Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by n (administrator) on OLA on 14-03-2015 06:22:35 Running from C:\Documents and Settings\n\Moje dokumenty\pobrane Loaded Profiles: n (Available profiles: n) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 7 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (All) ========================= (Microsoft Corporation) C:\WINDOWS\system32\smss.exe (Microsoft Corporation) C:\WINDOWS\system32\csrss.exe (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation) C:\WINDOWS\system32\services.exe (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe (Teruten) C:\WINDOWS\system32\FsUsbExService.Exe (Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) C:\WINDOWS\system32\alg.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) C:\WINDOWS\explorer.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\ACPI\AsEPCMon.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Intel Corporation) C:\WINDOWS\system32\igfxext.exe (Microsoft Corporation) C:\WINDOWS\system32\ctfmon.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (ASUSTeK Computer Inc.) C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\wmiprvse.exe (Farbar) C:\Documents and Settings\n\Moje dokumenty\pobrane\FRST.exe ==================== Registry (All) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16855040 2008-09-18] (Realtek Semiconductor Corp.) HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [135168 2007-12-19] (Intel Corporation) HKLM\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe [159744 2007-12-19] (Intel Corporation) HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe [131072 2007-12-19] (Intel Corporation) HKLM\...\Run: [AsusTray] => C:\Program Files\EeePC\ACPI\AsTray.exe [114688 2008-12-04] (ASUSTeK Computer Inc.) HKLM\...\Run: [AsusACPIServer] => C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [622592 2008-12-17] (ASUSTeK Computer Inc.) HKLM\...\Run: [AsusEPCMonitor] => C:\Program Files\EeePC\ACPI\AsEPCMon.exe [94208 2008-05-21] (ASUSTeK Computer Inc.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation) HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe, [26624 2008-04-15] (Microsoft Corporation) HKLM\...\Winlogon: [Shell] Explorer.exe [1035264 2008-04-15] (Microsoft Corporation) HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [515072 2008-04-15] (Microsoft Corporation) Winlogon\Notify\crypt32chain: C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation) Winlogon\Notify\cryptnet: C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation) Winlogon\Notify\cscdll: C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation) Winlogon\Notify\dimsntfy: C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\ScCertProp: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation) Winlogon\Notify\Schedule: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation) Winlogon\Notify\sclgntfy: C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation) Winlogon\Notify\SensLogn: C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation) Winlogon\Notify\termsrv: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation) Winlogon\Notify\wlballoon: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation) HKLM\...\Policies\Explorer: [HonorAutoRunSetting] 1 HKU\S-1-5-19\...\Run: [CTFMON.EXE] => C:\WINDOWS\system32\CTFMON.EXE [15360 2008-04-15] (Microsoft Corporation) HKU\S-1-5-19\...\Policies\Explorer: [NoDriveTypeAutoRun] 145 HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\logon.scr [220672 2008-04-15] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [CTFMON.EXE] => C:\WINDOWS\system32\CTFMON.EXE [15360 2008-04-15] (Microsoft Corporation) HKU\S-1-5-20\...\Policies\Explorer: [NoDriveTypeAutoRun] 145 HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\logon.scr [220672 2008-04-15] (Microsoft Corporation) HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [15360 2008-04-15] (Microsoft Corporation) HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\...\Run: [ccleaner] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\...\Policies\Explorer: [NoDriveTypeAutoRun] 145 HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\...\MountPoints2: {13f17bbe-032e-11e3-ae14-0026185b1c8c} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Współczesne_uzbrojenie_WO_PL_ANG.avi HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINDOWS\system32\CTFMON.EXE [15360 2008-04-15] (Microsoft Corporation) HKU\S-1-5-18\...\Policies\Explorer: [NoDriveTypeAutoRun] 145 HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\logon.scr [220672 2008-04-15] (Microsoft Corporation) IFEO\Your Image File Name Here without a path: [Debugger] ntsd -d Lsa: [Authentication Packages] msv1_0 Lsa: [Notification Packages] scecli SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BTTray.lnk ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\SuperHybridEngine.lnk ShortcutTarget: SuperHybridEngine.lnk -> C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.) SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [OverlayIconExtension1] -> {fe25455d-b4c2-4e32-97d2-92632ec1c224} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [OverlayIconExtension2] -> {1fae2d88-a78e-4f03-909f-be818a3c1ce6} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) BootExecute: autocheck autochk * AlternateShell: cmd.exe ==================== Internet (All) =========================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/ HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) URLSearchHook: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 - (No Name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - No File SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo SearchScopes: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-13] (Oracle Corporation) BHO: Pomocnik rejestracji usługi Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-13] (Oracle Corporation) BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation) Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation) Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation) Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation) Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll [2008-04-15] (Microsoft Corporation) Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation) Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation) Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-12] (Microsoft Corporation) Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL [2008-11-20] (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL [2008-11-20] (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL [2008-11-20] (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL [2008-11-20] (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL [2008-11-20] (Microsoft Corporation) Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll [2008-04-15] (Microsoft Corporation) Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation) Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation) Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation) Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll [2011-10-10] (Microsoft Corporation) Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2006-10-26] (Microsoft Corporation) Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll [2008-04-15] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL [2008-11-20] (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL [2008-11-20] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation) Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation) Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation) Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll [2008-04-15] (Microsoft Corporation) Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation) Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll [2008-04-15] (Microsoft Corporation) Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll [2009-02-06] (Microsoft Corporation) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2009-11-07] (Microsoft Corporation) Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2009-11-07] (Microsoft Corporation) Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2009-11-07] (Microsoft Corporation) Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation) Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation) Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\SHELL32.dll [2012-06-08] (Microsoft Corporation) Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL [2008-10-25] (Microsoft Corporation) ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8491520 2012-06-08] (Microsoft Corporation) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217848 2009-02-12] (Microsoft Corporation) Winsock: Catalog5 01 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation) Winsock: Catalog5 03 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 01 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 02 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 03 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation) Winsock: Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation) Winsock: Catalog9 06 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 07 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 08 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 09 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 10 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 11 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 12 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 13 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 14 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 15 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 16 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 17 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 18 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 19 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 20 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 21 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 22 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 23 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 24 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Winsock: Catalog9 25 C:\WINDOWS\system32\mswsock.dll [246784] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 62.179.1.60 62.179.1.61 StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe FireFox: ======== FF ProfilePath: C:\Documents and Settings\n\Dane aplikacji\Mozilla\Firefox\Profiles\e43pkovn.default-1426232573691 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-13] () FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-13] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-13] (Oracle Corporation) FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\allegro-pl.xml [2014-05-29] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\google.xml [2014-05-29] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\merlin-pl.xml [2014-05-29] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pwn-pl.xml [2014-05-29] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wikipedia-pl.xml [2014-05-29] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wolnelektury-pl.xml [2014-05-29] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wp-pl.xml [2014-05-29] FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014-06-18] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-11-09] FF HKLM\...\Mozilla Firefox 30.0\Extensions: [Components] - C:\Program Files\Mozilla Firefox\components FF HKLM\...\Mozilla Firefox 30.0\Extensions: [Plugins] - C:\Program Files\Mozilla Firefox\plugins FF Extension: No Name - C:\Program Files\Mozilla Firefox\plugins [2014-06-18] StartMenuInternet: FIREFOX.EXE - "C:\Program Files\Mozilla Firefox\firefox.exe" Chrome: ======= CHR Profile: C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-03] CHR Extension: (Google Drive) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-03] CHR Extension: (YouTube) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-03] CHR Extension: (Google Search) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-03] CHR Extension: (Gmail) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-03] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [217088 2009-12-22] (Teruten) [File not signed] ==================== Drivers (All) ========================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [188544 2008-04-15] (Microsoft Corporation) R0 ACPIEC; C:\WINDOWS\System32\DRIVERS\ACPIEC.sys [12032 2008-04-15] (Microsoft Corporation) S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) S3 androidusb; C:\WINDOWS\System32\Drivers\ssadadb.sys [30312 2011-07-20] (Google Inc) S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1326528 2008-09-18] (Atheros Communications, Inc.) R3 AsusACPI; C:\WINDOWS\System32\DRIVERS\ASUSACPI.sys [10752 2008-04-08] (ASUSTeK Computer Inc.) S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-15] (Microsoft Corporation) R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation) S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-15] (Microsoft Corporation) R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2008-04-15] (Microsoft Corporation) R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [534568 2008-05-30] (Broadcom Corporation.) R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [37160 2008-02-04] (Broadcom Corporation.) R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [991656 2008-08-19] (Broadcom Corporation.) R3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [156816 2008-07-24] (Broadcom Corporation.) R3 btwhid; C:\WINDOWS\System32\DRIVERS\btwhid.sys [57384 2008-03-10] (Broadcom Corporation.) R3 btwmodem; C:\WINDOWS\System32\DRIVERS\btwmodem.sys [37032 2008-02-04] (Broadcom Corporation.) R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [47272 2008-08-19] (Broadcom Corporation.) S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2008-04-15] (Microsoft Corporation) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2008-04-15] (Microsoft Corporation) S4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-15] (Microsoft Corporation) S1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-15] (Microsoft Corporation) R3 CmBatt; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [13952 2008-04-14] (Microsoft Corporation) R0 Compbatt; C:\WINDOWS\System32\DRIVERS\compbatt.sys [10240 2008-04-14] (Microsoft Corporation) S3 dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [20032 2011-06-07] (Devguru Co., Ltd) R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-15] (Microsoft Corporation) S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [800000 2008-04-15] (Microsoft Corp., Veritas Software) S4 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153856 2008-04-15] (Microsoft Corp., Veritas Software) S4 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2008-04-15] (Microsoft Corp., Veritas Software.) S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation) S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation) S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-15] (Microsoft Corporation) S1 Fdc; C:\WINDOWS\system32\Drivers\Fdc.sys [27392 2008-04-15] (Microsoft Corporation) R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44672 2008-04-15] (Microsoft Corporation) S1 Flpydisk; C:\WINDOWS\system32\Drivers\Flpydisk.sys [20480 2008-04-15] (Microsoft Corporation) R0 FltMgr; C:\WINDOWS\System32\DRIVERS\fltMgr.sys [129792 2008-04-15] (Microsoft Corporation) R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [55152 2009-02-06] (Microsoft Corporation) R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36640 2009-12-22] () [File not signed] U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2008-04-15] (Microsoft Corporation) R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125568 2008-04-15] (Microsoft Corporation) R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-15] (Microsoft Corporation) R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-15] (Windows (R) Server 2003 DDK provider) R3 HidUsb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation) R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) R1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [53248 2008-04-14] (Microsoft Corporation) R3 ialm; C:\WINDOWS\System32\DRIVERS\igxpmp32.sys [5854688 2007-12-19] (Intel Corporation) S1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-15] (Microsoft Corporation) R3 IntcAzAudAddService; C:\WINDOWS\System32\drivers\RtkHDAud.sys [4816896 2008-09-18] (Realtek Semiconductor Corp.) R1 intelppm; C:\WINDOWS\System32\DRIVERS\intelppm.sys [40448 2008-04-15] (Microsoft Corporation) S3 Ip6Fw; C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-15] (Microsoft Corporation) S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-15] (Microsoft Corporation) S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-15] (Microsoft Corporation) R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-15] (Microsoft Corporation) R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-15] (Microsoft Corporation) S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-15] (Microsoft Corporation) R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37632 2008-04-14] (Microsoft Corporation) R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24960 2008-04-15] (Microsoft Corporation) R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation) R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) S3 Ktp; C:\WINDOWS\System32\DRIVERS\ETD.sys [93696 2009-02-12] (ELANTECH Devices Corp.) R3 L1e; C:\WINDOWS\System32\DRIVERS\l1e51x86.sys [38400 2008-09-23] (Atheros Communications, Inc.) R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2008-04-15] (Microsoft Corporation) R3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30208 2008-04-15] (Microsoft Corporation) R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23296 2008-04-14] (Microsoft Corporation) R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2001-10-26] (Microsoft Corporation) R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-15] (Microsoft Corporation) R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-15] (Microsoft Corporation) R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-15] (Microsoft Corporation) S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation) S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation) S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation) R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-15] (Microsoft Corporation) S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Corporation) R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation) R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-15] (Microsoft Corporation) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-15] (Microsoft Corporation) R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-15] (Microsoft Corporation) R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-15] (Microsoft Corporation) R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-15] (Microsoft Corporation) R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-15] (Microsoft Corporation) R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-15] (Microsoft Corporation) R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2008-04-15] (Microsoft Corporation) S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-15] (Microsoft Corporation) S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-15] (Microsoft Corporation) S3 Parport; C:\WINDOWS\system32\Drivers\Parport.sys [80256 2008-04-15] (Microsoft Corporation) R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-15] (Microsoft Corporation) S4 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6912 2008-04-15] (Microsoft Corporation) S3 PCAMPR5; C:\WINDOWS\system32\PCAMPR5.SYS [34688 2003-09-23] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] S3 PCANDIS5; C:\WINDOWS\system32\PCANDIS5.SYS [32128 2006-03-01] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68608 2008-04-14] (Microsoft Corporation) R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3456 2001-10-26] (Microsoft Corporation) S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120320 2008-04-15] (Microsoft Corporation) R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-15] (Microsoft Corporation) R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-15] (Microsoft Corporation) R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2008-04-15] (Parallel Technologies, Inc.) R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2008-04-15] (Microsoft Corporation) R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-15] (Microsoft Corporation) R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-15] (Microsoft Corporation) R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2008-04-15] (Microsoft Corporation) R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-15] (Microsoft Corporation) R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2008-04-15] (Microsoft Corporation) S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation) S1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [58880 2008-04-14] (Microsoft Corporation) R3 RT80x86; C:\WINDOWS\System32\DRIVERS\RT2860.sys [933504 2009-01-19] (Ralink Technology, Corp.) S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-15] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) S2 Serial; C:\WINDOWS\system32\Drivers\Serial.sys [65280 2008-04-15] (Microsoft Corporation) S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-15] (Microsoft Corporation) S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation) R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1752704 2008-08-11] () S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation) R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-15] (Microsoft Corporation) R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) S3 ssadbus; C:\WINDOWS\System32\DRIVERS\ssadbus.sys [121064 2011-07-20] (MCCI Corporation) S3 ssadmdfl; C:\WINDOWS\System32\DRIVERS\ssadmdfl.sys [12776 2011-07-20] (MCCI Corporation) S3 ssadmdm; C:\WINDOWS\System32\DRIVERS\ssadmdm.sys [136808 2011-07-20] (MCCI Corporation) S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation) R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-15] (Microsoft Corporation) S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation) R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation) R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-15] (Microsoft Corporation) S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-15] (Microsoft Corporation) R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-15] (Microsoft Corporation) R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-15] (Microsoft Corporation) R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation) S3 usbstor; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-15] (Microsoft Corporation) R3 usbuhci; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [20608 2008-04-14] (Microsoft Corporation) S3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [123008 2013-07-17] (Microsoft Corporation) S3 usb_rndisx; C:\WINDOWS\System32\DRIVERS\usb8023x.sys [12928 2013-02-12] (Microsoft Corporation) R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-15] (Microsoft Corporation) R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52864 2008-04-15] (Microsoft Corporation) R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-15] (Microsoft Corporation) S3 Wdf01000; C:\WINDOWS\System32\DRIVERS\Wdf01000.sys [492000 2006-11-02] (Microsoft Corporation) R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation) U3 Winsock; No ImagePath S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation) R0 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation) S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] (Microsoft Corporation) S4 Abiosdsk; No ImagePath S4 abp480n5; No ImagePath S4 adpu160m; No ImagePath S4 Aha154x; No ImagePath S4 aic78u2; No ImagePath S4 aic78xx; No ImagePath S4 AliIde; No ImagePath S4 amsint; No ImagePath S4 asc; No ImagePath S4 asc3350p; No ImagePath S4 asc3550; No ImagePath S4 Atdisk; No ImagePath U5 BattC; C:\Windows\System32\Drivers\BattC.sys [14208 2008-04-14] (Microsoft Corporation) S4 cd20xrnt; No ImagePath S1 Changer; No ImagePath S4 CmdIde; No ImagePath S4 Cpqarray; No ImagePath U4 dac2w2k; No ImagePath S4 dac960nt; No ImagePath S4 dpti2o; No ImagePath S4 hpn; No ImagePath S1 i2omgmt; No ImagePath S4 i2omp; No ImagePath S4 ini910u; No ImagePath S4 IntelIde; No ImagePath S1 lbrtfdc; No ImagePath S4 mraid35x; No ImagePath S1 PCIDump; No ImagePath S3 PDCOMP; No ImagePath S3 PDFRAME; No ImagePath S3 PDRELI; No ImagePath S3 PDRFRAME; No ImagePath S4 perc2; No ImagePath S4 perc2hib; No ImagePath S4 ql1080; No ImagePath S4 Ql10wnt; No ImagePath S4 ql12160; No ImagePath S4 ql1240; No ImagePath S4 ql1280; No ImagePath S4 Simbad; No ImagePath S4 Sparrow; No ImagePath S4 symc810; No ImagePath S4 symc8xx; No ImagePath S4 sym_hi; No ImagePath S4 sym_u3; No ImagePath S4 TosIde; No ImagePath S4 ultra; No ImagePath S4 ViaIde; No ImagePath S3 WDICA; No ImagePath U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-14 06:22 - 2015-03-14 06:22 - 00000000 ____D () C:\FRST 2015-03-14 06:18 - 2015-01-30 13:27 - 04199640 _____ (COMODO) C:\Documents and Settings\All Users\Dane aplikacji\cis96.exe 2015-03-14 06:14 - 2015-03-14 06:14 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll 2015-03-13 20:03 - 2015-03-13 20:03 - 00020602 _____ () C:\Documents and Settings\n\Pulpit\fr1.txt 2015-03-13 20:02 - 2015-03-13 20:02 - 00031956 _____ () C:\Documents and Settings\n\Pulpit\sh1.txt 2015-03-13 20:02 - 2015-03-13 20:02 - 00016973 _____ () C:\Documents and Settings\n\Pulpit\add1.txt 2015-03-13 16:19 - 2015-03-13 20:04 - 00190539 _____ () C:\Documents and Settings\n\Pulpit\autoruns_log.rar 2015-03-13 16:18 - 2015-03-13 16:18 - 00000000 ____D () C:\Documents and Settings\n\Pulpit\autoruns_log 2015-03-13 09:56 - 2015-03-13 09:52 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-03-13 09:54 - 2015-03-13 09:54 - 00000000 ____D () C:\Program Files\Common Files\Java 2015-03-13 09:52 - 2015-03-13 09:58 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Oracle 2015-03-13 09:49 - 2015-03-13 09:49 - 00000000 ___RD () C:\Documents and Settings\n\Menu Start\Programy\Narzędzia administracyjne 2015-03-13 08:47 - 2015-03-13 08:47 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2015-03-13 08:46 - 2015-03-13 08:46 - 00506264 _____ () C:\WINDOWS\system32\prfh0415.dat 2015-03-13 08:46 - 2015-03-13 08:46 - 00092200 _____ () C:\WINDOWS\system32\prfc0415.dat 2015-03-13 08:43 - 2015-03-13 08:43 - 00000000 ____D () C:\Documents and Settings\n\Pulpit\Stare dane programu Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-14 06:23 - 2010-02-02 14:58 - 00000000 ____D () C:\Documents and Settings\n\Ustawienia lokalne\Temp 2015-03-14 06:22 - 2013-08-25 20:24 - 00000000 ____D () C:\Documents and Settings\n\Moje dokumenty\pobrane 2015-03-14 06:21 - 2014-08-18 07:35 - 00000000 ____D () C:\Documents and Settings\n\Pulpit\Nieużywane skróty pulpitu 2015-03-14 06:21 - 2010-02-02 14:58 - 00000000 ___HD () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji 2015-03-14 06:21 - 2010-02-02 14:58 - 00000000 ____D () C:\Documents and Settings\n 2015-03-14 06:21 - 2009-02-04 15:32 - 01113050 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-14 06:20 - 2014-05-29 05:24 - 00000214 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-03-14 06:20 - 2009-02-04 16:28 - 00000159 ____N () C:\WINDOWS\wiadebug.log 2015-03-14 06:20 - 2009-02-04 16:28 - 00000050 ____N () C:\WINDOWS\wiaservc.log 2015-03-14 06:20 - 2009-02-04 16:25 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-03-14 06:20 - 2009-02-04 15:37 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-03-14 06:19 - 2010-02-02 14:58 - 00000188 ___SH () C:\Documents and Settings\n\ntuser.ini 2015-03-14 06:19 - 2009-02-04 16:25 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-03-14 06:19 - 2009-02-04 15:37 - 00032604 ____N () C:\WINDOWS\SchedLgU.Txt 2015-03-14 05:52 - 2013-08-25 10:53 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-03-13 20:04 - 2010-02-02 14:58 - 00000000 ____D () C:\Documents and Settings\n\Pulpit 2015-03-13 10:32 - 2014-06-18 12:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-03-13 09:56 - 2009-02-04 16:25 - 01126164 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-03-13 09:56 - 2009-02-04 16:18 - 00504724 _____ () C:\WINDOWS\system32\perfh015.dat 2015-03-13 09:56 - 2009-02-04 16:18 - 00091144 _____ () C:\WINDOWS\system32\perfc015.dat 2015-03-13 09:52 - 2014-08-18 07:48 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2015-03-13 09:52 - 2011-01-11 17:50 - 00000000 ____D () C:\Program Files\Java 2015-03-13 09:49 - 2010-02-02 14:58 - 00000000 ___RD () C:\Documents and Settings\n\Menu Start\Programy 2015-03-13 09:03 - 2009-02-04 16:18 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl 2015-03-13 08:52 - 2013-08-25 10:53 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-03-13 08:52 - 2013-08-20 15:27 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-03-13 08:52 - 2011-11-10 15:32 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-03-13 08:48 - 2014-06-16 09:03 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2015-03-13 08:47 - 2010-11-09 15:44 - 00000000 ____D () C:\Program Files\CCleaner 2015-03-13 08:47 - 2009-02-04 16:25 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-02-26 21:20 - 2011-01-11 18:08 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Files in the root of some directories ======= 2010-11-09 16:42 - 2010-11-09 16:42 - 0002528 _____ () C:\Documents and Settings\n\Dane aplikacji\$_hpcst$.hpc 2010-02-08 15:49 - 2014-07-07 18:56 - 0020992 _____ () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-02-02 14:58 - 2009-03-12 13:23 - 0000135 _____ () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\fusioncache.dat Some content of TEMP: ==================== C:\Documents and Settings\n\Ustawienia lokalne\Temp\jre-8u40-windows-au.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================