Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015 Ran by mirra (administrator) on MIRRA-LAPTOP on 31-01-2015 10:54:56 Running from C:\Users\mirra\Downloads Loaded Profiles: mirra (Available profiles: mirra & Gość) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google Inc.) C:\Users\mirra\AppData\Local\Google\Update\GoogleUpdate.exe (Facebook Inc.) C:\Users\mirra\AppData\Local\Facebook\Update\FacebookUpdate.exe (Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\QuickTime\QTTask.exe (Opera Software) C:\Program Files (x86)\Opera\opera.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.) HKLM\...\Run: [] => [X] HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe [8947008 2014-12-18] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-06-25] (Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-564767970-4186023011-380315173-1000\...\Run: [Google Update] => C:\Users\mirra\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-10] (Google Inc.) HKU\S-1-5-21-564767970-4186023011-380315173-1000\...\Run: [Facebook Update] => C:\Users\mirra\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-03-22] (Facebook Inc.) HKU\S-1-5-21-564767970-4186023011-380315173-1000\...\Run: [CCleaner] => "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO HKU\S-1-5-21-564767970-4186023011-380315173-1000\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8818552 2015-01-06] (Innovative Solutions) HKU\S-1-5-21-564767970-4186023011-380315173-1000\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8818552 2015-01-06] (Innovative Solutions) HKU\S-1-5-21-564767970-4186023011-380315173-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-564767970-4186023011-380315173-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 BootExecute: autocheck autochk * sdnclean64.exe GroupPolicyUsers\S-1-5-21-564767970-4186023011-380315173-1000\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220141101 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220141101 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-564767970-4186023011-380315173-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220141101 SearchScopes: HKLM -> DefaultScope value is missing. SearchScopes: HKLM-x32 -> DefaultScope value is missing. SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {DBD64135-7390-4F52-9069-56A8BCA4D47E} URL = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox SearchScopes: HKU\.DEFAULT -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO-x32: Ad-Aware Security Add-on -> {6c97a91e-4524-4019-86af-2aa2d567bf5c} -> C:\Program Files (x86)\adawaretb\adawareDx.dll () BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll () BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll () Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\mirra\AppData\Roaming\Mozilla\Firefox\Profiles\wi0p2q8g.default FF Homepage: google.com FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.) FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( ) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-564767970-4186023011-380315173-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\mirra\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKU\S-1-5-21-564767970-4186023011-380315173-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\mirra\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKU\S-1-5-21-564767970-4186023011-380315173-1000: @talk.google.com/O1DPlugin -> C:\Users\mirra\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKU\S-1-5-21-564767970-4186023011-380315173-1000: @tools.google.com/Google Update;version=3 -> C:\Users\mirra\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-564767970-4186023011-380315173-1000: @tools.google.com/Google Update;version=9 -> C:\Users\mirra\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-564767970-4186023011-380315173-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\mirra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Users\mirra\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\mirra\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) Chrome: ======= CHR StartupUrls: Default -> "" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Widevine Content Decryption Module) - C:\Users\mirra\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll No File CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\internal-nacl-plugin No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll () CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (GanymedeNet.Detector) - C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( ) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Java Deployment Toolkit 7.0.710.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U71) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Unity Player) - C:\Users\mirra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\mirra\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Google Update) - C:\Users\mirra\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Google Talk Plugin) - C:\Users\mirra\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\mirra\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) CHR Profile: C:\Users\mirra\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\mirra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-30] CHR Extension: (Dokumenty Google) - C:\Users\mirra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-30] CHR Extension: (Dysk Google) - C:\Users\mirra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-07] CHR Extension: (YouTube) - C:\Users\mirra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-07] CHR Extension: (Szukaj w Google) - C:\Users\mirra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-07] CHR Extension: (Arkusze Google) - C:\Users\mirra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-30] CHR Extension: (AdBlock) - C:\Users\mirra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-06] CHR Extension: (Skype Click to Call) - C:\Users\mirra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-24] CHR Extension: (Google Wallet) - C:\Users\mirra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-24] CHR Extension: (Google Chrome to Phone Extension) - C:\Users\mirra\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2013-01-25] CHR Extension: (Gmail) - C:\Users\mirra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-07] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\adawaretb\chrome-newtab-search.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [pbiamblgmkgbcgbcgejjgebalncpmhnp] - C:\Program Files (x86)\StartSearch plugin\vshareplg.crx [Not Found] Opera: ======= OPR Extension: (AutoComplete) - C:\Users\mirra\AppData\Roaming\Opera Software\Opera Stable\Extensions\mgpaaiklbkhafeiaeofjnpoipnlapkbd [2014-11-12] OPR Extension: (Adblock Plus) - C:\Users\mirra\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-11-12] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-06-15] (Atheros) [File not signed] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-06-15] (Atheros Commnucations) [File not signed] S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe [713568 2014-12-18] () S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed] R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2013-07-17] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2013-07-17] (BitDefender LLC) S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security) R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-07-15] (GFI Software) R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC) S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-18] (Siliten) R1 LUMDriver; C:\windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM) R0 MxEFUF; C:\Windows\System32\DRIVERS\MxEFUF64.sys [157696 2011-10-20] (Matrox Graphics Inc.) S3 PortTalk; C:\Windows\SysWOW64\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org) [File not signed] S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-10-06] (Windows (R) 2003 DDK 3790 provider) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC) S1 SBRE; No ImagePath S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.) S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-31 10:37 - 2015-01-31 10:37 - 00623224 _____ (Duplex Secure Ltd.) C:\Users\mirra\Downloads\SPTDinst-v186-x64.exe 2015-01-30 19:21 - 2015-01-30 19:21 - 00006609 _____ () C:\Users\mirra\Downloads\fixit.txt 2015-01-30 19:21 - 2015-01-30 19:21 - 00006609 _____ () C:\Users\mirra\Desktop\fixit.txt 2015-01-29 21:48 - 2015-01-29 21:48 - 00011116 _____ () C:\Users\mirra\Desktop\gmer.txt 2015-01-27 23:43 - 2015-01-29 20:56 - 00052235 _____ () C:\Users\mirra\Downloads\Shortcut.txt 2015-01-27 23:42 - 2015-01-29 20:56 - 00044078 _____ () C:\Users\mirra\Downloads\Addition.txt 2015-01-27 23:41 - 2015-01-31 10:55 - 00022035 _____ () C:\Users\mirra\Downloads\FRST.txt 2015-01-27 23:39 - 2015-01-31 10:54 - 00000000 ____D () C:\FRST 2015-01-27 23:38 - 2015-01-31 10:52 - 02130432 _____ (Farbar) C:\Users\mirra\Downloads\FRST64.exe 2015-01-27 22:38 - 2015-01-27 22:38 - 00000000 _____ () C:\autoexec.bat 2015-01-27 22:01 - 2015-01-27 22:01 - 00000943 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk 2015-01-27 22:00 - 2015-01-31 09:46 - 00000000 ____D () C:\Program Files\Microsoft Fix it Center 2015-01-27 21:50 - 2015-01-27 21:50 - 00450352 _____ (Microsoft Corporation) C:\Users\mirra\Downloads\FixitCenter_Run.exe 2015-01-27 21:27 - 2015-01-31 09:46 - 00000000 ____D () C:\Users\mirra\Downloads\usbdeview-x64 2015-01-27 21:01 - 2015-01-27 21:01 - 00108171 _____ () C:\Users\mirra\Downloads\usbdeview-x64.zip 2015-01-27 17:55 - 2015-01-27 17:55 - 00073791 _____ () C:\Users\mirra\AppData\Local\recently-used.xbel 2015-01-23 21:23 - 2015-01-23 21:26 - 30427218 _____ () C:\Users\mirra\Downloads\Easy_Display_Manager_3.2.6.9.ZIP 2015-01-21 22:50 - 2015-01-21 22:50 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf 2015-01-21 22:50 - 2014-03-19 15:23 - 00050896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\point64.sys 2015-01-20 23:54 - 2011-03-05 11:46 - 00078976 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amd_sata.sys 2015-01-20 23:54 - 2011-03-05 11:46 - 00038528 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amd_xata.sys 2015-01-20 23:42 - 2014-08-26 06:31 - 00874712 _____ (Realtek ) C:\windows\system32\Drivers\Rt630x64.sys 2015-01-19 23:19 - 2015-01-19 23:20 - 02448688 _____ (Megaify Software ) C:\Users\mirra\Downloads\DriverToolkitInstaller.exe 2015-01-19 22:15 - 2011-10-20 11:24 - 00157696 _____ (Matrox Graphics Inc.) C:\windows\system32\Drivers\MxEFUF64.sys 2015-01-19 22:04 - 2012-04-24 13:00 - 00274061 _____ () C:\windows\system32\Drivers\RTAIODAT.DAT 2015-01-19 22:04 - 2012-04-13 15:51 - 00103528 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll 2015-01-19 22:04 - 2012-04-03 18:42 - 01015640 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPOShell64.dll 2015-01-19 22:04 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCoLDR64.dll 2015-01-18 22:45 - 2015-01-31 09:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-17 21:20 - 2012-09-23 05:17 - 00021160 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\amdkmafd.sys 2015-01-15 19:03 - 2014-06-22 00:59 - 00110080 _____ (Advanced Micro Devices) C:\windows\system32\DelayAPO.dll 2015-01-15 14:34 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-01-15 14:34 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-01-15 14:34 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-01-15 14:34 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-01-15 14:34 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2015-01-15 14:34 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2015-01-15 14:34 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2015-01-15 00:07 - 2015-01-15 00:07 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies 2015-01-15 00:07 - 2015-01-15 00:07 - 00000000 ____D () C:\Program Files\AMD 2015-01-15 00:05 - 2015-01-20 23:54 - 00089692 _____ () C:\windows\DPINST.LOG 2015-01-15 00:05 - 2014-11-21 03:44 - 11076784 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atidxx64.dll 2015-01-15 00:05 - 2014-11-21 03:44 - 09401480 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atidxx32.dll 2015-01-15 00:05 - 2014-11-21 03:44 - 01348928 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\aticfx64.dll 2015-01-15 00:05 - 2014-11-21 03:44 - 01127496 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\aticfx32.dll 2015-01-15 00:05 - 2014-11-21 03:44 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiuxp64.dll 2015-01-15 00:05 - 2014-11-21 03:44 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiuxpag.dll 2015-01-15 00:05 - 2014-11-21 03:44 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiu9p64.dll 2015-01-15 00:05 - 2014-11-21 03:44 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiu9pag.dll 2015-01-15 00:05 - 2014-11-21 03:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll 2015-01-15 00:05 - 2014-11-21 03:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll 2015-01-15 00:05 - 2014-11-21 03:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll 2015-01-15 00:05 - 2014-11-21 03:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll 2015-01-15 00:05 - 2014-11-21 03:43 - 08379720 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd6a.dll 2015-01-15 00:05 - 2014-11-21 03:43 - 08369408 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd64.dll 2015-01-15 00:05 - 2014-11-21 03:43 - 07558816 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdva.dll 2015-01-15 00:05 - 2014-11-21 03:43 - 07077776 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdag.dll 2015-01-15 00:05 - 2014-11-21 03:40 - 18959360 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\SETCBD8.tmp 2015-01-15 00:05 - 2014-11-21 03:40 - 18959360 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmdag.sys 2015-01-15 00:05 - 2014-11-21 03:33 - 00235008 _____ () C:\windows\system32\clinfo.exe 2015-01-15 00:05 - 2014-11-21 03:33 - 00098816 _____ (Advanced Micro Devices Inc.) C:\windows\system32\OpenVideo64.dll 2015-01-15 00:05 - 2014-11-21 03:33 - 00086528 _____ (Advanced Micro Devices Inc.) C:\windows\system32\OVDecode64.dll 2015-01-15 00:05 - 2014-11-21 03:33 - 00083456 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\OpenVideo.dll 2015-01-15 00:05 - 2014-11-21 03:33 - 00073216 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\OVDecode.dll 2015-01-15 00:05 - 2014-11-21 03:24 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atio6axx.dll 2015-01-15 00:05 - 2014-11-21 03:19 - 23621632 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atioglxx.dll 2015-01-15 00:05 - 2014-11-21 03:18 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantle64.dll 2015-01-15 00:05 - 2014-11-21 03:18 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantle32.dll 2015-01-15 00:05 - 2014-11-21 03:17 - 03437632 _____ () C:\windows\system32\atiumd6a.cap 2015-01-15 00:05 - 2014-11-21 03:17 - 00062464 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalrt64.dll 2015-01-15 00:05 - 2014-11-21 03:17 - 00052224 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalrt.dll 2015-01-15 00:05 - 2014-11-21 03:16 - 15716352 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticaldd64.dll 2015-01-15 00:05 - 2014-11-21 03:16 - 14302208 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticaldd.dll 2015-01-15 00:05 - 2014-11-21 03:16 - 00204952 _____ () C:\windows\SysWOW64\ativvsvl.dat 2015-01-15 00:05 - 2014-11-21 03:16 - 00204952 _____ () C:\windows\system32\ativvsvl.dat 2015-01-15 00:05 - 2014-11-21 03:16 - 00157144 _____ () C:\windows\SysWOW64\ativvsva.dat 2015-01-15 00:05 - 2014-11-21 03:16 - 00157144 _____ () C:\windows\system32\ativvsva.dat 2015-01-15 00:05 - 2014-11-21 03:13 - 03471376 _____ () C:\windows\SysWOW64\SETF260.tmp 2015-01-15 00:05 - 2014-11-21 03:13 - 03471376 _____ () C:\windows\SysWOW64\atiumdva.cap 2015-01-15 00:05 - 2014-11-21 03:13 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantleaxl64.dll 2015-01-15 00:05 - 2014-11-21 03:13 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantleaxl32.dll 2015-01-15 00:05 - 2014-11-21 03:12 - 00774656 _____ (AMD) C:\windows\system32\atieclxx.exe 2015-01-15 00:05 - 2014-11-21 03:12 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll 2015-01-15 00:05 - 2014-11-21 03:12 - 00244736 _____ (AMD) C:\windows\system32\atiesrxx.exe 2015-01-15 00:05 - 2014-11-21 03:12 - 00190976 _____ (AMD) C:\windows\system32\atitmm64.dll 2015-01-15 00:05 - 2014-11-21 03:12 - 00031232 _____ (AMD) C:\windows\system32\atimuixx.dll 2015-01-15 00:05 - 2014-11-21 03:10 - 00843776 _____ (AMD) C:\windows\system32\coinst_14.50.dll 2015-01-15 00:05 - 2014-11-21 03:09 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6pxx.dll 2015-01-15 00:05 - 2014-11-21 03:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiglpxx.dll 2015-01-15 00:05 - 2014-11-21 03:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiglpxx.dll 2015-01-15 00:05 - 2014-11-21 03:08 - 00589312 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmpag.sys 2015-01-15 00:05 - 2014-11-21 03:08 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll 2015-01-15 00:05 - 2014-11-21 03:08 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll 2015-01-15 00:05 - 2014-09-18 17:22 - 00238144 _____ () C:\windows\system32\ativvaxy_cz_nd.dat 2015-01-15 00:05 - 2014-09-03 20:26 - 00323252 _____ () C:\windows\system32\ativvaxy_vi.dat 2015-01-15 00:05 - 2014-09-03 19:40 - 00321712 _____ () C:\windows\system32\ativvaxy_vi_nd.dat 2015-01-15 00:05 - 2014-08-29 16:43 - 00158944 _____ () C:\windows\system32\ativce03.dat 2015-01-15 00:05 - 2014-08-20 20:35 - 00234292 _____ () C:\windows\system32\ativvaxy_cik.dat 2015-01-15 00:05 - 2014-08-20 20:33 - 00232624 _____ () C:\windows\system32\ativvaxy_cik_nd.dat 2015-01-15 00:05 - 2014-08-14 18:54 - 00083312 _____ () C:\windows\system32\ativce02.dat 2015-01-15 00:05 - 2014-04-01 06:21 - 00734861 _____ () C:\windows\system32\atiicdxx.dat 2015-01-15 00:05 - 2013-04-10 16:34 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\ATIODE.exe 2015-01-15 00:05 - 2013-04-10 16:34 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\ATIODCLI.exe 2015-01-15 00:05 - 2011-09-12 23:06 - 00003917 _____ () C:\windows\SysWOW64\atipblag.dat 2015-01-15 00:05 - 2011-09-12 23:06 - 00003917 _____ () C:\windows\system32\atipblag.dat 2015-01-15 00:04 - 2014-11-21 03:41 - 00294600 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdacpksd.sys 2015-01-15 00:04 - 2014-11-21 03:33 - 47899136 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl64.dll 2015-01-15 00:04 - 2014-11-21 03:33 - 01187342 _____ () C:\windows\system32\amdocl_as64.exe 2015-01-15 00:04 - 2014-11-21 03:33 - 01061902 _____ () C:\windows\system32\amdocl_ld64.exe 2015-01-15 00:04 - 2014-11-21 03:33 - 00995342 _____ () C:\windows\SysWOW64\amdocl_as32.exe 2015-01-15 00:04 - 2014-11-21 03:33 - 00798734 _____ () C:\windows\SysWOW64\amdocl_ld32.exe 2015-01-15 00:04 - 2014-11-21 03:32 - 40987136 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\SET3817.tmp 2015-01-15 00:04 - 2014-11-21 03:32 - 40987136 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl.dll 2015-01-15 00:04 - 2014-11-21 03:31 - 00065024 _____ (Khronos Group) C:\windows\system32\OpenCL.dll 2015-01-15 00:04 - 2014-11-21 03:31 - 00058880 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll 2015-01-15 00:04 - 2014-11-21 03:19 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmmcl6.dll 2015-01-15 00:04 - 2014-11-21 03:19 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmmcl.dll 2015-01-15 00:04 - 2014-11-21 03:18 - 05837312 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmantle64.dll 2015-01-15 00:04 - 2014-11-21 03:17 - 00631912 _____ () C:\windows\SysWOW64\atiapfxx.blb 2015-01-15 00:04 - 2014-11-21 03:17 - 00631912 _____ () C:\windows\system32\SETB921.tmp 2015-01-15 00:04 - 2014-11-21 03:17 - 00631912 _____ () C:\windows\system32\atiapfxx.blb 2015-01-15 00:04 - 2014-11-21 03:17 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiapfxx.exe 2015-01-15 00:04 - 2014-11-21 03:16 - 00055808 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalcl64.dll 2015-01-15 00:04 - 2014-11-21 03:16 - 00049152 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalcl.dll 2015-01-15 00:04 - 2014-11-21 03:15 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmantle32.dll 2015-01-15 00:04 - 2014-11-21 03:09 - 01214976 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll 2015-01-15 00:04 - 2014-11-21 03:09 - 00903168 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll 2015-01-15 00:04 - 2014-11-21 03:08 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\ati2erec.dll 2015-01-15 00:04 - 2014-09-24 07:36 - 00765851 _____ () C:\windows\system32\amdicdxx.dat 2015-01-15 00:04 - 2014-08-29 15:08 - 00157248 _____ () C:\windows\system32\amde31a.dat 2015-01-15 00:04 - 2013-04-10 16:34 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atibtmon.exe 2015-01-14 23:40 - 2015-01-31 09:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax 2015-01-14 23:40 - 2015-01-31 09:46 - 00000000 ____D () C:\Program Files (x86)\Innovative Solutions 2015-01-14 23:40 - 2015-01-31 09:45 - 00000000 ____D () C:\Users\mirra\AppData\Local\Innovative Solutions 2015-01-14 23:40 - 2015-01-14 23:40 - 00002578 _____ () C:\windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c 2015-01-14 23:40 - 2015-01-14 23:40 - 00001194 _____ () C:\Users\mirra\Desktop\DriverMax.lnk 2015-01-14 23:40 - 2015-01-14 23:40 - 00000304 _____ () C:\windows\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c.job 2015-01-14 23:40 - 2015-01-14 23:40 - 00000000 ____D () C:\Users\mirra\AppData\Roaming\Innovative Solutions 2015-01-14 23:38 - 2015-01-14 23:38 - 05714424 _____ (Innovative Solutions ) C:\Users\mirra\Downloads\drivermax_7_48_cnet.exe 2015-01-14 23:11 - 2015-01-14 23:11 - 00000000 ____D () C:\windows\pss 2015-01-14 18:20 - 2015-01-14 21:53 - 00030953 _____ () C:\Users\mirra\energy-report.html 2015-01-14 17:15 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll 2015-01-14 17:15 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys 2015-01-14 17:15 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe 2015-01-14 17:15 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll 2015-01-14 17:15 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll 2015-01-14 17:15 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll 2015-01-10 18:20 - 2015-01-10 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2015-01-10 18:16 - 2015-01-10 18:16 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft 2015-01-10 08:20 - 2015-01-10 08:28 - 00000000 ____D () C:\Users\mirra\Documents\PDF ksiazki 2015-01-04 19:25 - 2015-01-04 19:25 - 00000000 ___RD () C:\Users\mirra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-31 10:52 - 2009-07-14 05:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-31 10:52 - 2009-07-14 05:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-31 10:49 - 2011-09-20 22:30 - 14650550 _____ () C:\windows\system32\perfh015.dat 2015-01-31 10:49 - 2011-09-20 22:30 - 05093218 _____ () C:\windows\system32\perfc015.dat 2015-01-31 10:49 - 2009-07-14 06:13 - 00006862 _____ () C:\windows\system32\PerfStringBackup.INI 2015-01-31 10:48 - 2014-03-01 20:00 - 01182897 _____ () C:\windows\WindowsUpdate.log 2015-01-31 10:44 - 2014-05-17 23:38 - 00018200 _____ () C:\windows\setupact.log 2015-01-31 10:26 - 2012-01-26 23:57 - 00000000 ____D () C:\Users\mirra\AppData\Local\CrashDumps 2015-01-31 10:05 - 2011-09-20 06:05 - 00000000 ____D () C:\windows\SysWOW64\RTCOM 2015-01-31 09:55 - 2012-07-30 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-01-31 09:53 - 2013-05-19 21:06 - 00000000 ____D () C:\Users\mirra\Documents\Youcam 2015-01-31 09:51 - 2012-02-06 13:29 - 00000000 ____D () C:\Users\mirra\AppData\Roaming\Mozilla 2015-01-31 09:48 - 2014-07-25 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro 2015-01-31 09:48 - 2014-07-25 15:08 - 00000000 ____D () C:\Program Files\FileViewPro 2015-01-31 09:48 - 2011-12-26 11:41 - 00000000 ____D () C:\Users\mirra 2015-01-31 09:47 - 2014-12-04 20:46 - 00000000 ____D () C:\Users\mirra\AppData\Roaming\uTorrent 2015-01-31 09:47 - 2014-09-04 21:58 - 00000000 ____D () C:\Users\mirra\Desktop\OpenOffice 4.1.0 (pl) Installation Files 2015-01-31 09:47 - 2014-07-14 16:15 - 00000000 ____D () C:\Users\mirra\AppData\Local\gtk-2.0 2015-01-31 09:47 - 2014-07-09 20:08 - 00000000 ____D () C:\Users\mirra\Desktop\Stare dane programu Firefox 2015-01-31 09:47 - 2014-05-18 22:08 - 00000000 ____D () C:\Users\mirra\Downloads\VCR446Free 2015-01-31 09:47 - 2014-03-09 00:54 - 00000000 ____D () C:\Users\Gość 2015-01-31 09:47 - 2012-09-16 09:41 - 00000000 ____D () C:\Users\mirra\AppData\Roaming\GanymedeNet 2015-01-31 09:47 - 2012-02-16 20:02 - 00000000 ____D () C:\Users\mirra\Downloads\SopCast-3.2.4-2009-7-9 2015-01-31 09:47 - 2012-02-03 17:53 - 00000000 ____D () C:\Users\mirra\Downloads\odin 2015-01-31 09:47 - 2012-01-01 11:44 - 00000000 ____D () C:\Users\mirra\AppData\Roaming\Skype 2015-01-31 09:47 - 2009-07-14 04:20 - 00000000 ___HD () C:\windows\system32\GroupPolicy 2015-01-31 09:46 - 2014-12-04 20:47 - 00000000 ____D () C:\Program Files (x86)\uTorrent 2015-01-31 09:46 - 2014-11-16 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-01-31 09:46 - 2014-11-12 22:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-31 09:46 - 2014-10-31 09:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak 2015-01-31 09:46 - 2014-03-09 00:54 - 00000000 ___RD () C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-01-31 09:46 - 2014-03-09 00:54 - 00000000 ___RD () C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-31 09:46 - 2012-11-06 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-01-31 09:46 - 2012-09-16 09:40 - 00000000 ____D () C:\Program Files (x86)\Ganymede 2015-01-31 09:46 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration 2015-01-31 09:45 - 2014-07-10 22:16 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2015-01-31 09:44 - 2013-05-19 21:22 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-27 21:03 - 2014-11-17 13:51 - 00034375 _____ () C:\Users\mirra\Downloads\readme.txt 2015-01-27 21:03 - 2014-11-17 13:51 - 00022536 _____ () C:\Users\mirra\Downloads\USBDeview.chm 2015-01-27 17:56 - 2012-01-08 22:26 - 00000000 ____D () C:\Users\mirra\AppData\Roaming\PrimoPDF 2015-01-25 20:28 - 2014-02-27 23:18 - 00000000 ____D () C:\ProgramData\Oracle 2015-01-21 18:36 - 2012-01-04 12:07 - 00000000 ____D () C:\Users\mirra\Documents\HANIA 2015-01-21 17:50 - 2014-07-12 00:17 - 00000000 ____D () C:\Users\mirra\.gimp-2.8 2015-01-20 20:54 - 2013-11-01 19:45 - 00002321 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk 2015-01-15 06:08 - 2014-05-17 23:38 - 00002952 _____ () C:\windows\PFRO.log 2015-01-15 05:55 - 2013-08-04 10:38 - 00000000 ____D () C:\windows\system32\MRT 2015-01-15 05:55 - 2012-03-03 17:48 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-01-14 22:14 - 2012-04-15 22:48 - 00004056 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-01-14 22:14 - 2012-04-15 22:48 - 00000930 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2015-01-14 18:49 - 2011-02-11 20:57 - 00000000 ____D () C:\windows\Panther 2015-01-14 18:48 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2015-01-14 18:46 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-01-14 18:46 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar 2015-01-14 18:46 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-14 18:45 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar 2015-01-14 18:45 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker 2015-01-14 18:44 - 2011-09-20 22:22 - 00000000 ___RD () C:\Users\Public\Recorded TV 2015-01-14 18:44 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\PolicyDefinitions 2015-01-14 17:15 - 2013-10-10 21:12 - 00007618 _____ () C:\Users\mirra\AppData\Local\resmon.resmoncfg 2015-01-13 19:45 - 2012-04-15 22:48 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-01-13 19:45 - 2012-04-15 22:48 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-10 19:47 - 2012-09-19 21:55 - 00000000 ____D () C:\Users\mirra\AppData\Roaming\Dropbox 2015-01-10 12:21 - 2013-03-09 21:36 - 01924232 _____ () C:\Users\mirra\Downloads\Adaware_Installer.exe 2015-01-10 08:29 - 2012-11-12 15:19 - 00000000 ____D () C:\Users\mirra\Documents\ALA 2015-01-10 07:58 - 2012-02-06 12:59 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-01-09 11:34 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF 2015-01-08 21:26 - 2014-07-12 00:14 - 00000000 ____D () C:\Program Files\GIMP 2 2015-01-08 20:11 - 2014-07-12 00:16 - 00001116 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe 2015-01-05 16:39 - 2013-05-19 22:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-01-05 13:29 - 2014-02-27 23:47 - 00000000 ____D () C:\Users\mirra\SputnikApplets 2015-01-03 16:11 - 2013-07-06 16:42 - 00000000 ____D () C:\Users\mirra\AppData\Roaming\.minecraft 2015-01-02 05:05 - 2013-05-09 09:36 - 00000000 ____D () C:\Users\mirra\.thumbnails ==================== Files in the root of some directories ======= 2014-05-18 22:31 - 2014-05-25 14:49 - 0000185 _____ () C:\Users\mirra\AppData\Roaming\burnaware.ini 2012-01-26 23:23 - 2012-02-03 14:25 - 0026624 _____ () C:\Users\mirra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-10-14 13:50 - 2012-10-14 13:50 - 0000093 _____ () C:\Users\mirra\AppData\Local\fusioncache.dat 2015-01-27 17:55 - 2015-01-27 17:55 - 0073791 _____ () C:\Users\mirra\AppData\Local\recently-used.xbel 2013-10-10 21:12 - 2015-01-14 17:15 - 0007618 _____ () C:\Users\mirra\AppData\Local\resmon.resmoncfg 2012-02-02 12:35 - 2012-02-02 12:35 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Files to move or delete: ==================== C:\Users\mirra\xobglu16.dll C:\Users\mirra\xobglu32.dll Some content of TEMP: ==================== C:\Users\mirra\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7zju1e.dll C:\Users\mirra\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbg7rdd.dll C:\Users\mirra\AppData\Local\Temp\ICReinstall_GIMP(13219).exe C:\Users\mirra\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe C:\Users\mirra\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-29 10:57 ==================== End Of Log ============================