Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01 Ran by monik (administrator) on MONIKA on 29-11-2014 18:01:36 Running from E:\Documents and Settings\monik\Pulpit Loaded Profile: monik (Available profiles: monik) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 2 (X86) OS Language: Polski Internet Explorer Version 6 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (337 Technology Limited.) E:\Program Files\Desk 365\deskSvc.exe (IDT, Inc.) E:\Program Files\IDT\WDM\stacsv.exe (Microsoft Corporation) E:\WINDOWS\system32\rundll32.exe (ABBYY) E:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Bandoo Media Inc.) E:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (Oracle Corporation) E:\Program Files\Java\jre7\bin\jqs.exe (Bandoo Media Inc.) E:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (Skype Technologies S.A.) E:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe (StarWind Software) E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (TorchMedia Inc.) E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Torch\Update\TorchCrashHandler.exe (Oracle Corporation) E:\Program Files\Common Files\Java\Java Update\jusched.exe (Filefacts.net) E:\Program Files\Smart File Advisor\SFAUpdater.exe (Gadwin Systems, Inc) F:\Programy\printscreen\PrintScreen.exe (SEIKO EPSON CORPORATION) E:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIHJE.EXE (Bandoo Media Inc.) E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\iLivid\iLivid.exe (Microsoft Corporation) E:\Program Files\Messenger\msmsgs.exe (Adobe Systems Incorporated) E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Oracle Corporation) E:\Program Files\Common Files\Java\Java Update\jucheck.exe (AIMP DevTeam) E:\Aimp\aimp3\AIMP3.exe (Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) E:\WINDOWS\system32\rundll32.exe (Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe (Bandoo Media Inc.) E:\Program Files\Movies Toolbar\Datamngr\DatamngrUI.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Browser companion helper] => E:\Program Files\BrowserCompanion\BCHelper.exe [187696 2011-12-16] (Blabbers Communications LTD) HKLM\...\Run: [DATAMNGR] => E:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE HKLM\...\Run: [EEventManager] => E:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-08-30] (SEIKO EPSON CORPORATION) HKLM\...\Run: [YouCam Service] => "E:\Program Files\CyberLink\YouCam\YouCamService.exe" /s HKLM\...\Run: [] => [X] HKLM\...\Run: [ApnUpdater] => E:\Program Files\Ask.com\Updater\Updater.exe [1645856 2012-12-19] (Ask) HKLM\...\Run: [CheckRun22find_uninstaller] => E:\Documents and Settings\monik\Dane aplikacji\CheckRun22find.exe [102912 2013-01-16] () HKLM\...\Run: [SunJavaUpdateSched] => E:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM\...\Run: [Smart File Advisor] => E:\Program Files\Smart File Advisor\sfa.exe [283712 2013-10-30] (Filefacts.net) HKLM\...\Run: [SFAUpdater] => E:\Program Files\Smart File Advisor\SFAUpdater.exe [655936 2013-10-28] (Filefacts.net) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKU\S-1-5-21-1645522239-602162358-725345543-1004\...\Run: [Gadwin PrintScreen] => F:\Programy\printscreen\PrintScreen.exe [487424 2011-05-03] (Gadwin Systems, Inc) HKU\S-1-5-21-1645522239-602162358-725345543-1004\...\Run: [ares] => "E:\Program Files\Ares\Ares.exe" -h HKU\S-1-5-21-1645522239-602162358-725345543-1004\...\Run: [EPSON SX130 Series] => E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.EXE [208384 2010-12-07] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1645522239-602162358-725345543-1004\...\Run: [Facebook Update] => E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [138096 2013-02-28] (Facebook Inc.) HKU\S-1-5-21-1645522239-602162358-725345543-1004\...\Run: [Desk 365] => E:\Program Files\Desk 365\desk365.exe [1011792 2013-09-04] (337 Technology Limited.) HKU\S-1-5-21-1645522239-602162358-725345543-1004\...\Run: [iLivid] => E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\iLivid\iLivid.exe [6827008 2013-09-08] (Bandoo Media Inc.) HKU\S-1-5-21-1645522239-602162358-725345543-1004\...\Run: [MSMSGS] => E:\Program Files\Messenger\msmsgs.exe [1667584 2004-08-04] (Microsoft Corporation) HKU\S-1-5-21-1645522239-602162358-725345543-1004\...\Run: [AlcoholAutomount] => E:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) HKU\S-1-5-21-1645522239-602162358-725345543-1004\...\Policies\Explorer: [NoDriveAutoRun] 0xFFFFFFFF HKU\S-1-5-21-1645522239-602162358-725345543-1004\...\MountPoints2: {5714d9a1-3bf7-11e0-8524-0c60765c06b2} - E:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL haIhaEp.ExE HKU\S-1-5-21-1645522239-602162358-725345543-1004\...\MountPoints2: {fff76dae-2ab9-11e3-8a90-0c60765c06b2} - G:\Startme.exe IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browsemngr.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browsermngr.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe IFEO\cltmngsvc.exe: [Debugger] tasklist.exe IFEO\delta babylon.exe: [Debugger] tasklist.exe IFEO\delta tb.exe: [Debugger] tasklist.exe IFEO\delta2.exe: [Debugger] tasklist.exe IFEO\deltainstaller.exe: [Debugger] tasklist.exe IFEO\deltasetup.exe: [Debugger] tasklist.exe IFEO\deltatb.exe: [Debugger] tasklist.exe IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\iminentsetup.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\rjatydimofu.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\sweetimsetup.exe: [Debugger] tasklist.exe IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe Startup: E:\Documents and Settings\All Users\Menu Start\Programy\Autostart\eType Setup.lnk ShortcutTarget: eType Setup.lnk -> E:\Documents and Settings\monik\Ustawienia lokalne\Temp\eType Setup403402.exe () HKLM\...\AppCertDlls: [x64] -> e:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION HKLM\...\AppCertDlls: [x86] -> E:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll [489472 2014-07-02] () <===== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1645522239-602162358-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220141123 HKU\S-1-5-21-1645522239-602162358-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dts.search.ask.com/sidebar.html?src=ssb&gct=ds&appid=429&systemid=406 HKU\S-1-5-21-1645522239-602162358-725345543-1004\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKU\S-1-5-21-1645522239-602162358-725345543-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.22find.com/newtab?utm_source=b&utm_medium=mlv&from=mlv&uid=WDCXWD1600BEKT-60F3T1_WD-WXC0A89R6959R6959&ts=1361694455 HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.22find.com/newtab?utm_source=b&utm_medium=mlv&from=mlv&uid=WDCXWD1600BEKT-60F3T1_WD-WXC0A89R6959R6959&ts=1361694455 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220141123 URLSearchHook: HKU\S-1-5-21-1645522239-602162358-725345543-1004 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - E:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) URLSearchHook: HKU\S-1-5-21-1645522239-602162358-725345543-1004 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File URLSearchHook: HKU\S-1-5-21-1645522239-602162358-725345543-1004 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - E:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) URLSearchHook: HKU\S-1-5-21-1645522239-602162358-725345543-1004 - gry Toolbar - {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - E:\Program Files\gry\prxtbgr0.dll (Conduit Ltd.) URLSearchHook: HKU\S-1-5-21-1645522239-602162358-725345543-1004 - IncrediMail MediaBar 2 Toolbar - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\IncrediMail_MediaBar_2\prxtbInc0.dll (ClientConnect Ltd.) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.22find.com/newtab?utm_source=b&utm_medium=mlv&from=mlv&uid=WDCXWD1600BEKT-60F3T1_WD-WXC0A89R6959R6959&ts=1361694455" <======= ATTENTION HKU\S-1-5-21-1645522239-602162358-725345543-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - E:\Program Files\Internet Explorer\iexplore.exe http://www.22find.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=WDCXWD1600BEKT SearchScopes: HKLM -> DefaultScope value is missing. SearchScopes: HKU\S-1-5-21-1645522239-602162358-725345543-1004 -> DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=CLM&o=15427&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^LE&apn_dtid=^YYYYYY^YY^PL&apn_uid=d0644638-77e6-4a00-8aeb-360277e995e0&apn_sauid=B786F770-AA6F-46C0-B083-1079345FE265 SearchScopes: HKU\S-1-5-21-1645522239-602162358-725345543-1004 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=dpgppc&s={searchTerms}&f=4 SearchScopes: HKU\S-1-5-21-1645522239-602162358-725345543-1004 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=CLM&o=15427&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^LE&apn_dtid=^YYYYYY^YY^PL&apn_uid=d0644638-77e6-4a00-8aeb-360277e995e0&apn_sauid=B786F770-AA6F-46C0-B083-1079345FE265 SearchScopes: HKU\S-1-5-21-1645522239-602162358-725345543-1004 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.22find.com/web/?utm_source=b&utm_medium=mlv&from=mlv&uid=WDCXWD1600BEKT-60F3T1_WD-WXC0A89R6959R6959&ts=1361694457 SearchScopes: HKU\S-1-5-21-1645522239-602162358-725345543-1004 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-1645522239-602162358-725345543-1004 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481033 BHO: Chatvibes Browser Helper -> {00cbb66b-1d3b-46d3-9577-323a336acb50} -> E:\Program Files\BrowserCompanion\jsloader.dll ( ) BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> E:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll (Babylon BHO) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: gry Toolbar -> {8532a8b7-c06a-41bb-936a-8ce73e4711ed} -> E:\Program Files\gry\prxtbgr0.dll (Conduit Ltd.) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> E:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO: Chatvibes Browser Helper Verifier -> {963B125B-8B21-49A2-A3A8-E37092276531} -> E:\Program Files\BrowserCompanion\updatebhoWin32.dll ( ) BHO: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> E:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) -> {d1dac034-9fd9-4c13-a388-d2e10e57707f} -> E:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> E:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) BHO: IncrediMail MediaBar 2 Toolbar -> {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} -> E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\IncrediMail_MediaBar_2\prxtbInc0.dll (ClientConnect Ltd.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> E:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) Toolbar: HKLM - gry Toolbar - {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - E:\Program Files\gry\prxtbgr0.dll (Conduit Ltd.) Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - E:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll (Babylon Ltd.) Toolbar: HKLM - IncrediMail MediaBar 2 Toolbar - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\IncrediMail_MediaBar_2\prxtbInc0.dll (ClientConnect Ltd.) Toolbar: HKLM - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - E:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - E:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM - Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - E:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File Toolbar: HKU\S-1-5-21-1645522239-602162358-725345543-1004 -> &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - E:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKU\S-1-5-21-1645522239-602162358-725345543-1004 -> &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - E:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKU\S-1-5-21-1645522239-602162358-725345543-1004 -> gry Toolbar - {8532A8B7-C06A-41BB-936A-8CE73E4711ED} - E:\Program Files\gry\prxtbgr0.dll (Conduit Ltd.) Toolbar: HKU\S-1-5-21-1645522239-602162358-725345543-1004 -> IncrediMail MediaBar 2 Toolbar - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\IncrediMail_MediaBar_2\prxtbInc0.dll (ClientConnect Ltd.) Toolbar: HKU\S-1-5-21-1645522239-602162358-725345543-1004 -> Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - E:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - E:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - E:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default FF Homepage: www.wp.pl/?src01=dp220141123 FF DefaultSearchEngine: Ask.com Search FF SearchEngineOrder.1: Ask.com Search FF SelectedSearchEngine: Ask.com Search FF Plugin: @adobe.com/FlashPlayer -> E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> F:\Programy\picasa\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.21.2 -> E:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> E:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> E:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> E:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> E:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> E:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> E:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: TorchVLC -> E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Torch\Plugins\Video\VLC\npvlc.dll (VideoLAN) FF Plugin HKU\S-1-5-21-1645522239-602162358-725345543-1004: @Skype Limited.com/Facebook Video Calling Plugin -> E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKU\S-1-5-21-1645522239-602162358-725345543-1004: pandonetworks.com/PandoWebPlugin -> E:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\searchplugins\ask-search.xml FF SearchPlugin: E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\searchplugins\askcom.xml FF SearchPlugin: E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\searchplugins\askcomsearch.xml FF SearchPlugin: E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\searchplugins\MyStart Search.xml FF SearchPlugin: E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\searchplugins\Search_Results.xml FF SearchPlugin: E:\Program Files\mozilla firefox\searchplugins\babylon.xml FF SearchPlugin: E:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml FF SearchPlugin: E:\Program Files\mozilla firefox\searchplugins\Search_Results.xml FF Extension: Browser Companion Helper - E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\Extensions\bbrs_002@blabbers.com [2012-01-16] FF Extension: Babylon - E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\Extensions\ffxtlbr@babylon.com [2011-11-11] FF Extension: Ask Toolbar - E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\Extensions\toolbar@ask.com [2013-01-26] FF Extension: Searchqu Toolbar - E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2012-03-25] FF Extension: IncrediMail MediaBar 2 Community Toolbar - E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\Extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} [2012-08-29] FF Extension: Ashampoo PO - E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\Extensions\{d43723ae-1ae1-4a25-a6a4-bf0929273cab} [2012-10-23] FF Extension: 22find - E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\Extensions\{14323AEE-F6B8-4DC8-BCE3-E62645830585}.xpi [2013-02-24] FF Extension: Speed Dial - E:\Documents and Settings\monik\Dane aplikacji\Mozilla\Firefox\Profiles\hfw69b5n.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2011-10-23] FF Extension: Skype Click to Call - E:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-05-16] FF Extension: Java Console - E:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-04-09] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-17] FF Extension: DataMngr - E:\Program Files\Searchqu Toolbar\Datamngr\FirefoxExtension [2012-03-25] FF Extension: No Name - E:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: ======= CHR Profile: E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Movies App) - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob [2014-08-15] CHR Extension: (Ask Toolbar) - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aaaapoecfpbnohmjikjhpijcnonhhhlh [2014-08-15] CHR Extension: (Facebook Video Downloader) - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2014-08-25] CHR Extension: (Dokumenty Google) - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-15] CHR Extension: (Dysk Google) - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-15] CHR Extension: (YouTube) - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-15] CHR Extension: (Browser Companion Helper) - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej [2014-08-15] CHR Extension: (Szukaj w Google) - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-15] CHR Extension: (AdBlock) - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-11] CHR Extension: (Ashampoo PO) - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jinihaffgdhejchgkogpfkdmpldnmnji [2014-08-15] CHR Extension: (Google Wallet) - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-15] CHR Extension: (Gmail) - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-15] CHR HKLM\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\ilividmoviestoolbar181\GC\toolbar.crx [2013-12-11] CHR HKLM\...\Chrome\Extension: [aaaapoecfpbnohmjikjhpijcnonhhhlh] - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\APN\GoogleCRXs\aaaapoecfpbnohmjikjhpijcnonhhhlh_7.17.2.0.crx [2013-01-26] CHR HKLM\...\Chrome\Extension: [clbfjfbnelcflpgpklppgplejolacbej] - E:\Program Files\BrowserCompanion\blabbers-ch.crx [2011-12-22] CHR HKLM\...\Chrome\Extension: [ijblflkdjdopkpdgllkmlbgcffjbnfda] - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\newtab.crx [2011-12-22] CHR HKLM\...\Chrome\Extension: [jinihaffgdhejchgkogpfkdmpldnmnji] - E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\CRE\jinihaffgdhejchgkogpfkdmpldnmnji.crx [2012-09-20] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - E:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-05-30] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) Locked "wnrstcjq" service was unlocked successfully. <===== ATTENTION R2 ABBYY.Licensing.FineReader.Sprint.9.0; E:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) S4 Alerter; E:\WINDOWS\system32\alrsvc.dll [17408 2004-08-04] (Microsoft Corporation) [File not signed] R3 ALG; E:\WINDOWS\System32\alg.exe [44544 2004-08-04] (Microsoft Corporation) [File not signed] R2 AudioSrv; E:\WINDOWS\System32\audiosrv.dll [42496 2004-08-04] (Microsoft Corporation) [File not signed] S2 AxAutoMntSrv; E:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) S4 BITS; E:\WINDOWS\system32\qmgr.dll [382464 2004-08-04] (Microsoft Corporation) [File not signed] S2 Browser; E:\WINDOWS\System32\browser.dll [77312 2004-08-04] (Microsoft Corporation) [File not signed] S3 CiSvc; E:\WINDOWS\system32\cisvc.exe [5632 2004-08-04] (Microsoft Corporation) [File not signed] S4 ClipSrv; E:\WINDOWS\system32\clipsrv.exe [33280 2004-08-04] (Microsoft Corporation) [File not signed] S3 COMSysApp; E:\WINDOWS\system32\dllhost.exe [5120 2004-08-04] (Microsoft Corporation) [File not signed] R2 CryptSvc; E:\WINDOWS\System32\cryptsvc.dll [60416 2004-08-04] (Microsoft Corporation) [File not signed] R2 DatamngrCoordinator; E:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3573248 2014-07-02] (Bandoo Media Inc.) R2 DcomLaunch; E:\WINDOWS\system32\rpcss.dll [399360 2009-02-09] (Microsoft Corporation) [File not signed] R2 desksvc; E:\Program Files\Desk 365\deskSvc.exe [424016 2013-09-04] (337 Technology Limited.) <==== ATTENTION R2 Dhcp; E:\WINDOWS\System32\dhcpcsvc.dll [110592 2004-08-04] (Microsoft Corporation) [File not signed] S3 dmadmin; E:\WINDOWS\System32\dmadmin.exe [225280 2004-08-04] (Microsoft Corp., Veritas Software) [File not signed] S3 dmserver; E:\WINDOWS\System32\dmserver.dll [24064 2004-08-04] (Microsoft Corp.) [File not signed] R2 Dnscache; E:\WINDOWS\System32\dnsrslvr.dll [45568 2004-08-04] (Microsoft Corporation) [File not signed] R2 ERSvc; E:\WINDOWS\System32\ersvc.dll [23040 2004-08-04] (Microsoft Corporation) [File not signed] R2 Eventlog; E:\WINDOWS\system32\services.exe [111104 2009-02-09] (Microsoft Corporation) [File not signed] R3 EventSystem; E:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed] R3 FastUserSwitchingCompatibility; E:\WINDOWS\System32\shsvcs.dll [135168 2004-08-04] (Microsoft Corporation) [File not signed] R2 helpsvc; E:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38912 2004-08-04] (Microsoft Corporation) [File not signed] R2 HidServ; E:\WINDOWS\System32\hidserv.dll [21504 2004-08-04] (Microsoft Corporation) [File not signed] S3 HTTPFilter; E:\WINDOWS\System32\w3ssl.dll [15872 2004-08-04] (Microsoft Corporation) [File not signed] S3 ImapiService; E:\WINDOWS\system32\imapi.exe [150016 2004-08-04] (Microsoft Corporation) [File not signed] R2 JavaQuickStarterService; E:\Program Files\Java\jre7\bin\jqs.exe [181664 2013-05-04] (Oracle Corporation) R2 lanmanserver; E:\WINDOWS\System32\srvsvc.dll [96768 2004-08-04] (Microsoft Corporation) [File not signed] R2 lanmanworkstation; E:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed] R2 LmHosts; E:\WINDOWS\System32\lmhsvc.dll [13824 2004-08-04] (Microsoft Corporation) [File not signed] S4 Messenger; E:\WINDOWS\System32\msgsvc.dll [33792 2004-08-04] (Microsoft Corporation) [File not signed] S3 mnmsrvc; E:\WINDOWS\system32\mnmsrvc.exe [32768 2004-08-04] (Microsoft Corporation) [File not signed] S3 MSDTC; E:\WINDOWS\system32\msdtc.exe [6144 2004-08-04] (Microsoft Corporation) [File not signed] S3 MSIServer; E:\WINDOWS\System32\msiexec.exe [78848 2005-05-04] (Microsoft Corporation) [File not signed] S4 NetDDE; E:\WINDOWS\system32\netdde.exe [114688 2004-08-04] (Microsoft Corporation) [File not signed] S4 NetDDEdsdm; E:\WINDOWS\system32\netdde.exe [114688 2004-08-04] (Microsoft Corporation) [File not signed] S3 Netlogon; E:\WINDOWS\system32\lsass.exe [13312 2004-08-04] (Microsoft Corporation) [File not signed] R3 Netman; E:\WINDOWS\System32\netman.dll [198144 2004-08-04] (Microsoft Corporation) [File not signed] R3 Nla; E:\WINDOWS\System32\mswsock.dll [246784 2008-06-20] (Microsoft Corporation) [File not signed] S3 NtLmSsp; E:\WINDOWS\system32\lsass.exe [13312 2004-08-04] (Microsoft Corporation) [File not signed] S3 NtmsSvc; E:\WINDOWS\system32\ntmssvc.dll [435712 2004-08-04] (Microsoft Corporation) [File not signed] R2 PlugPlay; E:\WINDOWS\system32\services.exe [111104 2009-02-09] (Microsoft Corporation) [File not signed] R2 PolicyAgent; E:\WINDOWS\system32\lsass.exe [13312 2004-08-04] (Microsoft Corporation) [File not signed] R2 ProtectedStorage; E:\WINDOWS\system32\lsass.exe [13312 2004-08-04] (Microsoft Corporation) [File not signed] S3 RasAuto; E:\WINDOWS\System32\rasauto.dll [89088 2004-08-04] (Microsoft Corporation) [File not signed] R3 RasMan; E:\WINDOWS\System32\rasmans.dll [174080 2004-08-04] (Microsoft Corporation) [File not signed] S3 RDSessMgr; E:\WINDOWS\system32\sessmgr.exe [141824 2004-08-04] (Microsoft Corporation) [File not signed] S4 RemoteAccess; E:\WINDOWS\System32\mprdim.dll [49152 2004-08-04] (Microsoft Corporation) [File not signed] S3 RpcLocator; E:\WINDOWS\system32\locator.exe [75264 2004-08-04] (Microsoft Corporation) [File not signed] R2 RpcSs; E:\WINDOWS\system32\rpcss.dll [399360 2009-02-09] (Microsoft Corporation) [File not signed] S3 RSVP; E:\WINDOWS\system32\rsvp.exe [132608 2004-08-04] (Microsoft Corporation) [File not signed] R2 SamSs; E:\WINDOWS\system32\lsass.exe [13312 2004-08-04] (Microsoft Corporation) [File not signed] S3 SCardSvr; E:\WINDOWS\System32\SCardSvr.exe [98304 2004-08-04] (Microsoft Corporation) [File not signed] R2 Schedule; E:\WINDOWS\system32\schedsvc.dll [192000 2004-08-04] (Microsoft Corporation) [File not signed] R2 seclogon; E:\WINDOWS\System32\seclogon.dll [18944 2004-08-04] (Microsoft Corporation) [File not signed] R2 SENS; E:\WINDOWS\system32\sens.dll [38912 2004-08-04] (Microsoft Corporation) [File not signed] R2 SharedAccess; E:\WINDOWS\System32\ipnathlp.dll [331264 2004-08-04] (Microsoft Corporation) [File not signed] R2 ShellHWDetection; E:\WINDOWS\System32\shsvcs.dll [135168 2004-08-04] (Microsoft Corporation) [File not signed] R2 Skype C2C Service; E:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3048136 2012-05-30] (Skype Technologies S.A.) R2 Spooler; E:\WINDOWS\system32\spoolsv.exe [57856 2004-08-04] (Microsoft Corporation) [File not signed] R2 srservice; E:\WINDOWS\system32\srsvc.dll [171008 2004-08-04] (Microsoft Corporation) [File not signed] R3 SSDPSRV; E:\WINDOWS\System32\ssdpsrv.dll [71680 2004-08-04] (Microsoft Corporation) [File not signed] R2 STacSV; e:\program files\idt\wdm\STacSV.exe [254042 2009-03-30] (IDT, Inc.) [File not signed] R2 StarWindServiceAE; E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed] R2 stisvc; E:\WINDOWS\system32\wiaservc.dll [333824 2004-08-04] (Microsoft Corporation) [File not signed] S3 SwPrv; E:\WINDOWS\system32\dllhost.exe [5120 2004-08-04] (Microsoft Corporation) [File not signed] S3 SysmonLog; E:\WINDOWS\system32\smlogsvc.exe [91136 2004-08-04] (Microsoft Corporation) [File not signed] R3 TapiSrv; E:\WINDOWS\System32\tapisrv.dll [246272 2004-08-04] (Microsoft Corporation) [File not signed] R3 TermService; E:\WINDOWS\System32\termsrv.dll [296448 2004-08-04] (Microsoft Corporation) [File not signed] R2 Themes; E:\WINDOWS\System32\shsvcs.dll [135168 2004-08-04] (Microsoft Corporation) [File not signed] R2 TorchCrashHandler; E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Torch\Update\TorchCrashHandler.exe [1217032 2014-10-29] (TorchMedia Inc.) <==== ATTENTION R2 TrkWks; E:\WINDOWS\system32\trkwks.dll [90624 2004-08-04] (Microsoft Corporation) [File not signed] S3 upnphost; E:\WINDOWS\System32\upnphost.dll [185856 2004-08-04] (Microsoft Corporation) [File not signed] S3 UPS; E:\WINDOWS\System32\ups.exe [18432 2004-08-04] (Microsoft Corporation) [File not signed] S3 VSS; E:\WINDOWS\System32\vssvc.exe [291840 2004-08-04] (Microsoft Corporation) [File not signed] R2 W32Time; E:\WINDOWS\system32\w32time.dll [175616 2004-08-04] (Microsoft Corporation) [File not signed] R2 WebClient; E:\WINDOWS\System32\webclnt.dll [67584 2004-08-04] (Microsoft Corporation) [File not signed] R2 winmgmt; E:\WINDOWS\system32\wbem\WMIsvc.dll [145408 2004-08-04] (Microsoft Corporation) [File not signed] S3 WmdmPmSN; E:\WINDOWS\system32\mspmsnsv.dll [52736 2004-08-04] (Microsoft Corporation) [File not signed] R3 WmiApSrv; E:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2004-08-04] (Microsoft Corporation) [File not signed] S4 wscsvc; E:\WINDOWS\system32\wscsvc.dll [81408 2004-08-04] (Microsoft Corporation) [File not signed] S4 wuauserv; E:\WINDOWS\system32\wuauserv.dll [6656 2004-08-04] (Microsoft Corporation) [File not signed] R2 WZCSVC; E:\WINDOWS\System32\wzcsvc.dll [359936 2004-08-04] (Microsoft Corporation) [File not signed] S3 xmlprov; E:\WINDOWS\System32\xmlprov.dll [129536 2004-08-04] (Microsoft Corporation) [File not signed] S2 wnrstcjq; E:\WINDOWS\system32\lxkxx.dll [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 ACPI; E:\WINDOWS\System32\DRIVERS\ACPI.sys [188672 2004-08-04] (Microsoft Corporation) [File not signed] R0 ACPIEC; E:\WINDOWS\System32\DRIVERS\ACPIEC.sys [12032 2004-08-04] (Microsoft Corporation) [File not signed] S3 aec; E:\WINDOWS\System32\drivers\aec.sys [142464 2004-08-03] (Microsoft Corporation) [File not signed] R3 AESTAud; E:\WINDOWS\System32\drivers\AESTAud.sys [113536 2009-02-18] (Andrea Electronics Corporation) [File not signed] R1 AFD; E:\WINDOWS\System32\drivers\afd.sys [138368 2008-08-14] (Microsoft Corporation) [File not signed] S3 AsyncMac; E:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2004-08-04] (Microsoft Corporation) [File not signed] R0 atapi; E:\WINDOWS\System32\DRIVERS\atapi.sys [95360 2004-08-03] (Microsoft Corporation) [File not signed] S3 Atmarpc; E:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2004-08-04] (Microsoft Corporation) [File not signed] R3 audstub; E:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) [File not signed] R3 BCM43XX; E:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1735040 2010-02-18] (Broadcom Corporation) [File not signed] R1 Beep; E:\WINDOWS\system32\Drivers\Beep.sys [4224 2004-08-04] (Microsoft Corporation) [File not signed] S4 cbidf2k; E:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2004-08-04] (Microsoft Corporation) [File not signed] S3 CCDECODE; E:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-04] (Microsoft Corporation) [File not signed] S1 Cdaudio; E:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2004-08-04] (Microsoft Corporation) [File not signed] R4 Cdfs; E:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2004-08-04] (Microsoft Corporation) [File not signed] R1 Cdrom; E:\WINDOWS\System32\DRIVERS\cdrom.sys [62592 2011-05-09] (Microsoft Corporation) [File not signed] R3 CmBatt; E:\WINDOWS\System32\DRIVERS\CmBatt.sys [14080 2004-08-04] (Microsoft Corporation) [File not signed] R0 Compbatt; E:\WINDOWS\System32\DRIVERS\compbatt.sys [9344 2001-08-17] (Microsoft Corporation) [File not signed] R0 Disk; E:\WINDOWS\System32\DRIVERS\disk.sys [36352 2004-08-04] (Microsoft Corporation) [File not signed] S4 dmboot; E:\WINDOWS\System32\drivers\dmboot.sys [800000 2004-08-04] (Microsoft Corp., Veritas Software) [File not signed] S4 dmio; E:\WINDOWS\System32\drivers\dmio.sys [153856 2004-08-04] (Microsoft Corp., Veritas Software) [File not signed] S4 dmload; E:\WINDOWS\System32\drivers\dmload.sys [5888 2004-08-04] (Microsoft Corp., Veritas Software.) [File not signed] S3 DMusic; E:\WINDOWS\System32\drivers\DMusic.sys [52864 2004-08-03] (Microsoft Corporation) [File not signed] S3 drmkaud; E:\WINDOWS\System32\drivers\drmkaud.sys [2944 2004-08-03] (Microsoft Corporation) [File not signed] R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; E:\Program Files\Movies Toolbar\Datamngr\setmgrc2.cfg [34168 2014-07-02] (Bandoo Media Inc.) R4 Fastfat; E:\WINDOWS\system32\Drivers\Fastfat.sys [143360 2004-08-04] (Microsoft Corporation) [File not signed] S1 Fdc; E:\WINDOWS\system32\Drivers\Fdc.sys [27392 2004-08-04] (Microsoft Corporation) [File not signed] R1 Fips; E:\WINDOWS\system32\Drivers\Fips.sys [35072 2004-08-04] (Microsoft Corporation) [File not signed] S1 Flpydisk; E:\WINDOWS\system32\Drivers\Flpydisk.sys [20480 2004-08-04] (Microsoft Corporation) [File not signed] R0 FltMgr; E:\WINDOWS\System32\DRIVERS\fltMgr.sys [124800 2004-08-04] (Microsoft Corporation) [File not signed] U1 Fs_Rec; E:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2004-08-04] (Microsoft Corporation) [File not signed] R0 Ftdisk; E:\WINDOWS\System32\DRIVERS\ftdisk.sys [125568 2004-08-04] (Microsoft Corporation) [File not signed] R3 Gpc; E:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2004-08-04] (Microsoft Corporation) [File not signed] R3 HDAudBus; E:\WINDOWS\System32\DRIVERS\HDAudBus.sys [138752 2005-01-07] (Windows (R) Server 2003 DDK provider) [File not signed] R3 HidUsb; E:\WINDOWS\System32\DRIVERS\hidusb.sys [9600 2001-08-17] (Microsoft Corporation) [File not signed] R3 HTTP; E:\WINDOWS\System32\Drivers\HTTP.sys [263552 2009-10-20] (Microsoft Corporation) [File not signed] R1 i8042prt; E:\WINDOWS\System32\DRIVERS\i8042prt.sys [53504 2004-08-04] (Microsoft Corporation) [File not signed] R3 ialm; E:\WINDOWS\System32\DRIVERS\igxpmp32.sys [6278560 2009-01-21] (Intel Corporation) [File not signed] R1 Imapi; E:\WINDOWS\System32\DRIVERS\imapi.sys [41856 2004-08-04] (Microsoft Corporation) [File not signed] R1 intelppm; E:\WINDOWS\System32\DRIVERS\intelppm.sys [40320 2004-08-04] (Microsoft Corporation) [File not signed] S3 Ip6Fw; E:\WINDOWS\System32\DRIVERS\Ip6Fw.sys [29056 2004-08-04] (Microsoft Corporation) [File not signed] S3 IpFilterDriver; E:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2004-08-04] (Microsoft Corporation) [File not signed] S3 IpInIp; E:\WINDOWS\System32\DRIVERS\ipinip.sys [20992 2004-08-04] (Microsoft Corporation) [File not signed] R3 IpNat; E:\WINDOWS\System32\DRIVERS\ipnat.sys [134912 2004-08-04] (Microsoft Corporation) [File not signed] R1 IPSec; E:\WINDOWS\System32\DRIVERS\ipsec.sys [74752 2004-08-04] (Microsoft Corporation) [File not signed] S3 IRENUM; E:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2004-08-04] (Microsoft Corporation) [File not signed] R0 isapnp; E:\WINDOWS\System32\DRIVERS\isapnp.sys [36224 2001-10-26] (Microsoft Corporation) [File not signed] R1 ISODrive; E:\Program Files\UltraISO\drivers\ISODrive.sys [73728 2008-05-24] (EZB Systems, Inc.) [File not signed] R1 Kbdclass; E:\WINDOWS\System32\DRIVERS\kbdclass.sys [24960 2004-08-04] (Microsoft Corporation) [File not signed] S1 kbdhid; E:\WINDOWS\System32\DRIVERS\kbdhid.sys [14848 2004-08-04] (Microsoft Corporation) [File not signed] R3 kmixer; E:\WINDOWS\System32\drivers\kmixer.sys [171776 2004-08-03] (Microsoft Corporation) [File not signed] R0 KSecDD; E:\WINDOWS\system32\Drivers\KSecDD.sys [92544 2009-06-22] (Microsoft Corporation) [File not signed] R1 mnmdd; E:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2004-08-04] (Microsoft Corporation) [File not signed] S3 Modem; E:\WINDOWS\system32\Drivers\Modem.sys [30208 2004-08-04] (Microsoft Corporation) [File not signed] R1 Mouclass; E:\WINDOWS\System32\DRIVERS\mouclass.sys [23296 2004-08-04] (Microsoft Corporation) [File not signed] R3 mouhid; E:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2001-10-26] (Microsoft Corporation) [File not signed] R0 MountMgr; E:\WINDOWS\system32\Drivers\MountMgr.sys [42240 2004-08-04] (Microsoft Corporation) [File not signed] R3 MRxDAV; E:\WINDOWS\System32\DRIVERS\mrxdav.sys [181248 2004-08-04] (Microsoft Corporation) [File not signed] R1 MRxSmb; E:\WINDOWS\System32\DRIVERS\mrxsmb.sys [454016 2010-02-24] (Microsoft Corporation) [File not signed] R1 Msfs; E:\WINDOWS\system32\Drivers\Msfs.sys [19072 2004-08-04] (Microsoft Corporation) [File not signed] S3 MSKSSRV; E:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2004-08-03] (Microsoft Corporation) [File not signed] S3 MSPCLOCK; E:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2004-08-03] (Microsoft Corporation) [File not signed] S3 MSPQM; E:\WINDOWS\System32\drivers\MSPQM.sys [4992 2004-08-03] (Microsoft Corporation) [File not signed] R3 mssmbios; E:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2004-08-04] (Microsoft Corporation) [File not signed] S3 MSTEE; E:\WINDOWS\System32\drivers\MSTEE.sys [5504 2004-08-03] (Microsoft Corporation) [File not signed] R0 Mup; E:\WINDOWS\system32\Drivers\Mup.sys [107904 2004-08-04] (Microsoft Corporation) [File not signed] S3 NABTSFEC; E:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85376 2004-08-04] (Microsoft Corporation) [File not signed] R0 NDIS; E:\WINDOWS\system32\Drivers\NDIS.sys [182912 2004-08-04] (Microsoft Corporation) [File not signed] S3 NdisIP; E:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-04] (Microsoft Corporation) [File not signed] R3 NdisTapi; E:\WINDOWS\System32\DRIVERS\ndistapi.sys [9600 2004-08-04] (Microsoft Corporation) [File not signed] R3 Ndisuio; E:\WINDOWS\System32\DRIVERS\ndisuio.sys [12928 2004-08-04] (Microsoft Corporation) [File not signed] R3 NdisWan; E:\WINDOWS\System32\DRIVERS\ndiswan.sys [91776 2004-08-04] (Microsoft Corporation) [File not signed] R3 NDProxy; E:\WINDOWS\system32\Drivers\NDProxy.sys [38016 2004-08-04] (Microsoft Corporation) [File not signed] R1 NetBIOS; E:\WINDOWS\System32\DRIVERS\netbios.sys [34560 2004-08-04] (Microsoft Corporation) [File not signed] R1 NetBT; E:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2004-08-04] (Microsoft Corporation) [File not signed] R1 Npfs; E:\WINDOWS\system32\Drivers\Npfs.sys [30848 2004-08-04] (Microsoft Corporation) [File not signed] R4 Ntfs; E:\WINDOWS\system32\Drivers\Ntfs.sys [574592 2004-08-04] (Microsoft Corporation) [File not signed] R1 Null; E:\WINDOWS\system32\Drivers\Null.sys [2944 2004-08-04] (Microsoft Corporation) [File not signed] S3 NwlnkFlt; E:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2004-08-04] (Microsoft Corporation) [File not signed] S3 NwlnkFwd; E:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2004-08-04] (Microsoft Corporation) [File not signed] S3 Parport; E:\WINDOWS\system32\Drivers\Parport.sys [80256 2004-08-04] (Microsoft Corporation) [File not signed] R0 PartMgr; E:\WINDOWS\system32\Drivers\PartMgr.sys [18688 2004-08-04] (Microsoft Corporation) [File not signed] S2 ParVdm; E:\WINDOWS\system32\Drivers\ParVdm.sys [6912 2004-08-04] (Microsoft Corporation) [File not signed] R0 PCI; E:\WINDOWS\System32\DRIVERS\pci.sys [68608 2004-08-04] (Microsoft Corporation) [File not signed] R0 PCIIde; E:\WINDOWS\System32\DRIVERS\pciide.sys [3456 2001-10-26] (Microsoft Corporation) [File not signed] S4 Pcmcia; E:\WINDOWS\system32\Drivers\Pcmcia.sys [120064 2004-08-04] (Microsoft Corporation) [File not signed] R3 PptpMiniport; E:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2004-08-04] (Microsoft Corporation) [File not signed] R3 PSched; E:\WINDOWS\System32\DRIVERS\psched.sys [69120 2004-08-04] (Microsoft Corporation) [File not signed] R3 Ptilink; E:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2004-08-04] (Parallel Technologies, Inc.) [File not signed] R1 RasAcd; E:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2004-08-04] (Microsoft Corporation) [File not signed] R3 Rasl2tp; E:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2004-08-04] (Microsoft Corporation) [File not signed] R3 RasPppoe; E:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2004-08-04] (Microsoft Corporation) [File not signed] R3 Raspti; E:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2004-08-04] (Microsoft Corporation) [File not signed] R1 Rdbss; E:\WINDOWS\System32\DRIVERS\rdbss.sys [176512 2004-08-04] (Microsoft Corporation) [File not signed] R1 RDPCDD; E:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2004-08-04] (Microsoft Corporation) [File not signed] S3 RDPWD; E:\WINDOWS\system32\Drivers\RDPWD.sys [139400 2004-08-04] (Microsoft Corporation) [File not signed] R1 redbook; E:\WINDOWS\System32\DRIVERS\redbook.sys [58624 2004-08-04] (Microsoft Corporation) [File not signed] S3 Secdrv; E:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-08-04] () [File not signed] S2 Serial; E:\WINDOWS\system32\Drivers\Serial.sys [65664 2004-08-04] (Microsoft Corporation) [File not signed] S1 Sfloppy; E:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2004-08-04] (Microsoft Corporation) [File not signed] S3 SLIP; E:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2004-08-04] (Microsoft Corporation) [File not signed] S3 splitter; E:\WINDOWS\System32\drivers\splitter.sys [6400 2004-08-03] (Microsoft Corporation) [File not signed] R0 sptd; E:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-03-20] (Duplex Secure Ltd.) R0 sr; E:\WINDOWS\System32\DRIVERS\sr.sys [73472 2004-08-04] (Microsoft Corporation) [File not signed] R3 Srv; E:\WINDOWS\System32\DRIVERS\srv.sys [352640 2009-12-31] (Microsoft Corporation) [File not signed] R3 STHDA; E:\WINDOWS\System32\drivers\sthda.sys [1550891 2009-03-30] (IDT, Inc.) [File not signed] S3 streamip; E:\WINDOWS\System32\DRIVERS\StreamIP.sys [15360 2004-08-04] (Microsoft Corporation) [File not signed] R3 swenum; E:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2004-08-04] (Microsoft Corporation) [File not signed] S3 swmidi; E:\WINDOWS\System32\drivers\swmidi.sys [54272 2001-08-17] (Microsoft Corporation) [File not signed] R3 sysaudio; E:\WINDOWS\System32\drivers\sysaudio.sys [60800 2004-08-03] (Microsoft Corporation) [File not signed] R1 Tcpip; E:\WINDOWS\System32\DRIVERS\tcpip.sys [360320 2008-06-20] (Microsoft Corporation) [File not signed] S3 TDPIPE; E:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2004-08-04] (Microsoft Corporation) [File not signed] S3 TDTCP; E:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2004-08-04] (Microsoft Corporation) [File not signed] R1 TermDD; E:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2004-08-04] (Microsoft Corporation) [File not signed] S4 Udfs; E:\WINDOWS\system32\Drivers\Udfs.sys [66176 2004-08-04] (Microsoft Corporation) [File not signed] R3 Update; E:\WINDOWS\System32\DRIVERS\update.sys [209408 2004-08-04] (Microsoft Corporation) [File not signed] S3 usbaudio; E:\WINDOWS\System32\drivers\usbaudio.sys [59264 2004-08-03] (Microsoft Corporation) [File not signed] R3 usbccgp; E:\WINDOWS\System32\DRIVERS\usbccgp.sys [31616 2004-08-04] (Microsoft Corporation) [File not signed] R3 usbehci; E:\WINDOWS\System32\DRIVERS\usbehci.sys [26624 2004-08-03] (Microsoft Corporation) [File not signed] R3 usbhub; E:\WINDOWS\System32\DRIVERS\usbhub.sys [57600 2004-08-03] (Microsoft Corporation) [File not signed] S3 usbprint; E:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2004-08-03] (Microsoft Corporation) [File not signed] S3 usbscan; E:\WINDOWS\System32\DRIVERS\usbscan.sys [15104 2004-08-03] (Microsoft Corporation) [File not signed] S3 USBSTOR; E:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26496 2004-08-03] (Microsoft Corporation) [File not signed] R3 usbuhci; E:\WINDOWS\System32\DRIVERS\usbuhci.sys [20480 2004-08-03] (Microsoft Corporation) [File not signed] R3 usbvideo; E:\WINDOWS\System32\Drivers\usbvideo.sys [78464 2004-08-04] (Microsoft Corporation) [File not signed] R1 VgaSave; E:\WINDOWS\System32\drivers\vga.sys [20992 2004-08-04] (Microsoft Corporation) [File not signed] R0 VolSnap; E:\WINDOWS\system32\Drivers\VolSnap.sys [52864 2004-08-04] (Microsoft Corporation) [File not signed] R3 Wanarp; E:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2004-08-04] (Microsoft Corporation) [File not signed] S2 WCMVCAM; E:\WINDOWS\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider) R3 wdmaud; E:\WINDOWS\System32\drivers\wdmaud.sys [82944 2004-08-03] (Microsoft Corporation) [File not signed] R1 WmiAcpi; E:\WINDOWS\System32\DRIVERS\wmiacpi.sys [8832 2004-08-04] (Microsoft Corporation) [File not signed] S3 WSTCODEC; E:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19328 2004-08-04] (Microsoft Corporation) [File not signed] S3 yukonwxp; E:\WINDOWS\System32\DRIVERS\yk51x86.sys [296960 2009-03-27] (Marvell) [File not signed] U3 aae82cna; E:\WINDOWS\system32\Drivers\aae82cna.sys [0 ] (Microsoft Corporation) [File not signed] U5 BattC; E:\Windows\System32\Drivers\BattC.sys [14080 2001-08-17] (Microsoft Corporation) [File not signed] S3 clwvd; system32\DRIVERS\clwvd.sys [X] S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) NETSVC: wnrstcjq -> E:\WINDOWS\system32\lxkxx.dll ==> No File. ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-29 18:01 - 2014-11-29 18:01 - 00052336 _____ () E:\Documents and Settings\monik\Pulpit\FRST.txt 2014-11-29 18:01 - 2014-11-29 18:01 - 00000000 ____D () E:\FRST 2014-11-29 18:00 - 2014-11-29 18:00 - 05006864 _____ (AVAST Software) E:\Documents and Settings\monik\Pulpit\avast_free_antivirus_setup_online.exe 2014-11-29 17:58 - 2014-11-29 17:59 - 01109504 _____ (Farbar) E:\Documents and Settings\monik\Pulpit\FRST.exe 2014-11-29 17:55 - 2014-11-29 17:55 - 02117632 _____ (Farbar) E:\Documents and Settings\monik\Pulpit\FRST64.exe 2014-11-27 17:35 - 2014-11-27 23:15 - 00012525 _____ () E:\Documents and Settings\monik\Pulpit\geo.odt 2014-11-24 22:08 - 2014-11-24 10:41 - 225298457 _____ () E:\Documents and Settings\monik\Pulpit\Projekt.mp4 2014-11-23 18:38 - 2014-11-23 18:38 - 00773136 _____ ( ) E:\Documents and Settings\monik\Pulpit\Windows-Movie-Maker(11546)-dp.exe 2014-11-23 18:21 - 2014-11-23 18:22 - 02603176 _____ () E:\Documents and Settings\monik\Pulpit\AdobeDownloadAssistant.exe 2014-11-23 14:06 - 2014-11-23 18:05 - 00000000 ____D () E:\Documents and Settings\monik\Pulpit\di wywyołania 2014-11-20 22:39 - 1995-01-01 01:48 - 00000044 _____ () E:\Documents and Settings\monik\Pulpit\Track47.cda 2014-11-16 21:44 - 2014-11-16 21:45 - 00385815 _____ () E:\Documents and Settings\monik\Pulpit\KULTURA LOKALNA.pptx 2014-11-16 20:37 - 2014-11-16 20:37 - 00013048 _____ () E:\Documents and Settings\monik\Pulpit\ddd.odt 2014-11-14 15:19 - 2014-08-22 20:21 - 732840347 _____ () E:\Documents and Settings\monik\Pulpit\Kiler-ów 2-óch.avi 2014-11-01 18:52 - 2014-10-25 17:24 - 00034857 _____ () E:\Documents and Settings\monik\Moje dokumenty\wok.odt_0.odt ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-29 18:02 - 2014-07-04 14:37 - 00000000 ____D () E:\Documents and Settings\All Users\Dane aplikacji\Datamngr 2014-11-29 18:02 - 2010-02-18 17:33 - 00000000 ____D () E:\Documents and Settings\monik\Ustawienia lokalne\Temp 2014-11-29 18:01 - 2010-02-18 17:33 - 00000000 ____D () E:\Documents and Settings\monik\Pulpit 2014-11-29 17:59 - 2013-01-26 16:39 - 00000234 _____ () E:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job 2014-11-29 17:58 - 2010-02-18 18:19 - 00000000 ___RD () E:\Documents and Settings\All Users\Menu Start\Programy 2014-11-29 17:56 - 2010-02-18 18:22 - 00015105 _____ () E:\WINDOWS\wiadebug.log 2014-11-29 17:31 - 2014-08-15 11:16 - 00001036 _____ () E:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-29 16:51 - 2010-02-18 17:28 - 01760442 _____ () E:\WINDOWS\WindowsUpdate.log 2014-11-29 16:06 - 2013-02-28 19:01 - 00001002 _____ () E:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1645522239-602162358-725345543-1004UA.job 2014-11-29 14:44 - 2010-02-18 17:32 - 00032486 _____ () E:\WINDOWS\SchedLgU.Txt 2014-11-29 14:30 - 2013-02-24 09:28 - 00000000 ____D () E:\Program Files\Desk 365 2014-11-29 14:28 - 2014-08-15 11:24 - 00001819 _____ () E:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-11-27 22:31 - 2014-08-15 11:16 - 00001032 _____ () E:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-27 22:31 - 2010-02-18 17:33 - 00000000 ___HD () E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji 2014-11-27 19:37 - 2014-01-23 16:39 - 00000000 ____D () E:\Documents and Settings\All Users\Dane aplikacji\TorchCrashHandler 2014-11-27 19:06 - 2013-02-28 19:01 - 00000980 _____ () E:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1645522239-602162358-725345543-1004Core.job 2014-11-27 18:14 - 2010-03-14 19:12 - 02955264 ___SH () E:\Documents and Settings\monik\Pulpit\Thumbs.db 2014-11-27 18:14 - 2010-02-20 10:14 - 00155136 _____ () E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-11-27 18:13 - 2010-02-18 17:33 - 00000000 ___RD () E:\Documents and Settings\monik\Moje dokumenty\Moje obrazy 2014-11-25 22:17 - 2012-09-25 14:45 - 00000000 ____D () E:\Documents and Settings\monik\Dane aplikacji\AIMP3 2014-11-24 22:07 - 2010-02-18 18:19 - 00352891 _____ () E:\WINDOWS\setupapi.log 2014-11-17 21:01 - 2013-02-24 09:28 - 00000000 _____ () E:\oui_mem_leak.txt 2014-11-17 20:50 - 2011-03-06 19:03 - 00000314 ___SH () E:\WINDOWS\Tasks\Qzfkkxzk.job 2014-11-17 20:50 - 2010-02-18 18:22 - 00000050 _____ () E:\WINDOWS\wiaservc.log 2014-11-17 20:50 - 2010-02-18 17:32 - 00000006 ____H () E:\WINDOWS\Tasks\SA.DAT 2014-11-17 20:50 - 2004-08-04 13:00 - 00002278 _____ () E:\WINDOWS\system32\wpa.dbl 2014-11-17 20:49 - 2010-02-18 17:33 - 00000292 ___SH () E:\Documents and Settings\monik\ntuser.ini 2014-11-17 20:49 - 2010-02-18 17:33 - 00000000 ____D () E:\Documents and Settings\monik 2014-11-14 16:28 - 2012-08-27 09:14 - 00000000 ____D () E:\Documents and Settings\monik\Moje dokumenty\Pobieranie 2014-11-14 16:28 - 2010-02-18 17:33 - 00000000 ___RD () E:\Documents and Settings\monik\Moje dokumenty 2014-11-14 16:27 - 2012-08-20 18:04 - 00000000 ___RD () E:\Documents and Settings\monik\Pulpit\Muzyka 2014-11-14 06:53 - 2010-02-19 06:53 - 00000000 ____D () E:\Documents and Settings\monik\.gstreamer-0.10 2014-11-03 22:33 - 2014-01-23 16:39 - 00001069 _____ () E:\Documents and Settings\monik\Menu Start\Programy\Torch.lnk 2014-11-03 22:33 - 2014-01-23 16:38 - 00000000 ____D () E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Torch 2014-11-03 22:33 - 2011-11-11 19:16 - 00000000 ____D () E:\Documents and Settings\monik\Ustawienia lokalne\Dane aplikacji\Temp Files to move or delete: ==================== E:\WINDOWS\system32\CTFMON.EXE E:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll Some content of TEMP: ==================== E:\Documents and Settings\monik\Ustawienia lokalne\Temp\22find_mlv.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\APNStub.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\AutoRun.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\AutoRunGUI.dll E:\Documents and Settings\monik\Ustawienia lokalne\Temp\AxSFADownloader.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\BundleSweetIMSetup.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\coupish-babylon.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\Delta.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\DeltaTB.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\drm_dialogs.dll E:\Documents and Settings\monik\Ustawienia lokalne\Temp\drm_dyndata_7330016.dll E:\Documents and Settings\monik\Ustawienia lokalne\Temp\drm_dyndata_7380015.dll E:\Documents and Settings\monik\Ustawienia lokalne\Temp\EAD1.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\EAD2.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\eauninstall.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\eType Setup403402.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\First15.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\FooPlugin0.9Setup_2.1.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\gg10.upgr.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\gry.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\HomePage22find.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\ICReinstall_HoolappSetup.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\IncrediMail_MediaBar_2.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\installhelper.dll E:\Documents and Settings\monik\Ustawienia lokalne\Temp\MybabylonTB.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\setup.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\SRAssetsHelper.dll E:\Documents and Settings\monik\Ustawienia lokalne\Temp\swt-win32-3349.dll E:\Documents and Settings\monik\Ustawienia lokalne\Temp\swt-win32-3740.dll E:\Documents and Settings\monik\Ustawienia lokalne\Temp\t.dll E:\Documents and Settings\monik\Ustawienia lokalne\Temp\tbAsha.dll E:\Documents and Settings\monik\Ustawienia lokalne\Temp\Toolbar_Phpnuke.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\VP6Install.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\VP6VFW.dll E:\Documents and Settings\monik\Ustawienia lokalne\Temp\WmpPluginSetup_2.1.0.6.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\WSSetup.exe E:\Documents and Settings\monik\Ustawienia lokalne\Temp\{DA7C2E7D-64F4-4885-A895-227765008416}-20.0.1132.47_19.0.1084.56_chrome_updater.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) E:\WINDOWS\explorer.exe [2004-08-04 13:00] - [2004-08-04 13:00] - 1033728 ____A (Microsoft Corporation) 379098a96e6c165b659de7e4328010ea E:\WINDOWS\system32\winlogon.exe [2004-08-04 13:00] - [2010-02-18 18:29] - 0504832 ____A (Microsoft Corporation) 033dfd0b69af3fbc60138c0ac5c75042 E:\WINDOWS\system32\svchost.exe [2004-08-04 13:00] - [2004-08-04 13:00] - 0014336 ____A (Microsoft Corporation) ba98327e90022dbd6ee76490e0622e2e E:\WINDOWS\system32\services.exe [2004-08-04 13:00] - [2009-02-09 11:10] - 0111104 ____A (Microsoft Corporation) ed4e5391100287b9eabf8f2cf4b42235 E:\WINDOWS\system32\User32.dll [2004-08-04 13:00] - [2004-08-04 13:00] - 0578560 ____A (Microsoft Corporation) 0c81764f50f32d376e6e4b9e9f4b01a0 E:\WINDOWS\system32\userinit.exe [2004-08-04 13:00] - [2004-08-04 13:00] - 0025088 ____A (Microsoft Corporation) bd768099b4c44aa631728cb74eb54396 E:\WINDOWS\system32\rpcss.dll [2004-08-04 13:00] - [2009-02-09 11:22] - 0399360 ____A (Microsoft Corporation) b5d78596effbeb82f3b86d9a002538e1 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. E:\WINDOWS\system32\Drivers\volsnap.sys [2004-08-04 13:00] - [2004-08-04 13:00] - 0052864 ____A (Microsoft Corporation) ecd173739b8ec10a814cc18653df5a36 ==================== End Of Log ============================