Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2015 01 Ran by Administrator (administrator) on COMP on 22-02-2015 03:29:42 Running from C:\Pobrane Loaded Profiles: Administrator (Available profiles: Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 2 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (SafeBoot International) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe () C:\Program Files\CDBurnerXP\NMSAccessU.exe (PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe (Secunia) C:\Program Files\Secunia\PSI\sua.exe (StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe () C:\Program Files\Synergy\synergyd.exe (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe () C:\Program Files\Synergy\synergyc.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe (Microsoft Corporation) C:\WINDOWS\system32\mqtgsvc.exe (Cognizance Corporation) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe (Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe () C:\WINDOWS\SMINST\Scheduler.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe () C:\Program Files\NetMeter\NetMeter.exe () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe (Microsoft Corporation) C:\PROGRA~1\MI3AA1~1\rapimgr.exe (Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Farbar) C:\Pobrane\FRST(1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [872448 2007-01-05] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [729088 2006-07-13] (Analog Devices, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [827392 2007-01-12] (Synaptics, Inc.) HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [472776 2007-03-01] (Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [QlbCtrl] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [163840 2007-05-02] ( Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule HKLM\...\Run: [Recguard] => C:\WINDOWS\Sminst\Recguard.exe [1187840 2005-12-20] () HKLM\...\Run: [Reminder] => C:\WINDOWS\Creator\Remind_XP.exe [806912 2006-03-09] () HKLM\...\Run: [Scheduler] => C:\WINDOWS\SMINST\Scheduler.exe [697976 2006-10-09] () HKLM\...\Run: [HP Software Update] => c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49152 2005-02-16] (Hewlett-Packard Co.) HKLM\...\Run: [WatchDog] => C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [192512 2007-05-23] (InterVideo Inc.) HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [6756048 2012-11-08] (COMODO) HKLM\...\Run: [ISUSPM Startup] => c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [249856 2005-08-11] (Macrovision Corporation) HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) Winlogon\Notify\OneCard: C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation) HKLM\...\Policies\Explorer: [NoCDBurning] 0 HKU\S-1-5-21-930937098-913052002-1719301174-500\...\Run: [C:\Program Files\NetMeter\NetMeter.exe] => C:\Program Files\NetMeter\NetMeter.exe [331264 2007-08-11] () HKU\S-1-5-21-930937098-913052002-1719301174-500\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation) HKU\S-1-5-21-930937098-913052002-1719301174-500\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) HKU\S-1-5-21-930937098-913052002-1719301174-500\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung) HKU\S-1-5-21-930937098-913052002-1719301174-500\...\MountPoints2: {228c6542-6ecb-11e4-870d-000b6aa4cc10} - G:\LGAutoRun.exe HKU\S-1-5-21-930937098-913052002-1719301174-500\...\MountPoints2: {a1b76a1c-8975-11e1-ae32-001a4b786594} - G:\Startme.exe HKU\S-1-5-21-930937098-913052002-1719301174-500\...\MountPoints2: {e89ef39a-09ff-11e0-894e-001a4b786594} - G:\LaunchU3.exe -a HKU\S-1-5-21-930937098-913052002-1719301174-500\...\MountPoints2: {ef3d9146-c6ac-11e2-94f6-001a73c06dc6} - G:\LGAutoRun.exe AppInit_DLLs: apshook.dll => C:\WINDOWS\system32\apshook.dll [70144 2007-02-26] (Bioscrypt Inc.) AppInit_DLLs: c:\windows\system32\guard32.dll => c:\windows\system32\guard32.dll [301264 2012-11-08] (COMODO) Lsa: [Notification Packages] SbHpNp scecli ASWLNPkg Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\CCC.lnk ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.) Startup: C:\Documents and Settings\Default User\Menu Start\Programy\Autostart\CCC.lnk ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-930937098-913052002-1719301174-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File BHO: No Name -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: FDMIECookiesBHO Class -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll () BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Tcpip\Parameters: [DhcpNameServer] 79.139.52.1 8.8.8.8 Tcpip\..\Interfaces\{58F9A029-9807-4416-8FF7-6100140AA40C}: [NameServer] 8.8.8.8,8.8.4.4 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default FF Homepage: about:home FF Keyword.URL: FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npganymedenet.dll ( ) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.) FF SearchPlugin: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\searchplugins\ceneo.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\searchplugins\szukaj-chomikuj.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\searchplugins\tablicapl.xml FF SearchPlugin: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml FF Extension: QuickFox Notes - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\Extensions\amin.eft_bmnotes@gmail.com [2014-11-20] FF Extension: FileSonic Affiliate Plugin - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\Extensions\affiliates.firefox@addons.filesonic.com.xpi [2011-12-21] FF Extension: Awesome screenshot: Capture and Annotate - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2013-01-06] FF Extension: YouTube to MP3 - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\Extensions\youtube2mp3@mondayx.de.xpi [2013-10-20] FF Extension: Flagfox - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-06] FF Extension: Yandex TYC + Google PR indicator - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\Extensions\{6e47e7c0-4166-11df-9879-0800200c9a66}.xpi [2011-10-15] FF Extension: Easy Youtube Video Downloader Express - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2013-10-20] FF Extension: Easy YouTube Video Downloader - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2011-10-15] FF Extension: Adblock Plus - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-09-28] FF Extension: Greasemonkey - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\h2ux5t3w.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-08-28] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-26] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-10-26] FF HKU\S-1-5-21-930937098-913052002-1719301174-500\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi Chrome: ======= CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [74240 2007-02-07] (Cognizance Corporation) [File not signed] R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll [131584 2006-06-22] (Cognizance Corporation) [File not signed] S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) R2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [266295 2007-02-06] (Broadcom Corporation.) [File not signed] R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1990464 2012-11-08] (COMODO) R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [221184 2007-03-29] (SafeBoot International) [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [161768 2012-10-29] (Oracle Corporation) R2 MSMQ; C:\WINDOWS\system32\mqsvc.exe [4608 2009-06-22] (Microsoft Corporation) R2 MSMQTriggers; C:\WINDOWS\system32\mqtgsvc.exe [117248 2009-06-22] (Microsoft Corporation) R2 NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] () S2 PCA; C:\WINDOWS\SMINST\PCAngel.exe [294912 2006-01-12] (SoftThinks) [File not signed] R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [540448 2007-05-08] (PDF Complete Inc) S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [994360 2011-10-14] (Secunia) R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2011-10-14] (Secunia) S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed] S3 stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-11-01] (MicroVision Development, Inc.) [File not signed] R2 Synergy; C:\Program Files\Synergy\synergyd.exe [318976 2013-05-03] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-07-01] (Advanced Micro Devices) S3 AndNetDiag; C:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [23040 2012-07-03] (LG Electronics Inc.) S3 ANDNetModem; C:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.) S3 andnetndis; C:\WINDOWS\System32\DRIVERS\lgandnetndis.sys [70400 2012-07-04] (LG Electronics Inc.) R3 ATSWPDRV; C:\WINDOWS\System32\DRIVERS\ATSwpDrv.sys [140808 2007-04-10] (AuthenTec, Inc.) S3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [604928 2006-11-02] (Broadcom Corporation) R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [530861 2007-02-14] (Broadcom Corporation.) R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [868298 2007-02-14] (Broadcom Corporation.) S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [67960 2007-02-14] (Broadcom Corporation.) S2 BulkUsb; C:\WINDOWS\System32\DRIVERS\usbscan.sys [15104 2004-08-03] (Microsoft Corporation) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation) S3 CH341SER; C:\WINDOWS\System32\Drivers\CH341SER.SYS [37488 2007-09-23] (www.winchiphead.com) [File not signed] R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [18096 2012-11-08] (COMODO) R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [497952 2012-11-08] (COMODO) R1 eabfiltr; C:\WINDOWS\System32\DRIVERS\eabfiltr.sys [8192 2006-11-30] (Hewlett-Packard Development Company, L.P.) S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [60552 2010-11-16] (FTDI Ltd.) R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed] S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-04-23] (LogMeIn, Inc.) R3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [36608 2006-09-19] (Infineon Technologies AG) R3 LgBttPort; C:\WINDOWS\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.) R3 lgbusenum; C:\WINDOWS\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.) S3 lgmdbus; C:\WINDOWS\System32\DRIVERS\lgmdbus.sys [89600 2008-07-08] (MCCI Corporation) S3 lgmdmdfl; C:\WINDOWS\System32\DRIVERS\lgmdmdfl.sys [14976 2008-07-08] (MCCI Corporation) S3 lgmdmdm; C:\WINDOWS\System32\DRIVERS\lgmdmdm.sys [121344 2008-07-08] (MCCI Corporation) S3 lgmdmgmt; C:\WINDOWS\System32\DRIVERS\lgmdmgmt.sys [114944 2008-07-08] (MCCI Corporation) S3 lgmdobex; C:\WINDOWS\System32\DRIVERS\lgmdobex.sys [111232 2008-07-08] (MCCI Corporation) R3 LGVMODEM; C:\WINDOWS\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.) R3 mcdbus; C:\WINDOWS\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed] R3 MQAC; C:\WINDOWS\system32\drivers\mqac.sys [91776 2009-06-22] (Microsoft Corporation) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-03] (Microsoft Corporation) S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.) S3 NSNDIS5; C:\WINDOWS\system32\NSNDIS5.SYS [17280 2004-03-24] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] S3 PAC7311; C:\WINDOWS\System32\DRIVERS\PA707UCM.SYS [530304 2006-11-08] (PixArt Imaging Inc.) [File not signed] S3 PCANDIS5_WIFISCAN.SYS; C:\Program Files\eEye Digital Security\Retina Wireless Scanner\PCANDIS5_WIFISCAN.SYS [22131 2004-06-03] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia) R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [36528 2006-07-24] (Sonic Solutions) [File not signed] S3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) R1 RsvLock; C:\WINDOWS\system32\Drivers\RsvLock.sys [5808 2007-02-07] (SafeBoot International) [File not signed] R0 SafeBoot; C:\WINDOWS\system32\Drivers\SafeBoot.sys [100495 2007-02-07] () [File not signed] R0 SbAlg; C:\WINDOWS\system32\Drivers\SbAlg.sys [44720 2006-10-09] (SafeBoot N.V.) [File not signed] R0 SbFsLock; C:\WINDOWS\system32\Drivers\SbFsLock.sys [13696 2007-03-29] (SafeBoot International) S3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [36425 2001-10-26] (SMC) R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [File not signed] R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [466008 2013-03-03] (Duplex Secure Ltd.) S3 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed] S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation) U3 a9pidg7y; C:\WINDOWS\system32\Drivers\a9pidg7y.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder) U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-22 02:20 - 2015-02-22 02:20 - 00114688 _____ (SoftThinks) C:\WINDOWS\system32\chg.exe 2015-02-21 22:02 - 2015-02-21 22:03 - 00005423 _____ () C:\WINDOWS\setupapi.log 2015-02-21 16:16 - 2015-02-21 16:16 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit\STAŻ MONIKA WALAT 2015-02-20 13:13 - 2015-02-20 13:13 - 00090996 _____ () C:\Documents and Settings\Administrator\Moje dokumenty\cc_20150220_131331.reg 2015-02-20 11:18 - 2015-02-20 11:18 - 00000000 ____D () C:\WINDOWS\CSC 2015-02-20 02:03 - 2015-02-22 03:30 - 00000000 ____D () C:\FRST 2015-02-14 00:16 - 2015-02-14 00:16 - 00000000 _____ () C:\Documents and Settings\Administrator\Pulpit\Nowy Dokument tekstowy.txt 2015-02-11 06:04 - 2015-02-11 22:33 - 00000000 ____D () C:\WINDOWS\system32\MpEngineStore 2015-02-11 06:01 - 2015-02-11 06:01 - 00000000 ____D () C:\56c17b0f67b61b0ab6adbcad2df9eb 2015-02-05 13:48 - 2015-02-05 13:51 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe 2015-02-04 15:25 - 2015-02-04 15:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\Adobe 2015-01-31 18:42 - 2015-01-31 18:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit\dla artura z komórki 2015-01-26 08:29 - 2015-01-26 08:31 - 00000000 ____D () C:\Program Files\Mozilla Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-22 03:33 - 2007-07-28 08:40 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp 2015-02-22 03:29 - 2010-10-25 23:25 - 00000000 ____D () C:\Pobrane 2015-02-22 03:28 - 2010-12-13 21:02 - 01474832 _____ () C:\WINDOWS\system32\Drivers\sfi.dat 2015-02-22 03:00 - 2010-10-31 10:03 - 01188372 _____ () C:\WINDOWS\WindowsUpdate.log 2015-02-22 02:22 - 2007-07-28 01:07 - 00000000 ____D () C:\WINDOWS\SMINST 2015-02-22 02:20 - 2010-11-02 11:00 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-02-22 02:20 - 2010-11-02 11:00 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-02-22 02:19 - 2004-09-20 07:24 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-02-21 21:14 - 2011-10-23 19:06 - 00002551 _____ () C:\Documents and Settings\Administrator\Pulpit\CorelDRAW X3.lnk 2015-02-21 16:18 - 2007-07-28 00:32 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt 2015-02-21 16:18 - 2004-09-20 07:24 - 00032628 _____ () C:\WINDOWS\SchedLgU.Txt 2015-02-21 16:16 - 2011-02-14 20:47 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit\zdjęcia różne Natalii 2015-02-21 16:16 - 2007-07-28 08:40 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit 2015-02-21 16:06 - 2013-02-08 21:30 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2015-02-21 16:06 - 2007-07-28 08:40 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji 2015-02-21 16:06 - 2007-07-28 08:40 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji 2015-02-21 15:56 - 2011-11-18 22:11 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\TeraCopy 2015-02-21 15:44 - 2007-07-28 08:40 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-02-20 19:58 - 2010-12-31 14:49 - 00006221 _____ () C:\WINDOWS\wincmd.ini 2015-02-20 13:22 - 2004-09-20 07:20 - 00580934 _____ () C:\WINDOWS\system32\perfh015.dat 2015-02-20 13:22 - 2004-09-20 07:20 - 00115052 _____ () C:\WINDOWS\system32\perfc015.dat 2015-02-20 13:21 - 2004-09-20 07:20 - 01322520 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-02-20 13:13 - 2007-07-28 08:40 - 00000000 ___RD () C:\Documents and Settings\Administrator\Moje dokumenty 2015-02-20 13:07 - 2007-07-28 08:40 - 00000000 ____D () C:\Documents and Settings\Administrator 2015-02-20 11:20 - 2004-09-20 07:24 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2015-02-19 22:19 - 2010-11-02 19:51 - 00000095 _____ () C:\WINDOWS\winamp.ini 2015-02-13 23:40 - 2004-09-20 07:23 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl 2015-02-13 19:37 - 2010-10-28 18:30 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\XnView 2015-02-12 05:38 - 2011-11-16 20:17 - 00047900 _____ () C:\WINDOWS\FontData.fdb 2015-02-12 01:42 - 2011-06-11 15:59 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ChomikBox 2015-02-12 01:41 - 2011-11-20 22:34 - 00000000 ____D () C:\Documents and Settings\Administrator\.gstreamer-0.10 2015-02-11 06:02 - 2011-02-10 08:45 - 113756392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-02-10 13:49 - 2012-05-10 17:05 - 00002315 _____ () C:\Documents and Settings\Administrator\Pulpit\opłaty.txt 2015-02-06 05:29 - 2012-09-16 19:59 - 00000000 ___RD () C:\Documents and Settings\Administrator\Moje dokumenty\Dropbox 2015-02-06 05:28 - 2012-09-16 19:53 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\Dropbox 2015-02-05 13:50 - 2012-07-29 12:29 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-02-05 13:50 - 2011-08-06 11:12 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-02-05 04:49 - 2010-12-31 14:51 - 00002404 _____ () C:\WINDOWS\wcx_ftp.ini 2015-02-04 13:55 - 2010-11-24 22:09 - 01197072 ___SH () C:\Documents and Settings\Administrator\Pulpit\Thumbs.db 2015-02-02 03:24 - 2014-06-29 22:18 - 00000290 _____ () C:\Documents and Settings\Administrator\Pulpit\neobus.txt 2015-01-27 06:51 - 2012-04-27 09:24 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service ==================== Files in the root of some directories ======= 2010-12-21 10:35 - 2014-06-16 01:46 - 0005632 ___SH () C:\Program Files\Thumbs.db 2012-02-15 21:35 - 2012-02-15 21:35 - 0002528 _____ () C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc 2011-01-22 15:58 - 2014-08-03 20:34 - 0027633 _____ () C:\Documents and Settings\Administrator\Dane aplikacji\phpdesigner.xml 2007-07-28 00:51 - 2007-07-28 00:51 - 0000000 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\AtStart.txt 2010-10-30 17:56 - 2013-09-19 19:54 - 0141824 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-03 06:51 - 2015-01-03 06:51 - 0000000 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\FnF4.txt 2007-07-27 23:56 - 2007-07-27 23:56 - 0000138 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat 2011-03-13 20:03 - 2012-02-27 17:06 - 0005534 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\unins000.dat 2012-02-27 17:06 - 2012-02-27 17:06 - 0707504 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\unins000.exe 2012-02-27 16:00 - 2012-02-27 17:06 - 0011761 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\unins000.msg ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================