Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2014 Ran by Sławek (administrator) on SŁAWEK-KOMPUTER on 14-12-2014 08:59:11 Running from C:\Users\Sławek\NARZEDZIA Loaded Profile: Sławek (Available profiles: Sławek) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 10 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe (Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-05] (IDT, Inc.) HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4805936 2012-08-23] (Intel(R) Corporation) HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [371024 2013-03-05] (Wave Systems Corp.) HKLM\...\Run: [DFEPApplication] => C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077432 2012-08-15] (Dell Inc.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-01-14] (Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation) HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462974 2011-12-16] (Creative Technology Ltd) HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [333088 2010-07-05] (Nuance Communications, Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.) HKU\S-1-5-21-398410218-3786033429-3762348091-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) Lsa: [Authentication Packages] msv1_0 wvauth Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.) Startup: C:\Users\Sławek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.) ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.) ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.) ==================== Internet (All) =========================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm HKU\S-1-5-21-398410218-3786033429-3762348091-1000\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm HKU\S-1-5-21-398410218-3786033429-3762348091-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-21-398410218-3786033429-3762348091-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank URLSearchHook: HKU\S-1-5-21-398410218-3786033429-3762348091-1000 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) URLSearchHook: HKU\S-1-5-21-398410218-3786033429-3762348091-1000 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {BE6CCE12-371D-4E98-94E8-500487DF8FBB} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {BE6CCE12-371D-4E98-94E8-500487DF8FBB} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKU\S-1-5-21-398410218-3786033429-3762348091-1000 -> {0988E5D1-207D-4E62-9BF1-659798DA3D29} URL = https://www.google.com/search?q={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation) Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation) Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll (Microsoft Corporation) Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation) Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation) Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation) Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation) Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation) Winsock: Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.) Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.) Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog5-x64 01 C:\Windows\system32\NLAapi.dll [70656] (Microsoft Corporation) Winsock: Catalog5-x64 02 C:\Windows\system32\napinsp.dll [68096] (Microsoft Corporation) Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [86016] (Microsoft Corporation) Winsock: Catalog5-x64 04 C:\Windows\system32\pnrpnsp.dll [86016] (Microsoft Corporation) Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation) Winsock: Catalog5-x64 07 C:\Windows\system32\wshbth.dll [47104] (Microsoft Corporation) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.) Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.) Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [326144] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Sławek\AppData\Roaming\Mozilla\Firefox\Profiles\8ukqxul5.default-1418513204874 FF Homepage: hxxp://isap.sejm.gov.pl/VolumeServlet?type=wdu FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allegro-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\merlin-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pwn-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wolnelektury-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wp-pl.xml FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014-12-13] FF HKLM-x32\...\Mozilla Firefox 34.0.5\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components FF HKLM-x32\...\Mozilla Firefox 34.0.5\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 DFEPService; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.) S4 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [231792 2013-03-11] () S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed] S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation) S4 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2947856 2013-07-30] (Invincea, Inc.) S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation) S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] () S4 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International) S4 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [21504 2013-01-21] (Dell, Inc.) [File not signed] S4 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [124616 2013-07-30] () S4 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [File not signed] S4 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1773056 2013-02-26] (Wave Systems Corp.) [File not signed] S4 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254824 2013-03-08] (Wave Systems Corp.) S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2013-11-14] (Broadcom Corporation.) R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.) S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [34824 2013-07-30] () S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [202248 2013-07-30] () R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics) R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [47072 2012-10-10] (Windows (R) Win 7 DDK provider) R3 wbfcvusbdrv; C:\Windows\System32\Drivers\wbfcvusbdrv.sys [17120 2013-03-08] () R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-14 01:08 - 2014-12-14 01:08 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\MPC-HC 2014-12-14 00:22 - 2014-12-14 00:22 - 00000000 ____D () C:\Users\Sławek\AppData\Local\CrashDumps 2014-12-13 16:43 - 2014-12-14 08:59 - 00000000 ____D () C:\FRST 2014-12-13 16:42 - 2014-12-14 08:59 - 00000000 ____D () C:\Users\Sławek\NARZEDZIA 2014-12-13 16:38 - 2014-12-14 08:56 - 00005014 _____ () C:\Windows\System32\Tasks\WSCEAA 2014-12-13 16:38 - 2014-12-13 16:38 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\FLEXnet 2014-12-13 16:33 - 2014-12-13 16:33 - 00003416 ____N () C:\bootsqm.dat 2014-12-13 15:43 - 2014-12-13 15:54 - 00445200 _____ () C:\Windows\msxml4-KB954430-enu.LOG 2014-12-13 15:34 - 2014-12-13 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-12-13 15:34 - 2014-12-13 15:34 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack 2014-12-13 15:34 - 2014-11-03 13:39 - 00260696 _____ () C:\Windows\system32\unrar64.dll 2014-12-13 15:34 - 2014-11-03 13:39 - 00218712 _____ () C:\Windows\SysWOW64\unrar.dll 2014-12-13 15:24 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-12-13 15:24 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-12-13 15:24 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-12-13 15:24 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-12-13 15:24 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-12-13 15:24 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-12-13 15:24 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-12-13 15:24 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-12-13 15:23 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2014-12-13 15:23 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2014-12-13 15:22 - 2014-12-13 15:22 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\Zeon 2014-12-13 15:22 - 2014-12-13 15:22 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\Nuance 2014-12-13 15:20 - 2014-12-13 15:22 - 00000000 ____D () C:\ProgramData\Nuance 2014-12-13 15:20 - 2014-12-13 15:20 - 00001868 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk 2014-12-13 15:20 - 2014-12-13 15:20 - 00000000 ____D () C:\ProgramData\ScanSoft 2014-12-13 15:20 - 2014-12-13 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance 2014-12-13 15:20 - 2014-12-13 15:20 - 00000000 ____D () C:\ProgramData\FLEXnet 2014-12-13 15:20 - 2014-12-13 15:20 - 00000000 ____D () C:\Program Files (x86)\Nuance 2014-12-13 15:19 - 2014-12-13 15:19 - 00000000 ____D () C:\Users\Sławek\AppData\Local\Downloaded Installations 2014-12-13 15:17 - 2014-12-13 15:17 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-12-13 15:17 - 2014-12-13 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-12-13 15:17 - 2014-12-13 15:17 - 00000000 ____D () C:\Program Files\WinRAR 2014-12-13 15:13 - 2014-12-13 15:13 - 00000000 ____D () C:\Users\Sławek\AppData\Local\Wave Systems Corp 2014-12-13 15:12 - 2014-12-13 15:13 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\Wave Systems Corp 2014-12-13 15:12 - 2014-12-13 15:12 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\Intel WiDi 2014-12-13 15:12 - 2014-12-13 15:12 - 00000000 ____D () C:\Users\Sławek\AppData\Local\Intel WiDi 2014-12-13 15:12 - 2014-12-13 15:12 - 00000000 ____D () C:\Users\Sławek\AppData\Local\Intel 2014-12-13 15:11 - 2014-12-14 00:24 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-12-13 15:11 - 2014-12-13 15:11 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\Mozilla 2014-12-13 15:11 - 2014-12-13 15:11 - 00000000 ____D () C:\Users\Sławek\AppData\Local\Mozilla 2014-12-13 15:11 - 2014-12-13 15:11 - 00000000 ____D () C:\ProgramData\Mozilla 2014-12-13 15:11 - 2014-12-13 15:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-12-13 15:11 - 2014-12-13 15:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-12-13 15:11 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-12-13 15:11 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-12-13 15:11 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-12-13 15:11 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-12-13 15:11 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-12-13 15:11 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-12-13 15:11 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-12-13 15:11 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-12-13 15:10 - 2014-12-13 15:10 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\Macromedia 2014-11-20 07:42 - 2014-11-20 07:42 - 00000000 ____D () C:\Windows\pss 2014-11-20 07:31 - 2014-11-20 07:31 - 00058016 _____ () C:\Users\Sławek\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-20 07:31 - 2014-11-20 07:31 - 00000000 ____D () C:\Users\Sławek\Documents\Folder wymiany interfejsu Bluetooth 2014-11-20 07:31 - 2014-11-20 07:31 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\Intel Corporation 2014-11-20 07:31 - 2014-11-20 07:31 - 00000000 ____D () C:\Users\Sławek\AppData\Local\Broadcom 2014-11-20 07:30 - 2014-12-14 00:24 - 00001423 _____ () C:\Users\Sławek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-11-20 07:30 - 2014-12-13 16:42 - 00000000 ____D () C:\Users\Sławek 2014-11-20 07:30 - 2014-11-20 07:30 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dokumentacja pomocy firmy Dell.lnk 2014-11-20 07:30 - 2014-11-20 07:30 - 00000020 ___SH () C:\Users\Sławek\ntuser.ini 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Sławek\Ustawienia lokalne 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Sławek\Szablony 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Sławek\Moje dokumenty 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Sławek\Menu Start 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Sławek\Documents\Moje wideo 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Sławek\Documents\Moje obrazy 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Sławek\Documents\Moja muzyka 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Sławek\Dane aplikacji 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Sławek\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Sławek\AppData\Local\Historia 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Sławek\AppData\Local\Dane aplikacji 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Public\Documents\Moje wideo 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Public\Documents\Moje obrazy 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Public\Documents\Moja muzyka 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default\Ustawienia lokalne 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default\Szablony 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default\Moje dokumenty 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default\Menu Start 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default\Documents\Moje wideo 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default\Documents\Moje obrazy 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default\Documents\Moja muzyka 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default\Dane aplikacji 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historia 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dane aplikacji 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje wideo 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje obrazy 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default User\Documents\Moja muzyka 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Historia 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dane aplikacji 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\ProgramData\Ulubione 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\ProgramData\Szablony 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\ProgramData\Pulpit 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\ProgramData\Menu Start 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\ProgramData\Dokumenty 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 _SHDL () C:\ProgramData\Dane aplikacji 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\Intel 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\Creative 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 ____D () C:\Users\Sławek\AppData\Roaming\Adobe 2014-11-20 07:30 - 2014-11-20 07:30 - 00000000 ____D () C:\Users\Sławek\AppData\Local\VirtualStore 2014-11-20 07:30 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Sławek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-20 07:30 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Sławek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-14 08:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-14 08:56 - 2009-07-14 05:51 - 00040376 _____ () C:\Windows\setupact.log 2014-12-14 08:55 - 2013-11-13 23:03 - 01710649 _____ () C:\Windows\WindowsUpdate.log 2014-12-14 08:53 - 2009-07-14 05:45 - 00024816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-14 08:53 - 2009-07-14 05:45 - 00024816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-14 08:51 - 2010-11-21 13:53 - 00740348 _____ () C:\Windows\system32\perfh015.dat 2014-12-14 08:51 - 2010-11-21 13:53 - 00155890 _____ () C:\Windows\system32\perfc015.dat 2014-12-14 08:51 - 2009-07-14 06:13 - 01669190 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-14 08:46 - 2010-11-21 04:47 - 00169708 _____ () C:\Windows\PFRO.log 2014-12-14 00:19 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini 2014-12-13 15:55 - 2011-02-15 10:58 - 01641068 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-12-13 15:13 - 2013-11-14 06:20 - 00000000 ____D () C:\ProgramData\Wave Systems Corp 2014-12-13 15:13 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\WinBioDatabase 2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-11-20 07:44 - 2011-02-15 17:49 - 00000000 ____D () C:\dell 2014-11-20 07:30 - 2013-11-14 06:35 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe 2014-11-20 07:30 - 2010-11-21 03:50 - 00000000 ____D () C:\Users\Administrator 2014-11-20 07:30 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2014-11-20 07:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-11-20 07:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT 2014-11-20 07:28 - 2011-02-15 17:49 - 00000000 ____D () C:\Windows\panther ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2011-02-15 10:50 ==================== End Of Log ============================