F:\AutoRun.exe MountPoints2: {8f6334c9-ce01-11e2-8217-0017c4161d42} - F:\InstallTomTomHOME.exe MountPoints2: {94d2812f-21a0-11e2-818f-0017c4161d42} - Toshiba\Launcher\start.exe MountPoints2: {a24b532b-b013-11de-be83-0017c4161d42} - H:\hx.exe MountPoints2: {aedb806c-c363-11e1-8146-0017c4161d42} - F:\AutoRun.exe MountPoints2: {b1ac222c-b97c-11de-be9f-0017c4161d42} - I:\USBNB.exe MountPoints2: {b2a91c1a-af33-11e2-8209-0017c4161d42} - J:\Install_Nokia_Ovi_Suite.exe MountPoints2: {f7e5a69c-4063-11de-bda2-0017c4161d42} - H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe HKU\Admin\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation) HKU\Admin\...\Run: [BitTorrent DNA] - C:\Program Files\DNA\btdna.exe [ 2008-05-08] (BitTorrent, Inc.) HKU\Admin\...\Run: [ScreenShot2File] - D:\Programy\ScreenShot2File\ScreenShot2File.exe HKU\Gość\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe HKU\Gość\...\Run: [Gadu-Gadu] - D:\Programy\Gadu-Gadu\gg.exe [ 2007-11-14] (Gadu-Gadu S.A.) HKU\Gość\...\Run: [Internet Security Manager] - C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sic32.exe AppInit_DLLs: cijzfd.dll [ ] () Lsa: [Authentication Packages] msv1_0 nwprovau Startup: C:\Documents and Settings\Admin\Menu Start\Programy\Autostart\OpenOfficeT7 2.3.1.lnk ShortcutTarget: OpenOfficeT7 2.3.1.lnk -> C:\Program Files\OpenOfficeT7 2.3.1\program\quickstart.exe (No File) Startup: C:\Documents and Settings\Admin.TADEK\Menu Start\Programy\Autostart\runctf.lnk ShortcutTarget: runctf.lnk -> C:\DOCUME~1\ADMIN~1.TAD\wgsdgsdgdsgsd.dll (No File) Startup: C:\Documents and Settings\Admin.TADEK\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Documents and Settings\Admin.TADEK\Menu Start\Programy\Autostart\YoWindow.lnk ShortcutTarget: YoWindow.lnk -> D:\Programy\Pogoda na pulpicie\YoWindow\yowindow.exe (Repkasoft) Startup: C:\Documents and Settings\Gość\Menu Start\Programy\Autostart\OpenOffice.org 3.0.lnk ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe (No File) Startup: C:\Documents and Settings\Gość\Menu Start\Programy\Autostart\OpenOfficeT7 2.3.1.lnk ShortcutTarget: OpenOfficeT7 2.3.1.lnk -> C:\Program Files\OpenOfficeT7 2.3.1\program\quickstart.exe (No File) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=2&cf=f0e20b34-1abd-11e1-80cb-0017c4161d42 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tpi.pl HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=2&cf=f0e20b34-1abd-11e1-80cb-0017c4161d42 URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) SearchScopes: HKLM - {2A5D1C44-CD3F-4514-A15B-B0BF238447B2} URL = http://www.easypowersearch.com/Results.aspx?cx=partner-pub-8885210189291163:1mftqmofsk1&UDSideSiteVacuumID=f64a0d68-d9f6-493b-8936-c8f97de55958&WSHostingSiteURL=vlnet3.com&WSLang=EN&SelectedSearchLang=PL&cof=FORID%3A10&sa=Search&SV_SRC=IE7SearchBox&oe=utf-8&ie=utf-8&q={searchTerms} SearchScopes: HKLM - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://startsear.ch/?aff=2&src=sp&cf=f0e20b34-1abd-11e1-80cb-0017c4161d42&q={searchTerms} SearchScopes: HKCU - DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=CA0D6259-85D9-47E1-9783-0A35C8D9664A&apn_sauid=846069BF-819F-4E13-A4CA-44D5EE8BF312 SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=CA0D6259-85D9-47E1-9783-0A35C8D9664A&apn_sauid=846069BF-819F-4E13-A4CA-44D5EE8BF312 SearchScopes: HKCU - {2A5D1C44-CD3F-4514-A15B-B0BF238447B2} URL = http://www.easypowersearch.com/Results.aspx?cx=partner-pub-8885210189291163:1mftqmofsk1&UDSideSiteVacuumID=f64a0d68-d9f6-493b-8936-c8f97de55958&WSHostingSiteURL=vlnet3.com&WSLang=EN&SelectedSearchLang=PL&cof=FORID%3A10&sa=Search&SV_SRC=IE7SearchBox&oe=utf-8&ie=utf-8&q={searchTerms} SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://startsear.ch/?aff=2&src=sp&cf=f0e20b34-1abd-11e1-80cb-0017c4161d42&q={searchTerms} SearchScopes: HKCU - {D547C666-CEC4-46A3-9930-877E51AF71F4} URL = http://www.daemon-search.com/search/web?q={searchTerms} SearchScopes: HKCU - {F2F61099-DFD0-4ad0-AB3B-EEC574E9D21F} URL = http://search.duhiki.com/results.html?cx=002339168288027202941%3Ah6qetdju5sc&cof=FORID%3A10&q={searchTerms}&sa=Search BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: Alcohol Toolbar Helper - {0ACF00E0-C1E4-4F6B-B290-10AC7505C47A} - C:\Program Files\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll () BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) Toolbar: HKLM - Alcohol Toolbar - {DC59A0D4-0ED6-4A73-B356-1B977F2A7725} - C:\Program Files\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll () Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) Toolbar: HKCU - Alcohol Toolbar - {DC59A0D4-0ED6-4A73-B356-1B977F2A7725} - C:\Program Files\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll () Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default FF user.js: detected! => C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\user.js FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.11.2852 - D:\Programy\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nppl3260;version=6.0.12.46 - D:\Programy\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 - D:\Programy\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.46 - D:\Programy\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 - D:\Programy\Veetle\plugins\npVeetle.dll (Veetle Inc) FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - D:\Programy\Veetle\Player\npvlc.dll (Veetle Inc) FF SearchPlugin: C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\searchplugins\askcom.xml FF SearchPlugin: C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\searchplugins\babylon.xml FF SearchPlugin: C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\searchplugins\daemon-search.xml FF SearchPlugin: C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\searchplugins\delta.xml FF SearchPlugin: C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\searchplugins\startsear.xml FF SearchPlugin: C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\searchplugins\winamp-search.xml FF Extension: Ask Toolbar - C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\Extensions\toolbar@ask.com FF Extension: Winamp Toolbar - C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\Extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} FF Extension: DVDVideoSoftTB - C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} FF Extension: DownloadHelper - C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: OggX (powered by TIME S.A.) - C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\Extensions\{eaf8a4ef-d221-45ca-9deb-d0934b45fa34} FF Extension: Firebug - C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\Extensions\firebug@software.joehewitt.com.xpi FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi FF Extension: Adblock Plus - C:\Documents and Settings\Admin.TADEK\Dane aplikacji\Mozilla\Firefox\Profiles\mykgs7si.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM\...\Firefox\Extensions: [ShopperReports@ShopperReports.com] - C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions FF Extension: ShopperReports - C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions FF HKLM\...\Firefox\Extensions: [ClickPotatoLite@ClickPotatoLite.com] - C:\Program Files\ClickPotatoLite\bin\10.0.666.0\firefox\extensions FF Extension: ClickPotatoLite Component - C:\Program Files\ClickPotatoLite\bin\10.0.666.0\firefox\extensions FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - D:\Programy\Avast\WebRep\FF FF Extension: avast! Online Security - D:\Programy\Avast\WebRep\FF FF HKLM\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ FF StartMenuInternet: FIREFOX.EXE - D:\Programy\Firefox\firefox.exe ========================== Services (Whitelisted) ================= R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.) R2 avast! Antivirus; D:\Programy\Avast\AvastSvc.exe [50344 2013-10-30] (AVAST Software) S2 avast! Firewall; D:\Programy\Avast\afwServ.exe [179088 2013-10-30] (AVAST Software) R2 Crypkey License; C:\Windows\System32\CRYPSERV.EXE [52224 2000-06-28] (Kenonic Controls Ltd.) S3 Futuremark SystemInfo Service; C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [128928 2010-11-11] (Futuremark Corporation) R2 NWCWorkstation; C:\Windows\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation) R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [167936 2005-08-08] () R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-04-16] (Intel Corporation ) R2 Skype C2C Service; C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) R2 TomTomHOMEService; D:\Programy\TomTom\TomTomHOMEService.exe [93072 2013-03-22] (TomTom) R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [294912 2007-04-16] (Intel(R) Corporation) R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" ==================== Drivers (Whitelisted) ==================== R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21393 2013-11-24] (Cisco Systems, Inc.) S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus.sys [14336 2012-03-02] (LG Electronics Inc.) S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag.sys [20736 2012-03-02] (LG Electronics Inc.) S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps.sys [20096 2012-03-02] (LG Electronics Inc.) S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem.sys [25088 2012-03-02] (LG Electronics Inc.) R3 AR5211; C:\Windows\System32\DRIVERS\ar5211.sys [546976 2007-05-02] (Atheros Communications, Inc.) S3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [2121248 2012-10-24] (Atheros Communications, Inc.) R2 aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [35656 2013-10-30] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2013-10-30] (AVAST Software) R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-09-25] (ALWIL Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2013-10-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-10-30] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [774392 2013-10-30] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [403440 2013-11-08] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2013-10-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178304 2013-10-30] () S3 Axtmvflt; C:\Windows\System32\DRIVERS\Axtmvflt.sys [3456 2009-02-25] (Axesstel) S3 Axtmvmdm; C:\Windows\System32\DRIVERS\Axtmvmdm.sys [40064 2009-02-25] (Axesstel) S3 Axtmvprt; C:\Windows\System32\Drivers\Axtmvprt.sys [38784 2009-02-25] (Axesstel) S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation) S3 dtscsi; C:\Windows\System32\Drivers\dtscsi.sys [223128 2008-05-23] (DT Soft Ltd.) R0 hotcore2; C:\Windows\System32\drivers\hotcore2.sys [30808 2006-11-14] (Paragon Software Group) R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-22] (Conexant Systems, Inc.) R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-22] (Conexant Systems, Inc.) S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [85248 2011-07-04] (Huawei Technologies Co., Ltd.) R1 hwinterface; C:\Windows\System32\Drivers\hwinterface.sys [3026 2009-10-09] (Logix4u) S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI) S3 k750mdfl; C:\Windows\System32\DRIVERS\k750mdfl.sys [6576 2005-02-11] (MCCI) S3 k750mdm; C:\Windows\System32\DRIVERS\k750mdm.sys [89872 2005-02-11] (MCCI) S3 k750mgmt; C:\Windows\System32\DRIVERS\k750mgmt.sys [81728 2005-02-11] (MCCI) S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2005-02-11] (MCCI) R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.) R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.) R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.) S3 MSIRCOMM; C:\Windows\System32\DRIVERS\MSIRCOMM.sys [22016 2008-04-14] (Microsoft Corporation) S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10112 2004-07-09] (Microsoft Corporation) R1 NetworkX; C:\Windows\system32\ckldrv.sys [24608 2000-02-03] () R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation) R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2001-08-17] (Microsoft Corporation) R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2001-08-17] (Microsoft Corporation) R3 NWRDR; C:\Windows\System32\DRIVERS\nwrdr.sys [163584 2008-04-14] (Microsoft Corporation) S3 Pei10Wdm; C:\Windows\System32\Drivers\Pei10Wdm.sys [35547 2002-08-15] (EIBA s.c.) S3 Pei16Wdm; C:\Windows\System32\Drivers\Pei16Wdm.sys [34683 2002-09-19] (EIBA s.c.) R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) R2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [12416 2007-03-29] (Intel Corporation) R2 Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [76288 2003-06-03] (Rainbow Technologies, Inc.) R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) S3 Sntnlusb; C:\Windows\System32\DRIVERS\SNTNLUSB.SYS [26120 2003-06-03] (Rainbow Technologies Inc.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-05-21] () R1 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5632 2006-07-24] () S3 UIUSys; C:\Windows\System32\DRIVERS\UIUSYS.SYS [6909 2006-06-09] (Conexant Systems, Inc) S3 vaxscsi; C:\Windows\System32\Drivers\vaxscsi.sys [223128 2008-05-23] (Alcohol Soft Co., Ltd.) R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [191424 2008-02-19] (Jungo) S3 WINIO; C:\WINDOWS\system32\winio.sys [41324 2001-11-13] () U3 a4lg2b89; C:\Windows\System32\Drivers\a4lg2b89.sys [0 ] (Microsoft Corporation) S1 aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys [x] S0 aswNdis2; No ImagePath S3 btaudio; system32\drivers\btaudio.sys [x] S3 BTDriver; system32\DRIVERS\btport.sys [x] S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [x] S3 btwhid; system32\DRIVERS\btwhid.sys [x] S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 CrystalSysInfo; \??\D:\Programy\MediaCoder Audio Edition\SysInfo.sys [x] U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [117504 2011-07-04] (Huawei Technologies Co., Ltd.) S4 IntelIde; No ImagePath U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-06 17:36 - 2014-01-06 17:36 - 00000000 ____D C:\FRST 2014-01-06 14:40 - 2014-01-06 14:40 - 00000935 _____ C:\Documents and Settings\Admin.TADEK\Pulpit\Continue VuuPC Installation.lnk ==================== One Month Modified Files and Folders ======= 2014-01-06 21:47 - 2013-10-17 21:58 - 00048647 _____ C:\WINDOWS\WindowsUpdate.log 2014-01-06 21:38 - 2008-05-12 20:09 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy 2014-01-06 18:22 - 2012-04-14 09:52 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-01-06 17:36 - 2014-01-06 17:36 - 00000000 ____D C:\FRST 2014-01-06 14:40 - 2014-01-06 14:40 - 00000935 _____ C:\Documents and Settings\Admin.TADEK\Pulpit\Continue VuuPC Installation.lnk 2014-01-06 14:40 - 2008-05-26 17:30 - 00000000 ____D C:\Documents and Settings\Admin.TADEK\Pulpit 2014-01-06 14:33 - 2012-07-05 17:11 - 00000324 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-01-06 14:29 - 2009-04-15 14:56 - 00000000 ____D C:\Documents and Settings\Admin.TADEK\Dane aplikacji\uTorrent 2014-01-06 14:13 - 2011-03-05 17:01 - 00000000 ____D C:\Program Files\Common Files\Akamai 2014-01-06 14:13 - 2008-05-23 18:16 - 00000159 _____ C:\WINDOWS\wiadebug.log 2014-01-06 14:13 - 2008-05-23 18:16 - 00000050 _____ C:\WINDOWS\wiaservc.log 2014-01-06 14:12 - 2008-05-12 19:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2014-01-06 14:10 - 2009-04-12 22:55 - 00032628 _____ C:\WINDOWS\SchedLgU.Txt 2014-01-06 14:10 - 2008-05-26 17:30 - 00000188 ___SH C:\Documents and Settings\Admin.TADEK\ntuser.ini 2014-01-05 20:05 - 2004-08-04 12:00 - 00002356 _____ C:\WINDOWS\system32\wpa.dbl 2013-12-17 19:46 - 2013-10-31 18:18 - 00000000 ____D C:\Documents and Settings\Admin.TADEK\Moje dokumenty\Biblioteka calibre 2013-12-15 22:12 - 2009-02-08 21:34 - 00000000 ____D C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\Dane aplikacji\Paint.NET Some content of TEMP: ==================== C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\temp\AutoRun.exe C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\temp\AutoRunGUI.dll C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\temp\gg10.upgr.exe C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\temp\GLB1A2B.EXE C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\temp\ICReinstall_Setup.exe C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\temp\jre-7u25-windows-i586-iftw.exe C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\temp\jre-7u45-windows-i586-iftw.exe C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\temp\RtkBtMnt.exe C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\temp\Setup.exe C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\temp\uninst1.exe C:\Documents and Settings\Admin.TADEK\Ustawienia lokalne\temp\_is3.exe C:\Documents and Settings\Gość\Ustawienia lokalne\temp\DataCard_Setup.exe C:\Documents and Settings\Gość\Ustawienia lokalne\temp\ResetDevice.exe C:\Documents and Settings\Gość\Ustawienia lokalne\temp\RtkBtMnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2004-08-03 23:44] - [2008-04-14 22:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2004-08-03 23:44] - [2008-04-14 22:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2004-08-03 23:44] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2004-08-03 23:44] - [2008-04-14 22:51] - 0109056 ____A (Microsoft Corporation) 3e3ae424e27c4cefe4cab368c7b570ea C:\Windows\System32\User32.dll [2004-08-03 23:44] - [2008-04-14 22:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2004-08-03 22:44] - [2008-04-14 22:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\rpcss.dll [2004-08-03 23:44] - [2008-04-14 22:50] - 0399360 ____A (Microsoft Corporation) 02396dab9dd407b06539981f477f3fec C:\Windows\System32\Drivers\volsnap.sys [2004-08-03 22:36] - [2008-04-14 21:31] - 0052864 ___AC (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================