Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-12-2014 Ran by DawidDamian (administrator) on DAMIANDAWID on 26-12-2014 01:11:22 Running from C:\Users\DawidDamian\Desktop\Nowy folder Loaded Profile: DawidDamian (Available profiles: DawidDamian & UpdatusUser & Gość & DefaultAppPool) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (COMODO) C:\Program Files\COMODO\EasyVPN\crdphService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe () C:\Program Files\COMODO\EasyVPN\Vpnservice.exe (ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (Microsoft Corporation) C:\Windows\System32\CISVC.EXE (FileZilla Project) C:\xampp\FileZillaFTP\FileZilla Server.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE (Microsoft Corporation) C:\Windows\System32\snmp.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (COMODO) C:\Program Files\COMODO\EasyVPN\crdphService.exe () C:\Windows\tsnp325.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (COMODO) C:\Program Files\COMODO\EasyVPN\EasyVPN.exe (Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (COMODO) C:\Program Files\COMODO\EasyVPN\AppShareService.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG) HKLM\...\Run: [] => [X] HKLM\...\Run: [tsnp325] => C:\Windows\tsnp325.exe [270336 2007-04-21] () HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1795872 2014-08-19] (NVIDIA Corporation) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\...\Run: [RayV] => C:\Program Files\RayV\RayV\RayV.exe /background HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\...\Run: [Comodo EasyVPN] => C:\Program Files\COMODO\EasyVPN\EasyVPN.exe [5288240 2010-12-27] (COMODO) HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\...\MountPoints2: G - G:\setup.exe HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\...\MountPoints2: H - H:\dvdcheck.exe HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\...\MountPoints2: I - I:\setup.exe HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\...\MountPoints2: {013673ab-4c16-11e0-9d2b-f430efba23e5} - G:\LaunchU3.exe -a HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\...\MountPoints2: {4f5a0fc5-f014-11de-be10-806e6f6e6963} - E:\setup.exe HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\...\MountPoints2: {a26ab081-f001-11de-814f-00241d59c812} - F:\Autorun.exe HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess? BootExecute: autocheck autochk * lsdelete ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyEnable: [S-1-5-21-1172356088-3149085315-1547821400-1000] => Internet Explorer proxy is enabled. HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome URLSearchHook: HKLM - (No Name) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - No File URLSearchHook: HKLM - (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File URLSearchHook: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File URLSearchHook: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 - (No Name) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - No File URLSearchHook: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 - (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File SearchScopes: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> DefaultScope {8C9FA5F8-038E-489A-8996-65D8BA3253D4} URL = http://www.google.com/search?hl=pl&q={searchTerms}&rlz=1I7SUNC_plPL360 SearchScopes: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> {09A8CE11-7438-4796-BC32-9D312D07FAB2} URL = http://www.allegro.pl/search.php?sg=0&string={searchTerms} SearchScopes: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=UT2V5&o=15158&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=UG&apn_dtid=&apn_uid=6F31CF47-C72D-4B79-A4FA-667B88AF9C3B&apn_sauid=C8E786EA-FC02-41F5-A048-E0F62201D0C5 SearchScopes: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=74f1ce7f00000000000002004c4f4f50&tlver=1.4.19.19&affID=17160 SearchScopes: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> {8C9FA5F8-038E-489A-8996-65D8BA3253D4} URL = http://www.google.com/search?hl=pl&q={searchTerms}&rlz=1I7SUNC_plPL360 SearchScopes: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933 SearchScopes: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> {c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} URL = http://search.hotspotshield.com/g/results.php?c=s&q={searchTerms} SearchScopes: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> {CA9C2542-E774-4502-AD7C-26F4DA93A323} URL = http://www.youtube.com/results?search_query={searchTerms}&page={startPage?}&utm_source=opensearch SearchScopes: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> {D2B4AD48-40FB-4F9F-AA52-FD10A0966B23} URL = http://pl.wikipedia.org/w/index.php?title=Specjalna:Szukaj&search={searchTerms} SearchScopes: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> {E78409DE-64C2-4383-BDDE-4DCE991419E1} URL = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox BHO: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll No File BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - No File Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll No File Toolbar: HKLM - &NetWorx Desk Band - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - D:\NetWorx\deskband.dll (SoftPerfect Research) Toolbar: HKLM - No Name - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No File Toolbar: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File Toolbar: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKU\S-1-5-21-1172356088-3149085315-1547821400-1000 -> No Name - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No File DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {F9F6A5CD-76C1-4BE7-8F49-5D4183F9FAC5} https://www.otineo.com/resources/com.otineo.survey.ui.personal.softphone.SoftphonePanel/OtineoSoftphone.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 89.161.65.246 89.161.65.247 Tcpip\..\Interfaces\{792A8DE6-5361-4B7D-B63C-A7E3F5265A42}: [NameServer] 8.8.8.8,8.8.4.4 FireFox: ======== FF ProfilePath: C:\Users\DawidDamian\AppData\Roaming\Mozilla\Firefox\Profiles\n88ulxhy.default FF DefaultSearchUrl: hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q= FF Homepage: hxxp://pl.msn.com/?pc=WLEM FF NetworkProxy: "no_proxies_on", "" FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin: @rayv.com/rayvplugin -> C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll No File FF Plugin: @real.com/nppl3260;version=15.0.1.13 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll No File FF Plugin: @real.com/nprjplug;version=15.0.1.13 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll No File FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.1.13 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.1.13 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=15.0.1.13 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @veetle.com/vbp;version=0.9.17 -> C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc) FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.17 -> C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.17 -> C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npImagine.dll () FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.) FF SearchPlugin: C:\Users\DawidDamian\AppData\Roaming\Mozilla\Firefox\Profiles\n88ulxhy.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search the web.src FF Extension: Add N Edit Cookies - C:\Users\DawidDamian\AppData\Roaming\Mozilla\Firefox\Profiles\n88ulxhy.default\Extensions\{038dc421-b19e-4711-a218-1fd10de9163b} [2011-06-12] FF Extension: Test Pilot - C:\Users\DawidDamian\AppData\Roaming\Mozilla\Firefox\Profiles\n88ulxhy.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-07-27] FF Extension: DownThemAll! - C:\Users\DawidDamian\AppData\Roaming\Mozilla\Firefox\Profiles\n88ulxhy.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-09-25] FF Extension: Greasemonkey - C:\Users\DawidDamian\AppData\Roaming\Mozilla\Firefox\Profiles\n88ulxhy.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-27] FF Extension: QuickStores-Toolbar - C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de [2011-06-30] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-12-22] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKU\S-1-5-21-1172356088-3149085315-1547821400-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF StartMenuInternet: FIREFOX.EXE - D:\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\DawidDamian\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\DawidDamian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-12] CHR Extension: (Dokumenty Google) - C:\Users\DawidDamian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-12] CHR Extension: (Dysk Google) - C:\Users\DawidDamian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-12] CHR Extension: (YouTube) - C:\Users\DawidDamian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-12] CHR Extension: (Szukaj w Google) - C:\Users\DawidDamian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-12] CHR Extension: (Arkusze Google) - C:\Users\DawidDamian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-12] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\DawidDamian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-12-12] CHR Extension: (Google Wallet) - C:\Users\DawidDamian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-12] CHR Extension: (Gmail) - C:\Users\DawidDamian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-12] CHR HKLM\...\Chrome\Extension: [clbfjfbnelcflpgpklppgplejolacbej] - C:\Program Files\BrowserCompanion\blabbers-ch.crx [Not Found] CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-12-22] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software)) R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed] R2 CrdphService; C:\Program Files\COMODO\EasyVPN\crdphService.exe [495920 2010-11-23] (COMODO) R2 EasyVpnAdpt; C:\Program Files\COMODO\EasyVPN\Vpnservice.exe [119088 2010-12-14] () S2 ES lite Service; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-03-02] () R2 FileZilla Server; C:\xampp\FileZillaFTP\FileZilla server.exe [1029776 2009-12-20] (FileZilla Project) S3 Futuremark SystemInfo Service; C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [128928 2010-11-11] (Futuremark Corporation) R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1895760 2014-12-13] (LogMeIn Inc.) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed] R2 iprip; C:\Windows\System32\iprip.dll [29696 2009-07-14] (Microsoft Corporation) S2 Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [1737728 2012-09-22] (Lavasoft Limited ) [File not signed] R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2014-12-02] (LogMeIn, Inc.) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation) R2 MSMQ; C:\Windows\system32\mqsvc.exe [8704 2009-07-14] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed] R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed] S4 AntiVirSchedulerService; "C:\Program Files\Avira\AntiVir Desktop\sched.exe" [X] S4 AntiVirService; "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus.sys [14336 2012-03-02] (LG Electronics Inc.) S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag.sys [20736 2012-03-02] (LG Electronics Inc.) S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps.sys [20096 2012-03-02] (LG Electronics Inc.) S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem.sys [25088 2012-03-02] (LG Electronics Inc.) S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [25728 2009-02-05] (Google Inc) R3 ATP; C:\Windows\System32\DRIVERS\cmdatp.sys [17816 2010-12-13] (Comodo, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [56816 2009-11-25] (Avira GmbH) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [96104 2009-03-30] (Avira GmbH) S3 cpuz134; C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys [20328 2010-07-09] (Windows (R) Win 7 DDK provider) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG) R3 gdrv; C:\Windows\gdrv.sys [17488 2014-12-25] (Windows (R) 2000 DDK provider) R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed] R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2010-02-03] (LogMeIn, Inc.) S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider) R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2009-08-23] (Atheros Communications, Inc.) S3 Lavasoft Kernexplorer; C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [15232 2011-02-04] () R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2010-08-12] (Lavasoft AB) R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.) R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.) R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.) R1 mbmiodrvr; C:\Windows\system32\mbmiodrvr.sys [2944 2004-04-10] (cansoft@livewiredev.com) [File not signed] R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [141824 2010-11-20] (Microsoft Corporation) S3 msloop; C:\Windows\System32\DRIVERS\loop.sys [5632 2009-07-14] (Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] () R1 networx; C:\Windows\System32\drivers\networx.sys [51640 2011-04-15] (NetFilterSDK.com) S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [108160 2011-11-09] (TCL Communicate Incorporated) S4 RsFx0105; C:\Windows\System32\DRIVERS\RsFx0105.sys [238696 2011-09-22] (Microsoft Corporation) R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [59388 2009-11-09] (PowerISO Computing, Inc.) [File not signed] R0 speedfan; C:\Windows\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [File not signed] R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2009-12-23] () [File not signed] R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-05-11] (Avira GmbH) R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed] S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-06-16] (AnchorFree Inc) R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex) U3 a772vl1x; C:\Windows\system32\Drivers\a772vl1x.sys [0 ] (Microsoft Corporation) S1 avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [X] S3 cpuvis; \??\C:\Program Files\My applications\cpuvis.sys [X] S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X] S3 RivaTuner32; \??\C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys [X] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-26 01:11 - 2014-12-26 01:11 - 00000000 ___DC () C:\Users\DawidDamian\Desktop\Nowy folder 2014-12-26 01:08 - 2014-12-26 01:11 - 00000000 ___DC () C:\FRST 2014-12-26 01:07 - 2014-12-26 01:07 - 01114112 ____C (Farbar) C:\Users\DawidDamian\Downloads\FRST.exe 2014-12-23 15:59 - 2014-12-23 16:21 - 00000000 ___DC () C:\Users\DawidDamian\Desktop\ster 2014-12-18 11:14 - 2014-12-18 11:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-16 09:36 - 2014-12-16 09:36 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-12-16 09:36 - 2014-12-16 09:36 - 00000000 ___DC () C:\Program Files\LogMeIn Hamachi 2014-12-12 21:55 - 2014-12-12 21:55 - 00002211 ____C () C:\Users\Public\Desktop\Google Chrome.lnk 2014-12-12 21:55 - 2014-12-12 21:55 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-12-12 21:53 - 2014-12-12 21:53 - 00880784 ____C (Google Inc.) C:\Users\DawidDamian\Downloads\ChromeSetup.exe 2014-12-10 13:00 - 2014-12-10 13:00 - 00000000 ___DC () C:\Windows\system32\appraiser 2014-12-10 11:28 - 2014-12-10 11:28 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-12-10 11:28 - 2014-12-10 11:28 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-12-10 11:28 - 2014-12-10 11:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-12-10 11:28 - 2014-12-10 11:28 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-12-10 11:28 - 2014-12-10 11:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-12-10 09:22 - 2014-12-10 11:29 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-10 09:22 - 2014-12-10 11:29 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-12-10 09:22 - 2014-12-10 11:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2014-12-10 09:22 - 2014-12-10 11:28 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-12-10 09:22 - 2014-12-10 11:28 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2014-12-10 09:22 - 2014-12-10 11:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2014-12-10 09:22 - 2014-12-10 11:28 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-12-10 09:22 - 2014-12-10 11:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-12-10 09:22 - 2014-12-10 11:28 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-12-10 09:22 - 2014-12-10 11:28 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-10 09:22 - 2014-12-10 11:27 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-10 09:22 - 2014-12-10 11:27 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-10 09:22 - 2014-12-10 11:27 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-10 09:22 - 2014-12-10 11:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-12-10 09:22 - 2014-12-10 11:27 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-12-10 09:22 - 2014-12-10 11:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-12-10 09:21 - 2014-12-10 11:27 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-10 09:20 - 2014-12-10 11:19 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-12-10 09:20 - 2014-12-10 11:19 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-10 09:20 - 2014-12-10 11:19 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2014-12-10 09:20 - 2014-12-10 11:19 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2014-12-10 09:20 - 2014-12-10 11:19 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2014-12-10 09:20 - 2014-12-10 11:19 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2014-12-04 23:08 - 2014-12-04 23:08 - 00000000 _SHDC () C:\Users\DawidDamian\AppData\Local\EmieBrowserModeList ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-26 01:00 - 2009-07-14 05:34 - 00023584 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-26 01:00 - 2009-07-14 05:34 - 00023584 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-26 00:58 - 2010-07-05 16:00 - 00001046 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-26 00:54 - 2011-09-18 10:47 - 01900934 ____C () C:\Windows\WindowsUpdate.log 2014-12-26 00:54 - 2011-06-09 12:48 - 00000350 ____C () C:\Windows\system32\VpnService.log 2014-12-26 00:54 - 2010-08-03 23:09 - 00000000 ___DC () C:\Users\DawidDamian\AppData\Local\LogMeIn Hamachi 2014-12-26 00:54 - 2010-07-05 16:00 - 00001042 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-25 23:53 - 2010-07-29 09:27 - 00000000 ___DC () C:\Users\Gość\AppData\Roaming\Skype 2014-12-25 23:12 - 2011-04-23 22:34 - 00000064 ____C () C:\Windows\system32\rp_stats.dat 2014-12-25 23:12 - 2011-04-23 22:34 - 00000044 ____C () C:\Windows\system32\rp_rules.dat 2014-12-25 23:01 - 2010-08-30 16:49 - 00000000 ___DC () C:\Program Files\Microsoft SQL Server 2014-12-25 22:59 - 2012-06-16 20:54 - 00000000 ___DC () C:\Program Files\Mozilla Maintenance Service 2014-12-25 22:53 - 2010-08-04 09:37 - 00000000 ___DC () C:\Users\Gość\AppData\Local\LogMeIn Hamachi 2014-12-25 22:52 - 2014-09-25 07:57 - 00019666 ____C () C:\Windows\setupact.log 2014-12-25 22:52 - 2010-05-18 12:10 - 00017488 ____C (Windows (R) 2000 DDK provider) C:\Windows\gdrv.sys 2014-12-25 22:52 - 2010-04-24 16:56 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-12-25 22:52 - 2009-12-24 00:08 - 00000000 ___DC () C:\ProgramData\NVIDIA 2014-12-25 22:52 - 2009-12-23 23:59 - 00000073 ____C () C:\service.log 2014-12-25 22:52 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-25 22:51 - 2010-09-06 08:24 - 00632200 ____C () C:\aaw7boot.log 2014-12-23 18:11 - 2011-04-24 15:38 - 00000490 ____H () C:\Windows\Tasks\Norton Security Scan for DawidDamian.job 2014-12-23 16:32 - 2009-12-23 23:52 - 02017148 ____C () C:\Windows\system32\PerfStringBackup.INI 2014-12-23 16:32 - 2009-07-14 09:07 - 00868310 ____C () C:\Windows\system32\perfh015.dat 2014-12-23 16:32 - 2009-07-14 09:07 - 00206446 ____C () C:\Windows\system32\perfc015.dat 2014-12-23 02:54 - 2013-12-07 14:09 - 00000000 __SDC () C:\wrestle 2014-12-23 00:44 - 2012-09-18 09:22 - 00001610 ____C () C:\Users\Gość\Desktop\flash player.txt 2014-12-17 23:48 - 2012-03-02 11:45 - 00000000 ___DC () C:\Program Files\Opera 2014-12-16 12:55 - 2010-11-24 12:41 - 00000012 ____C () C:\Users\Gość\intlname.ols 2014-12-16 10:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-12-13 23:39 - 2010-07-26 16:15 - 00000000 ___DC () C:\Users\Gość\AppData\Local\Google 2014-12-13 22:28 - 2014-10-13 16:41 - 00001910 ____C () C:\Windows\PFRO.log 2014-12-13 22:28 - 2009-07-14 03:37 - 00000000 ___DC () C:\Windows\system32\pl-PL 2014-12-12 21:55 - 2014-09-01 09:13 - 00000000 ___DC () C:\Program Files\Google 2014-12-12 21:55 - 2009-12-29 16:27 - 00000000 ___DC () C:\Users\DawidDamian\AppData\Local\Google 2014-12-10 13:00 - 2014-05-06 19:51 - 00000000 __SDC () C:\Windows\system32\CompatTel 2014-12-10 13:00 - 2009-07-14 03:37 - 00000000 ___DC () C:\Windows\AppCompat 2014-12-10 11:27 - 2013-08-14 23:07 - 00000000 ___DC () C:\Windows\system32\MRT 2014-12-10 11:19 - 2009-12-28 11:24 - 109818608 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-28 15:27 - 2011-12-22 09:18 - 00000000 ___DC () C:\Program Files\Common Files\xing shared 2014-11-28 15:27 - 2010-08-30 14:10 - 00000000 ___DC () C:\Program Files\Common Files\Wise Installation Wizard 2014-11-28 15:27 - 2010-04-11 11:59 - 00000000 ___DC () C:\Program Files\Adobe 2014-11-28 15:25 - 2014-07-27 23:25 - 00000000 ___DC () C:\Program Files\Common Files\Java 2014-11-28 15:25 - 2014-06-02 22:44 - 00000000 ___DC () C:\Program Files\Common Files\Skype 2014-11-28 15:25 - 2012-01-19 09:45 - 00000000 ___DC () C:\Program Files\Common Files\snp325 2014-11-28 15:25 - 2011-06-24 13:18 - 00000000 ___DC () C:\Program Files\Common Files\Futuremark Shared 2014-11-28 15:25 - 2011-04-16 18:53 - 00000000 ___DC () C:\Program Files\Common Files\Common Share 2014-11-28 15:25 - 2011-03-23 12:38 - 00000000 ___DC () C:\Program Files\Common Files\Microsoft Games 2014-11-28 15:25 - 2010-11-29 22:35 - 00000000 ___DC () C:\Program Files\Common Files\LogiShrd 2014-11-28 15:25 - 2010-11-15 19:21 - 00000000 ___DC () C:\Program Files\Common Files\Imagine 2014-11-28 15:25 - 2010-09-18 23:55 - 00000000 ___DC () C:\Program Files\Common Files\PC SOFT 2014-11-28 15:25 - 2010-02-04 20:41 - 00000000 ___DC () C:\Program Files\Common Files\Real 2014-11-28 15:25 - 2010-01-25 21:58 - 00000000 ___DC () C:\Program Files\Common Files\NSV 2014-11-28 15:25 - 2010-01-22 17:51 - 00000000 ___DC () C:\Program Files\Common Files\Windows Live 2014-11-28 15:25 - 2009-12-27 20:12 - 00000000 ___DC () C:\Program Files\Common Files\Hewlett-Packard 2014-11-28 15:25 - 2009-12-23 23:59 - 00000000 ___DC () C:\Program Files\Common Files\InstallShield 2014-11-28 15:25 - 2009-12-23 21:40 - 00000000 ___DC () C:\Program Files\Common Files\DESIGNER 2014-11-28 15:25 - 2009-07-14 03:37 - 00000000 ___DC () C:\Program Files\Common Files\System 2014-11-28 15:25 - 2009-07-14 03:37 - 00000000 ___DC () C:\Program Files\Common Files\Services 2014-11-28 15:25 - 2009-07-14 03:37 - 00000000 ___DC () C:\Program Files\Common Files\microsoft shared 2014-11-28 15:24 - 2012-06-15 13:32 - 00000000 ___DC () C:\Program Files\Common Files\Adobe AIR 2014-11-28 15:24 - 2011-06-19 20:52 - 00000000 ___DC () C:\Program Files\Common Files\AxaraMedia 2014-11-28 15:24 - 2011-05-12 09:25 - 00000000 ___DC () C:\Program Files\Common Files\Bullzip 2014-11-28 15:24 - 2010-06-23 19:40 - 00000000 ___DC () C:\Program Files\Common Files\Apple 2014-11-28 15:24 - 2010-04-12 16:22 - 00000000 ___DC () C:\Program Files\Common Files\ABBYY 2014-11-28 15:24 - 2010-02-13 21:14 - 00000000 ___DC () C:\Program Files\Common Files\Ahead 2014-11-28 15:24 - 2009-12-30 17:58 - 00000000 ___DC () C:\Program Files\Common Files\Adobe 2014-11-28 15:23 - 2011-05-26 11:38 - 00000000 ___DC () C:\Program Files\Allegro Image Resizer 2014-11-28 15:23 - 2011-03-17 12:45 - 00000000 ___DC () C:\Program Files\Aerosoft 2014-11-28 15:23 - 2010-06-04 11:31 - 00000000 ___DC () C:\Program Files\AMR to MP3 Converter 2014-11-28 15:23 - 2010-05-05 15:32 - 00000000 ___DC () C:\Program Files\AnvSoft 2014-11-28 15:23 - 2010-04-19 13:49 - 00000000 ___DC () C:\Program Files\Active Data Security Solutions 2014-11-28 15:23 - 2010-04-14 14:56 - 00000000 ___DC () C:\Program Files\AMX Mod X 2014-11-28 15:23 - 2010-04-12 16:20 - 00000000 ___DC () C:\Program Files\ABBYY FineReader 9.0 2014-11-28 15:23 - 2009-12-30 18:30 - 00000000 ___DC () C:\Program Files\AMR Player 2014-11-28 15:22 - 2011-05-12 09:29 - 00000000 ___DC () C:\Program Files\PDF Editor 3 2014-11-28 15:22 - 2010-04-25 15:48 - 00000000 ___DC () C:\Program Files\7-Zip 2014-11-28 15:22 - 2010-04-21 17:12 - 00000000 ___DC () C:\Program Files\Permeo 2014-11-28 15:22 - 2009-12-29 16:46 - 00000000 ___DC () C:\Program Files\PlayReady 2014-11-28 15:21 - 2014-01-03 23:25 - 00000000 ___DC () C:\Program Files\Panda Security 2014-11-28 15:19 - 2014-11-21 12:41 - 00000000 ___DC () C:\Program Files\LG Electronics 2014-11-28 15:19 - 2014-01-05 22:18 - 00000000 ___DC () C:\Program Files\K-Meleon 2014-11-28 15:19 - 2011-05-06 11:50 - 00000000 ___DC () C:\Program Files\OpenSource DTSAC3DD+ Source Filter 2014-11-28 15:19 - 2011-05-06 11:50 - 00000000 ___DC () C:\Program Files\OpenSource AVI Splitter 2014-11-28 15:19 - 2011-05-06 11:49 - 00000000 ___DC () C:\Program Files\OpenSource Flash Video Splitter 2014-11-28 15:19 - 2010-09-16 21:38 - 00000000 ___DC () C:\Program Files\K-Lite Codec Pack 2014-11-28 15:19 - 2010-05-18 11:42 - 00000000 ___DC () C:\Program Files\obj 2014-11-28 15:19 - 2010-05-06 17:33 - 00000000 ___DC () C:\Program Files\Lavalys 2014-11-28 15:19 - 2010-05-05 14:24 - 00000000 ___DC () C:\Program Files\OpenAL 2014-11-28 15:18 - 2009-12-29 15:39 - 00000000 ___DC () C:\Program Files\Java 2014-11-28 15:17 - 2011-08-03 23:55 - 00000000 ___DC () C:\Program Files\ImTOO 2014-11-28 15:17 - 2011-06-19 21:00 - 00000000 ___DC () C:\Program Files\iZ3D Media Player Classic 2014-11-28 15:17 - 2011-04-21 10:17 - 00000000 ___DC () C:\Program Files\Gadu-Gadu 10 2014-11-28 15:17 - 2010-05-11 12:58 - 00000000 ___DC () C:\Program Files\IVONA 2014-11-28 15:17 - 2009-12-27 20:11 - 00000000 ___DC () C:\Program Files\HP 2014-11-28 15:17 - 2009-12-24 00:00 - 00000000 ___DC () C:\Program Files\Intel 2014-11-28 15:16 - 2011-06-11 16:46 - 00000000 ___DC () C:\Program Files\COMODO 2014-11-28 15:16 - 2011-05-06 11:50 - 00000000 ___DC () C:\Program Files\CD Audio Reader Filter 2014-11-28 15:16 - 2011-05-06 11:49 - 00000000 ___DC () C:\Program Files\Bass Audio Decoder 2014-11-28 15:16 - 2010-12-12 11:47 - 00000000 ___DC () C:\Program Files\COMPANY_NAME 2014-11-28 15:16 - 2010-11-29 22:35 - 00000000 __RDC () C:\Program Files\My applications 2014-11-28 15:16 - 2010-11-20 20:41 - 00000000 ___DC () C:\Program Files\CPUID 2014-11-28 15:16 - 2010-07-25 14:23 - 00000000 ___DC () C:\Program Files\CCleaner 2014-11-28 15:16 - 2010-06-23 19:39 - 00000000 ___DC () C:\Program Files\Apple Software Update 2014-11-28 15:16 - 2010-02-24 20:23 - 00000000 ___DC () C:\Program Files\ArezMedia 2014-11-28 15:16 - 2010-02-13 20:43 - 00000000 ___DC () C:\Program Files\Audacity 2014-11-28 15:15 - 2011-11-29 19:26 - 00000000 ___DC () C:\Froyo 2014-11-28 15:14 - 2012-01-18 19:10 - 00000000 ___DC () C:\cabs Files to move or delete: ==================== C:\Users\DawidDamian\m2.exe C:\Users\DawidDamian\SafeDeviceDLL_1.196.dll C:\Users\DawidDamian\SkypeSetup.exe Some content of TEMP: ==================== C:\Users\DawidDamian\AppData\Local\Temp\InstallAX.exe C:\Users\DawidDamian\AppData\Local\Temp\setup.exe C:\Users\DawidDamian\AppData\Local\Temp\uninst1.exe C:\Users\DawidDamian\AppData\Local\Temp\wmfdist.exe C:\Users\Gość\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-26 00:48 ==================== End Of Log ============================