Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014 Ran by SIWY (administrator) on SIWY-HP on 22-07-2014 18:59:15 Running from C:\Users\SIWY\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (AMD) C:\Windows\System32\atieclxx.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe (HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe (Kingsoft Corporation) C:\Program Files (x86)\kingsoft\kingsoft antivirus\kxescore.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (CrossLoop) C:\Users\SIWY\AppData\Local\CrossLoop\CrossLoopService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (OptionNV) C:\Program Files\Option\GlobeTrotter Connect\GtDetectSc.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (PostgreSQL Global Development Group) C:\Program Files (x86)\Varico\VaricoPostgres\bin\pg_ctl.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (PostgreSQL Global Development Group) C:\Program Files (x86)\Varico\VaricoPostgres\bin\postgres.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (PostgreSQL Global Development Group) C:\Program Files (x86)\Varico\VaricoPostgres\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files (x86)\Varico\VaricoPostgres\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files (x86)\Varico\VaricoPostgres\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files (x86)\Varico\VaricoPostgres\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files (x86)\Varico\VaricoPostgres\bin\postgres.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Nokia) C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PCSuite.exe (Option) C:\Program Files\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (Kingsoft Corporation) C:\Program Files (x86)\kingsoft\kingsoft antivirus\kxetray.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Kingsoft Corporation) C:\Program Files (x86)\kingsoft\kingsoft antivirus\vulfix.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe () C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Nokia) C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-17] (Synaptics Incorporated) HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-02-04] (Intel(R) Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2014-07-20] (IDT, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation) HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-15] (Hewlett-Packard Development Company L.P.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-01-25] (cyberlink) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [help] => C:\Users\SIWY\AppData\Roaming\InstallDir\help.exe HKLM-x32\...\Run: [kxesc] => c:\program files (x86)\kingsoft\kingsoft antivirus\kxetray.exe [1595056 2014-07-12] (Kingsoft Corporation) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [574008 2011-07-11] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-08] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 0 HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0 HKLM\...\Policies\Explorer: [HideSCAHealth] 0 HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0 HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0 HKU\S-1-5-21-982367207-1440490565-2568245623-1001\...\Run: [NokiaOviSuite2] => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [401728 2009-12-10] (Nokia) HKU\S-1-5-21-982367207-1440490565-2568245623-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PCSuite.exe [1079808 2008-04-16] (Nokia) HKU\S-1-5-21-982367207-1440490565-2568245623-1001\...\Run: [wfirewall] => C:\Users\SIWY\AppData\Roaming\wfirewall\alg.exe HKU\S-1-5-21-982367207-1440490565-2568245623-1001\...\Policies\Explorer: [TaskbarNoNotification] 0 HKU\S-1-5-21-982367207-1440490565-2568245623-1001\...\Policies\Explorer: [HideSCAHealth] 0 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GlobeTrotter Connect.lnk ShortcutTarget: GlobeTrotter Connect.lnk -> C:\Program Files\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe (Option) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 62.21.99.94 62.21.99.95 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: No Name - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-02-27] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR StartupUrls: "hxxp://www.google.com/" CHR Extension: (Website Logon) - C:\Users\SIWY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe [2014-01-12] CHR Extension: (Adblock Plus) - C:\Users\SIWY\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-12] CHR Extension: (Google Wallet) - C:\Users\SIWY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-12] CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11] ==================== Services (Whitelisted) ================= S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-01-25] (CyberLink) R2 CrossLoopService; C:\Users\SIWY\AppData\Local\CrossLoop\CrossLoopService.exe [569072 2012-01-06] (CrossLoop) R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] R2 GtDetectSc; C:\Program Files\Option\GlobeTrotter Connect\GtDetectSc.exe [312320 2007-12-18] (OptionNV) [File not signed] S2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed] R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2014-07-20] (Realsil Microelectronics Inc.) [File not signed] R2 kxescore; c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe [123992 2014-07-12] (Kingsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-04] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed] R2 pgsql-8.3; C:\Program Files (x86)\Varico\VaricoPostgres\bin\pg_ctl.exe [65536 2009-02-03] (PostgreSQL Global Development Group) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed] R3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [File not signed] S3 tvnserver; C:\Users\SIWY\AppData\Local\CrossLoop\tvnserver.exe [814080 2010-07-21] (GlavSoft LLC.) [File not signed] ==================== Drivers (Whitelisted) ==================== S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [274944 2011-01-24] (Intel Corporation) [File not signed] S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [124928 2008-02-18] (Option N.V.) S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [80896 2008-02-08] (Option N.V.) S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [10624 2007-03-30] (Option N.V.) S3 iBtFltCoex; C:\Windows\System32\DRIVERS\iBtFltCoex.sys [59904 2011-01-24] (Intel Corporation) [File not signed] R0 kavbootc; C:\Windows\System32\drivers\kavbootc64.sys [31848 2014-07-12] (Kingsoft Corporation) R1 KDHacker; c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [164696 2014-07-12] (Kingsoft Corporation) R2 kisknl; C:\Windows\system32\drivers\kisknl.sys [210296 2014-07-12] (Kingsoft Corporation) R4 KUsbGuard; C:\Program Files (x86)\kingsoft\kingsoft antivirus\kusbquery64.sys [18296 2014-07-12] (Kingsoft Corporation) S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-10-06] (Nokia) S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-10-06] (Nokia) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2009-10-06] (Nokia) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-22 18:56 - 2014-07-22 18:56 - 00007923 _____ () C:\Users\SIWY\Downloads\gmer.log 2014-07-22 18:35 - 2014-07-22 18:35 - 00380416 _____ () C:\Users\SIWY\Downloads\9vxcdhze.exe 2014-07-22 18:32 - 2014-07-22 18:32 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-22 18:32 - 2014-07-22 18:32 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-22 18:32 - 2014-07-22 18:32 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-22 18:32 - 2014-07-22 18:32 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-22 18:32 - 2014-07-22 18:32 - 00000000 ____D () C:\ProgramData\Oracle 2014-07-22 18:32 - 2014-07-22 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-22 18:32 - 2014-07-22 18:32 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-22 18:30 - 2014-07-22 18:30 - 00918952 _____ (Oracle Corporation) C:\Users\SIWY\Downloads\chromeinstall-7u65.exe 2014-07-22 18:25 - 2014-07-22 18:25 - 00000000 ____D () C:\Users\SIWY\AppData\Roaming\wfirewall 2014-07-22 18:24 - 2014-07-22 18:24 - 02090496 _____ (Farbar) C:\Users\SIWY\Downloads\FRST64.exe 2014-07-22 18:19 - 2014-07-22 18:19 - 00000000 _____ () C:\Users\SIWY\Downloads\Nowy dokument tekstowy.txt 2014-07-20 22:04 - 2014-07-20 22:05 - 00000000 ____D () C:\Program Files\IDT 2014-07-20 22:04 - 2014-07-20 22:04 - 01965056 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll 2014-07-20 22:04 - 2014-07-20 22:04 - 00654336 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll 2014-07-20 22:04 - 2014-07-20 22:04 - 00528384 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys 2014-07-20 22:04 - 2014-07-20 22:04 - 00431616 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll 2014-07-20 21:53 - 2011-05-20 09:53 - 00557848 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys 2014-07-20 21:49 - 2014-07-20 21:49 - 09888360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsPStorIcon.dll 2014-07-16 20:34 - 2014-07-16 20:34 - 00082756 _____ () C:\Users\SIWY\Downloads\Extras.Txt 2014-07-16 20:33 - 2014-07-16 20:33 - 00122428 _____ () C:\Users\SIWY\Downloads\OTL.Txt 2014-07-16 20:28 - 2014-07-16 20:28 - 00602112 _____ (OldTimer Tools) C:\Users\SIWY\Downloads\OTL.exe 2014-07-16 20:27 - 2014-07-16 20:27 - 00074270 _____ () C:\Users\SIWY\Downloads\Shortcut.txt 2014-07-16 20:26 - 2014-07-22 18:59 - 00019584 _____ () C:\Users\SIWY\Downloads\FRST.txt 2014-07-16 20:26 - 2014-07-16 20:27 - 00042902 _____ () C:\Users\SIWY\Downloads\Addition.txt 2014-07-16 20:25 - 2014-07-22 18:59 - 00000000 ____D () C:\FRST 2014-07-14 13:39 - 2014-07-14 13:39 - 00000000 _____ () C:\Users\SIWY\Desktop\ATT00019.txt 2014-07-14 10:01 - 2014-07-14 10:01 - 00000000 ____D () C:\Users\SIWY\Documents\Nowy folder 2014-07-12 20:18 - 2014-07-12 20:18 - 00000000 ____D () C:\Users\SIWY\AppData\Roaming\TeamViewer 2014-07-12 20:17 - 2014-07-12 20:17 - 04663800 _____ (TeamViewer) C:\Users\SIWY\Desktop\TeamViewerQS_pl.exe 2014-07-12 18:51 - 2014-07-12 18:51 - 00184408 _____ (Kaspersky Lab ZAO) C:\Users\SIWY\Downloads\rafr.exe 2014-07-12 18:40 - 2014-07-12 18:56 - 00000000 ____D () C:\UsbFix 2014-07-12 18:38 - 2014-07-12 18:38 - 04019211 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\SIWY\Downloads\UsbFix.exe 2014-07-12 18:32 - 2014-07-12 19:15 - 00000000 ____D () C:\KRECYCLE 2014-07-12 18:32 - 2014-07-12 19:04 - 00000000 ____D () C:\ProgramData\kingsoft 2014-07-12 18:32 - 2014-07-12 18:32 - 00210296 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisknl64.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00210296 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisknl.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00164696 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kdhacker64.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00125784 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kdhacker.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00082264 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00031848 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kavbootc64.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00027240 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kavbootc.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00024472 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\bc.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00019352 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksskrpr.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00018296 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kusbquery64.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00014200 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kusbquery.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00001059 _____ () C:\Users\Public\Desktop\Kingsoft Antivirus.lnk 2014-07-12 18:32 - 2014-07-12 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingsoft Antivirus 2014-07-12 18:32 - 2014-07-12 18:32 - 00000000 ____D () C:\Program Files (x86)\kingsoft 2014-07-12 18:30 - 2014-07-12 18:31 - 14300584 _____ (Kingsoft Corporation) C:\Users\SIWY\Downloads\kav_setup.exe 2014-07-12 18:18 - 2014-07-12 18:19 - 00000000 ____D () C:\AdwCleaner 2014-07-12 18:18 - 2014-07-12 18:18 - 01348263 _____ () C:\Users\SIWY\Downloads\adwcleaner_3.215.exe 2014-07-12 18:18 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-12 18:13 - 2014-07-12 18:14 - 77105064 _____ (AVG) C:\Users\SIWY\Downloads\avg_tuht_stf_all_2014_489_futuretest2.exe 2014-07-12 18:09 - 2014-07-12 18:12 - 00048127 _____ () C:\Users\SIWY\Downloads\avgremover.log 2014-07-12 18:09 - 2014-07-12 18:09 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\SIWY\Downloads\avg_remover_stf_x64_2014_4116.exe 2014-07-12 18:03 - 2014-07-12 18:03 - 26384736 _____ (Intel(R) Corporation) C:\Users\SIWY\Downloads\Wireless_16.11.0_Ds64.exe 2014-07-12 17:56 - 2014-07-12 17:56 - 35148216 _____ (Intel(R) Corporation) C:\Users\SIWY\Downloads\BT_17.0.1405.02_s64.exe 2014-06-30 19:08 - 2014-06-30 19:08 - 00000000 __SHD () C:\Users\SIWY\Phone Browser 2014-06-28 02:11 - 2014-06-28 02:11 - 00000000 ____D () C:\ProgramData\Synaptics 2014-06-24 09:04 - 2014-06-24 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7 2014-06-24 09:04 - 2011-11-22 11:56 - 00024912 _____ (Softland) C:\Windows\system32\dopdfmn7.dll 2014-06-24 09:04 - 2011-11-22 11:56 - 00021328 _____ (Softland) C:\Windows\system32\dopdfmi7.dll 2014-06-22 16:18 - 2014-07-20 16:19 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-06-22 14:18 - 2014-06-22 14:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf ==================== One Month Modified Files and Folders ======= 2014-07-22 18:59 - 2014-07-16 20:26 - 00019584 _____ () C:\Users\SIWY\Downloads\FRST.txt 2014-07-22 18:59 - 2014-07-16 20:25 - 00000000 ____D () C:\FRST 2014-07-22 18:58 - 2014-01-13 21:44 - 00000000 ____D () C:\Users\varicopostgres 2014-07-22 18:58 - 2014-01-12 00:56 - 00001040 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-22 18:58 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-22 18:58 - 2009-07-14 06:51 - 00090480 _____ () C:\Windows\setupact.log 2014-07-22 18:56 - 2014-07-22 18:56 - 00007923 _____ () C:\Users\SIWY\Downloads\gmer.log 2014-07-22 18:42 - 2011-04-19 03:57 - 00700890 _____ () C:\Windows\system32\perfh015.dat 2014-07-22 18:42 - 2011-04-19 03:57 - 00136040 _____ () C:\Windows\system32\perfc015.dat 2014-07-22 18:42 - 2009-07-14 07:13 - 01558248 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-22 18:40 - 2014-01-18 15:32 - 00000000 ____D () C:\Users\SIWY\AppData\Local\CrashDumps 2014-07-22 18:36 - 2014-01-11 17:54 - 01252561 _____ () C:\Windows\WindowsUpdate.log 2014-07-22 18:36 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-22 18:36 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-22 18:35 - 2014-07-22 18:35 - 00380416 _____ () C:\Users\SIWY\Downloads\9vxcdhze.exe 2014-07-22 18:33 - 2014-01-11 21:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2014-07-22 18:32 - 2014-07-22 18:32 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-22 18:32 - 2014-07-22 18:32 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-22 18:32 - 2014-07-22 18:32 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-22 18:32 - 2014-07-22 18:32 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-22 18:32 - 2014-07-22 18:32 - 00000000 ____D () C:\ProgramData\Oracle 2014-07-22 18:32 - 2014-07-22 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-22 18:32 - 2014-07-22 18:32 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-22 18:30 - 2014-07-22 18:30 - 00918952 _____ (Oracle Corporation) C:\Users\SIWY\Downloads\chromeinstall-7u65.exe 2014-07-22 18:28 - 2014-01-12 00:56 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-22 18:25 - 2014-07-22 18:25 - 00000000 ____D () C:\Users\SIWY\AppData\Roaming\wfirewall 2014-07-22 18:24 - 2014-07-22 18:24 - 02090496 _____ (Farbar) C:\Users\SIWY\Downloads\FRST64.exe 2014-07-22 18:19 - 2014-07-22 18:19 - 00000000 _____ () C:\Users\SIWY\Downloads\Nowy dokument tekstowy.txt 2014-07-22 18:18 - 2014-01-12 00:56 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-22 17:00 - 2014-06-04 02:55 - 00003868 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389479799 2014-07-22 17:00 - 2014-01-12 00:36 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-07-22 12:11 - 2014-01-14 02:28 - 00000072 _____ () C:\Users\Public\LMDebug.log 2014-07-22 10:36 - 2014-05-14 22:38 - 00000000 ____D () C:\Users\SIWY\Documents\D O M 2014-07-22 09:55 - 2014-01-11 21:23 - 00000000 ____D () C:\Users\SIWY\Documents\D E M I U R G 2014-07-22 01:11 - 2014-01-11 18:27 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{33C6F7EE-A423-42B7-92B4-2AA8011A7E1F} 2014-07-21 21:47 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-07-21 09:01 - 2014-01-11 21:31 - 00000000 ____D () C:\Users\SIWY\Documents\Druki GOFIN 2014-07-21 08:13 - 2014-06-09 07:55 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2014-07-21 08:08 - 2014-06-09 08:19 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForSIWY.job 2014-07-21 08:08 - 2010-11-21 05:47 - 00254788 _____ () C:\Windows\PFRO.log 2014-07-20 23:41 - 2014-01-11 17:55 - 00000000 ____D () C:\ProgramData\Intel 2014-07-20 22:41 - 2014-01-11 21:31 - 00000000 ____D () C:\Users\SIWY\Documents\Dokumenty AFi 2014-07-20 22:11 - 2014-06-09 08:19 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSIWY 2014-07-20 22:09 - 2011-04-18 18:13 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard 2014-07-20 22:09 - 2011-02-10 21:23 - 00000000 ____D () C:\SWSetup 2014-07-20 22:05 - 2014-07-20 22:04 - 00000000 ____D () C:\Program Files\IDT 2014-07-20 22:04 - 2014-07-20 22:04 - 01965056 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll 2014-07-20 22:04 - 2014-07-20 22:04 - 00654336 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll 2014-07-20 22:04 - 2014-07-20 22:04 - 00528384 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys 2014-07-20 22:04 - 2014-07-20 22:04 - 00431616 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll 2014-07-20 22:04 - 2014-01-11 17:53 - 06382080 _____ (IDT, Inc.) C:\Windows\system32\IDTNGUI.exe 2014-07-20 22:04 - 2014-01-11 17:53 - 04933120 _____ (IDT, Inc.) C:\Windows\system32\IDTNHP.dll 2014-07-20 22:04 - 2014-01-11 17:53 - 04779520 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll 2014-07-20 22:04 - 2014-01-11 17:53 - 01523712 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl 2014-07-20 22:04 - 2014-01-11 17:53 - 01128448 _____ (IDT, Inc.) C:\Windows\sttray64.exe 2014-07-20 22:04 - 2014-01-11 17:53 - 01029120 _____ (IDT, Inc.) C:\Windows\system32\IDTNX.dll 2014-07-20 22:04 - 2014-01-11 17:53 - 00442368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll 2014-07-20 22:04 - 2014-01-11 17:53 - 00224256 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll 2014-07-20 22:04 - 2014-01-11 17:53 - 00221184 _____ (IDT, Inc.) C:\Windows\system32\HPToneCtrls64.dll 2014-07-20 22:04 - 2014-01-11 17:53 - 00212480 _____ (IDT, Inc.) C:\Windows\system32\IDTNJ.exe 2014-07-20 22:04 - 2014-01-11 17:53 - 00162304 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll 2014-07-20 22:04 - 2014-01-11 17:53 - 00090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll 2014-07-20 22:04 - 2014-01-11 17:53 - 00068608 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll 2014-07-20 21:53 - 2014-01-11 17:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2014-07-20 21:53 - 2014-01-11 17:52 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-07-20 21:49 - 2014-07-20 21:49 - 09888360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsPStorIcon.dll 2014-07-20 21:49 - 2014-01-11 17:53 - 00338536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys 2014-07-20 21:49 - 2014-01-11 17:53 - 00000000 ____D () C:\Windows\SysWOW64\sda 2014-07-20 21:49 - 2014-01-11 17:53 - 00000000 ____D () C:\Program Files (x86)\Realtek 2014-07-20 17:22 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns 2014-07-20 16:19 - 2014-06-22 16:18 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-07-16 20:34 - 2014-07-16 20:34 - 00082756 _____ () C:\Users\SIWY\Downloads\Extras.Txt 2014-07-16 20:33 - 2014-07-16 20:33 - 00122428 _____ () C:\Users\SIWY\Downloads\OTL.Txt 2014-07-16 20:28 - 2014-07-16 20:28 - 00602112 _____ (OldTimer Tools) C:\Users\SIWY\Downloads\OTL.exe 2014-07-16 20:27 - 2014-07-16 20:27 - 00074270 _____ () C:\Users\SIWY\Downloads\Shortcut.txt 2014-07-16 20:27 - 2014-07-16 20:26 - 00042902 _____ () C:\Users\SIWY\Downloads\Addition.txt 2014-07-15 08:34 - 2014-01-14 01:54 - 00000000 ____D () C:\PŁATNIK 2014-07-14 13:39 - 2014-07-14 13:39 - 00000000 _____ () C:\Users\SIWY\Desktop\ATT00019.txt 2014-07-14 10:01 - 2014-07-14 10:01 - 00000000 ____D () C:\Users\SIWY\Documents\Nowy folder 2014-07-14 09:28 - 2014-01-12 00:56 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-14 09:28 - 2014-01-12 00:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-14 09:28 - 2014-01-12 00:56 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-12 20:18 - 2014-07-12 20:18 - 00000000 ____D () C:\Users\SIWY\AppData\Roaming\TeamViewer 2014-07-12 20:17 - 2014-07-12 20:17 - 04663800 _____ (TeamViewer) C:\Users\SIWY\Desktop\TeamViewerQS_pl.exe 2014-07-12 19:15 - 2014-07-12 18:32 - 00000000 ____D () C:\KRECYCLE 2014-07-12 19:04 - 2014-07-12 18:32 - 00000000 ____D () C:\ProgramData\kingsoft 2014-07-12 18:56 - 2014-07-12 18:40 - 00000000 ____D () C:\UsbFix 2014-07-12 18:51 - 2014-07-12 18:51 - 00184408 _____ (Kaspersky Lab ZAO) C:\Users\SIWY\Downloads\rafr.exe 2014-07-12 18:49 - 2014-02-04 20:40 - 00000000 ____D () C:\Users\SIWY\AppData\Roaming\Okucil 2014-07-12 18:49 - 2014-02-03 13:07 - 00000000 ____D () C:\Users\SIWY\AppData\Roaming\Awum 2014-07-12 18:38 - 2014-07-12 18:38 - 04019211 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\SIWY\Downloads\UsbFix.exe 2014-07-12 18:32 - 2014-07-12 18:32 - 00210296 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisknl64.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00210296 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisknl.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00164696 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kdhacker64.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00125784 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kdhacker.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00082264 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00031848 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kavbootc64.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00027240 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kavbootc.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00024472 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\bc.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00019352 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksskrpr.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00018296 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kusbquery64.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00014200 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kusbquery.sys 2014-07-12 18:32 - 2014-07-12 18:32 - 00001059 _____ () C:\Users\Public\Desktop\Kingsoft Antivirus.lnk 2014-07-12 18:32 - 2014-07-12 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingsoft Antivirus 2014-07-12 18:32 - 2014-07-12 18:32 - 00000000 ____D () C:\Program Files (x86)\kingsoft 2014-07-12 18:32 - 2014-01-11 18:24 - 00000000 ____D () C:\Users\SIWY 2014-07-12 18:31 - 2014-07-12 18:30 - 14300584 _____ (Kingsoft Corporation) C:\Users\SIWY\Downloads\kav_setup.exe 2014-07-12 18:22 - 2014-06-10 17:49 - 00000000 ____D () C:\Program Files (x86)\PC-Optimizer 2014-07-12 18:19 - 2014-07-12 18:18 - 00000000 ____D () C:\AdwCleaner 2014-07-12 18:18 - 2014-07-12 18:18 - 01348263 _____ () C:\Users\SIWY\Downloads\adwcleaner_3.215.exe 2014-07-12 18:15 - 2014-06-17 21:24 - 00000000 ____D () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-07-12 18:14 - 2014-07-12 18:13 - 77105064 _____ (AVG) C:\Users\SIWY\Downloads\avg_tuht_stf_all_2014_489_futuretest2.exe 2014-07-12 18:12 - 2014-07-12 18:09 - 00048127 _____ () C:\Users\SIWY\Downloads\avgremover.log 2014-07-12 18:09 - 2014-07-12 18:09 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\SIWY\Downloads\avg_remover_stf_x64_2014_4116.exe 2014-07-12 18:04 - 2014-01-11 17:54 - 00071476 _____ () C:\Windows\DPINST.LOG 2014-07-12 18:03 - 2014-07-12 18:03 - 26384736 _____ (Intel(R) Corporation) C:\Users\SIWY\Downloads\Wireless_16.11.0_Ds64.exe 2014-07-12 17:59 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-07-12 17:56 - 2014-07-12 17:56 - 35148216 _____ (Intel(R) Corporation) C:\Users\SIWY\Downloads\BT_17.0.1405.02_s64.exe 2014-07-10 09:12 - 2014-02-10 17:17 - 00000000 ____D () C:\Users\SIWY\Documents\Moje skanowanie 2014-07-10 01:40 - 2014-04-02 17:54 - 00000676 _____ () C:\Windows\SysWOW64\Video.lnk 2014-07-10 01:40 - 2014-04-02 17:54 - 00000676 _____ () C:\Windows\SysWOW64\Pictures.lnk 2014-07-10 01:40 - 2014-04-02 17:54 - 00000676 _____ () C:\Windows\SysWOW64\Passwords.lnk 2014-07-10 01:40 - 2014-04-02 17:54 - 00000676 _____ () C:\Windows\SysWOW64\New Folder.lnk 2014-07-10 01:40 - 2014-04-02 17:54 - 00000676 _____ () C:\Windows\SysWOW64\Music.lnk 2014-07-10 01:40 - 2014-04-02 17:54 - 00000676 _____ () C:\Windows\SysWOW64\Documents.lnk 2014-07-09 15:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-07 09:24 - 2014-06-09 08:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2014-07-07 09:24 - 2014-01-18 15:29 - 00000000 ____D () C:\ProgramData\HP 2014-07-07 09:24 - 2014-01-18 15:29 - 00000000 ____D () C:\Program Files (x86)\HP 2014-07-07 09:24 - 2014-01-11 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless 2014-07-07 09:24 - 2014-01-11 17:55 - 00000000 ____D () C:\Program Files\Intel 2014-07-07 09:24 - 2014-01-11 17:55 - 00000000 ____D () C:\Program Files (x86)\Cisco 2014-07-07 09:24 - 2014-01-11 17:54 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics 2014-07-07 09:24 - 2014-01-11 17:53 - 00000000 ____D () C:\Program Files\Common Files\Intel 2014-07-07 09:24 - 2011-04-18 18:32 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard 2014-07-07 09:24 - 2011-04-18 18:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-07 09:24 - 2011-04-18 18:23 - 00000000 ____D () C:\ProgramData\Hewlett-Packard 2014-07-07 09:24 - 2011-04-18 18:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-07-07 09:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-07-07 09:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2014-07-07 09:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2014-07-04 08:05 - 2014-01-11 21:21 - 00000000 ____D () C:\Users\SIWY\Documents\ARMAK 2014-07-01 11:03 - 2014-03-09 11:02 - 00000000 ____D () C:\Users\SIWY\AppData\Local\Windows Live Writer 2014-06-30 19:08 - 2014-06-30 19:08 - 00000000 __SHD () C:\Users\SIWY\Phone Browser 2014-06-28 10:38 - 2014-01-11 18:28 - 00000000 ____D () C:\Users\SIWY\AppData\Roaming\hpqLog 2014-06-28 10:37 - 2014-01-18 15:18 - 00019311 _____ () C:\ProgramData\hpzinstall.log 2014-06-28 02:11 - 2014-06-28 02:11 - 00000000 ____D () C:\ProgramData\Synaptics 2014-06-27 18:45 - 2014-03-07 13:38 - 00000000 ____D () C:\Users\SIWY\AppData\Roaming\Nokia 2014-06-26 22:47 - 2014-01-12 00:56 - 00004040 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-26 22:47 - 2014-01-12 00:56 - 00003788 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-24 09:04 - 2014-06-24 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7 2014-06-24 09:04 - 2014-01-14 03:14 - 00000000 ____D () C:\Program Files\Softland 2014-06-22 14:18 - 2014-06-22 14:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf 2014-06-22 14:18 - 2014-03-07 13:38 - 00000000 ____D () C:\ProgramData\PC Suite Some content of TEMP: ==================== C:\Users\SIWY\AppData\Local\Temp\Extract.exe C:\Users\SIWY\AppData\Local\Temp\NEventMessages.dll C:\Users\SIWY\AppData\Local\Temp\SP54900.exe C:\Users\SIWY\AppData\Local\Temp\SP55094.exe C:\Users\SIWY\AppData\Local\Temp\SP55101.exe C:\Users\SIWY\AppData\Local\Temp\SP55104.exe C:\Users\SIWY\AppData\Local\Temp\SP55109.exe C:\Users\SIWY\AppData\Local\Temp\SP55150.exe C:\Users\SIWY\AppData\Local\Temp\SP55152.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-28 01:40 ==================== End Of Log ============================