Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01 Ran by Grzesiek (administrator) on GRZESIEK-LAPTOP on 22-06-2015 20:51:11 Running from C:\Users\Grzesiek\Desktop\do naprawiania Loaded Profiles: Grzesiek & UpdatusUser (Available Profiles: Grzesiek & UpdatusUser & internet) Platform: Windows 7 Ultimate (X64) OS Language: Polski (Polska) Internet Explorer Version 8 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (XTab system) C:\Program Files (x86)\XTab\ProtectService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (BitTorrent Inc.) C:\Users\Grzesiek\AppData\Roaming\uTorrent\uTorrent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Nullsoft) C:\Program Files (x86)\Winamp\winampa.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe () C:\Program Files (x86)\Faster Light\bin\utilFasterLight.exe () C:\Program Files (x86)\Faster Light\bin\FasterLight.BrowserAdapter.exe () C:\Program Files (x86)\Faster Light\bin\FasterLight.BrowserAdapter64.exe () C:\Program Files (x86)\Faster Light\bin\FasterLight.expext.exe () C:\Program Files (x86)\Faster Light\bin\FasterLight.PurBrowse64.exe () C:\Program Files (x86)\Faster Light\updateFasterLight.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.) HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-29] () HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2014-11-16] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2014-11-16] (Lenovo(beijing) Limited) HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2011-12-01] (Intel® Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508144 2012-07-25] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation) HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [39424 2009-12-21] (Nullsoft) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-05-01] (Electronic Arts) HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\Run: [uTorrent] => C:\Users\Grzesiek\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-15] (BitTorrent Inc.) HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\Run: [EpicScale] => C:\ProgramData\EpicScale\10\EpicScale.exe EpicScale StartMinimized HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2874048 2015-02-19] (Valve Corporation) HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\MountPoints2: {99446fc6-6da5-11e4-8a05-806e6f6e6963} - F:\Autorun.exe HKU\S-1-5-21-592060492-1902354033-4240126978-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-11-06] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [203112 2012-11-06] (NVIDIA Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1433410501&z=1409fed43b5baa9938766efg3z3ccc6zagfeaw9e4g&from=wpm06043&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1433410501&z=1409fed43b5baa9938766efg3z3ccc6zagfeaw9e4g&from=wpm06043&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1419707919&from=cor&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1419707919&from=cor&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1433410501&z=1409fed43b5baa9938766efg3z3ccc6zagfeaw9e4g&from=wpm06043&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1433410501&z=1409fed43b5baa9938766efg3z3ccc6zagfeaw9e4g&from=wpm06043&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419707919&from=cor&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419707919&from=cor&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902&q={searchTerms} HKU\S-1-5-21-592060492-1902354033-4240126978-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1431099740&z=ca2f74e1113b104620d088dg8z7ceg6e5t1tbm3c3q&from=wpm05083&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902&q={searchTerms} HKU\S-1-5-21-592060492-1902354033-4240126978-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1433410501&z=1409fed43b5baa9938766efg3z3ccc6zagfeaw9e4g&from=wpm06043&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902 HKU\S-1-5-21-592060492-1902354033-4240126978-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1433410501&z=1409fed43b5baa9938766efg3z3ccc6zagfeaw9e4g&from=wpm06043&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902 HKU\S-1-5-21-592060492-1902354033-4240126978-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1431099740&z=ca2f74e1113b104620d088dg8z7ceg6e5t1tbm3c3q&from=wpm05083&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902&q={searchTerms} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419707919&from=cor&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419707919&from=cor&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419707919&from=cor&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419707919&from=cor&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902&q={searchTerms} SearchScopes: HKU\S-1-5-21-592060492-1902354033-4240126978-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592060492-1902354033-4240126978-1000 -> OldSearch URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592060492-1902354033-4240126978-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592060492-1902354033-4240126978-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592060492-1902354033-4240126978-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592060492-1902354033-4240126978-1000 -> {DF1F2225-AF5F-4778-9649-3F4B619A8E46} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-592060492-1902354033-4240126978-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-29] (Qualcomm Atheros Commnucations) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated) BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-06-03] (Thinknice Co. Limited) BHO-x32: Faster Light 1.0.0.7 -> {950ef4df-b9dd-4b97-9e34-5c7d25a5eb88} -> C:\Program Files (x86)\Faster Light\FasterLightBHO.dll [2015-01-27] () BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2014-11-16] (Sun Microsystems, Inc.) BHO-x32: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll [2010-05-04] (GG Network S.A.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1419707919&from=cor&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902 FireFox: ======== FF ProfilePath: C:\Users\Grzesiek\AppData\Roaming\Mozilla\Firefox\Profiles\kdxrja3a.default FF NewTab: hxxp://www.delta-homes.com/newtab/?type=nt&ts=1433410501&z=1409fed43b5baa9938766efg3z3ccc6zagfeaw9e4g&from=wpm06043&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902 FF DefaultSearchEngine: delta-homes FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: delta-homes FF Homepage: hxxp://www.delta-homes.com/?type=hp&ts=1433410501&z=1409fed43b5baa9938766efg3z3ccc6zagfeaw9e4g&from=wpm06043&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902 FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr__alt__ddc_dss_bd_com&p= FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2014-11-16] (Sun Microsystems, Inc.) FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2105 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2005-06-17] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1212 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2005-06-17] (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2014-11-16] (mozilla.org) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2003-07-15] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2010-11-15] (Adobe Systems Inc.) FF Extension: No Name - C:\Users\Grzesiek\AppData\Roaming\Mozilla\Firefox\Profiles\kdxrja3a.default\Extensions\faststartff@gmail.com [2014-12-27] FF Extension: No Name - C:\Users\Grzesiek\AppData\Roaming\Mozilla\Firefox\Profiles\kdxrja3a.default\Extensions\quick_searchff@gmail.com [2015-05-08] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Grzesiek\AppData\Roaming\Mozilla\Firefox\Profiles\kdxrja3a.default\extensions\faststartff@gmail.com FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\Grzesiek\AppData\Roaming\Mozilla\Firefox\Profiles\kdxrja3a.default\extensions\quick_searchff@gmail.com FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found] StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://isearch.omiga-plus.com/?type=sc&ts=1419707919&from=cor&uid=ST1000LM024XHN-M101MBB_S2U5J9CC956902 FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2014-11-16] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2014-11-16] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2014-11-16] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2014-11-16] Chrome: ======= CHR Profile: C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-16] CHR Extension: (Google Docs) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-16] CHR Extension: (Google Drive) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-22] CHR Extension: (YouTube) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-22] CHR Extension: (Google Search) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-22] CHR Extension: (Google Sheets) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-16] CHR Extension: (No Name) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjaeedhlmcojmmhngnbankkodcdlenh [2015-06-22] CHR Extension: (Skype Click to Call) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-11-16] CHR Extension: (Google Wallet) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-16] CHR Extension: (Gmail) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22] CHR HKU\S-1-5-21-592060492-1902354033-4240126978-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] Opera: ======= OPR Extension: (AdBlock) - C:\Users\Grzesiek\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2015-04-28] OPR Extension: (No Name) - C:\Users\Grzesiek\AppData\Roaming\Opera Software\Opera Stable\Extensions\jpjaeedhlmcojmmhngnbankkodcdlenh [2015-06-21] OPR Extension: (Adblock Plus) - C:\Users\Grzesiek\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-04-28] OPR Extension: (No Name) - C:\Users\Grzesiek\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbgbdinkchdlbniomfkieilppkmmfimc [2015-04-20] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations) [File not signed] S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-01-13] (BitRaider, LLC) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2011-11-30] (Red Bend Ltd.) [File not signed] R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [File not signed] R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-05-08] (XTab system) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-01] (Electronic Arts) S2 PicexaService; C:\Program Files (x86)\Picexa\PicexaSvc.exe [393880 2015-05-06] () [File not signed] R2 Update Faster Light; C:\Program Files (x86)\Faster Light\updateFasterLight.exe [462064 2015-06-22] () R2 Util Faster Light; C:\Program Files (x86)\Faster Light\bin\utilFasterLight.exe [462064 2015-06-22] () R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2011-11-30] (Intel(R) Corporation) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [347136 2015-06-04] (SysTool PasSame LIMITED) [File not signed] <==== ATTENTION R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros) [File not signed] R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-01-13] (BitRaider) R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-09-29] (Qualcomm Atheros) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [27456 2012-08-16] (Intel Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.) R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation) S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [101840 2012-07-05] ("CyberLink) R1 {2c7e9044-6b3b-4ecc-9224-8b8c893f6fc1}Gw64; C:\Windows\System32\drivers\{2c7e9044-6b3b-4ecc-9224-8b8c893f6fc1}Gw64.sys [48792 2014-12-30] (StdLib) R1 {5fa86e60-a54d-4e77-b1f1-f7bc1e215749}Gw64; C:\Windows\System32\drivers\{5fa86e60-a54d-4e77-b1f1-f7bc1e215749}Gw64.sys [48784 2015-01-30] (StdLib) R1 {5fa86e60-a54d-4e77-b1f1-f7bc1e215749}w64; C:\Windows\System32\drivers\{5fa86e60-a54d-4e77-b1f1-f7bc1e215749}w64.sys [48784 2015-02-07] (StdLib) R1 {82adbb5d-7d8c-4f2d-9936-53071e499858}Gw64; C:\Windows\System32\drivers\{82adbb5d-7d8c-4f2d-9936-53071e499858}Gw64.sys [48792 2015-01-03] (StdLib) R1 {8fb4e628-35c6-4275-89be-ce3462febcc4}Gw64; C:\Windows\System32\drivers\{8fb4e628-35c6-4275-89be-ce3462febcc4}Gw64.sys [48792 2014-12-27] (StdLib) R1 {a081059f-4e06-4f49-9a1e-4b92e171ba25}Gw64; C:\Windows\System32\drivers\{a081059f-4e06-4f49-9a1e-4b92e171ba25}Gw64.sys [48792 2015-01-05] (StdLib) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] U3 uwkdruob; \??\C:\Users\Grzesiek\AppData\Local\Temp\uwkdruob.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-22 20:50 - 2015-06-22 20:51 - 00000000 ____D C:\FRST 2015-06-22 20:29 - 2015-06-22 20:51 - 00000000 ____D C:\Users\Grzesiek\Desktop\do naprawiania 2015-06-22 20:02 - 2015-06-22 20:02 - 00000000 ____D C:\ProgramData\IHProtectUpDate 2015-06-22 18:59 - 2015-06-22 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-06-22 18:54 - 2015-06-22 18:54 - 18797980 _____ C:\Users\Grzesiek\Downloads\Malwarebytes Anti-Malware Premium 2.0.2.1012 + Key.rar 2015-06-21 21:02 - 2015-06-21 21:02 - 00105190 _____ C:\Users\Grzesiek\Downloads\p792bbbd6a3a60e297c50.html 2015-06-21 21:01 - 2015-06-21 21:01 - 00000000 ____D C:\Users\Grzesiek\AppData\Roaming\Picexa Viewer 2015-06-21 20:24 - 2015-06-21 20:24 - 00000000 ____D C:\Windows\system32\appmgmt 2015-06-21 19:44 - 2015-06-22 20:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-06-21 19:44 - 2015-06-21 19:44 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-06-21 19:44 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-06-21 19:43 - 2015-06-21 19:43 - 00000000 ____D C:\Users\Grzesiek\Downloads\Malwarebytes Anti-Malware Premium 2.0.2.1012 + Key 2015-06-04 11:35 - 2015-06-22 20:18 - 00000000 ____D C:\Program Files (x86)\MiuiTab ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-22 20:50 - 2014-12-27 21:19 - 00000000 ____D C:\Users\Grzesiek\AppData\Roaming\uTorrent 2015-06-22 20:40 - 2014-11-16 17:48 - 00000000 ____D C:\Users\Grzesiek\AppData\Roaming\Skype 2015-06-22 20:33 - 2014-12-27 21:18 - 00000000 ____D C:\Program Files (x86)\Faster Light 2015-06-22 20:33 - 2009-07-14 04:34 - 00000601 _____ C:\Windows\win.ini 2015-06-22 20:29 - 2014-11-16 17:55 - 00000000 ____D C:\Program Files (x86)\Opera 2015-06-22 20:27 - 2009-07-14 06:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-22 20:27 - 2009-07-14 06:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-22 20:25 - 2014-11-17 20:52 - 00000000 ____D C:\ProgramData\Origin 2015-06-22 20:25 - 2014-11-16 17:05 - 00647100 _____ C:\Windows\WindowsUpdate.log 2015-06-22 20:24 - 2009-07-14 19:55 - 00688866 _____ C:\Windows\system32\perfh015.dat 2015-06-22 20:24 - 2009-07-14 19:55 - 00131918 _____ C:\Windows\system32\perfc015.dat 2015-06-22 20:24 - 2009-07-14 07:13 - 01526834 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-22 20:22 - 2015-05-09 17:59 - 00001178 _____ C:\Windows\setupact.log 2015-06-22 20:21 - 2015-02-17 11:39 - 00000000 ____D C:\Program Files (x86)\Steam 2015-06-22 20:19 - 2015-05-08 17:42 - 00000000 ____D C:\Program Files (x86)\XTab 2015-06-22 20:19 - 2015-03-16 18:49 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-22 20:19 - 2015-01-01 18:52 - 00000000 ____D C:\Program Files\Bonjour 2015-06-22 20:19 - 2015-01-01 18:52 - 00000000 ____D C:\Program Files (x86)\Bonjour 2015-06-22 20:19 - 2014-12-27 21:19 - 00000000 ____D C:\ProgramData\WindowsMangerProtect 2015-06-22 20:19 - 2014-11-16 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox 2015-06-22 20:19 - 2014-11-16 17:10 - 00000000 ____D C:\Users\Grzesiek 2015-06-22 20:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-22 20:18 - 2015-05-10 13:36 - 00000000 ____D C:\Users\internet\AppData\Local\Pay-By-Ads 2015-06-22 20:18 - 2015-05-08 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picexa 2015-06-22 20:18 - 2015-05-08 17:43 - 00000000 ____D C:\Program Files (x86)\Picexa 2015-06-22 20:18 - 2015-04-06 18:33 - 00000000 ____D C:\Windows\system32\Macromed 2015-06-22 20:18 - 2015-03-16 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-06-22 20:18 - 2015-02-24 17:16 - 00000000 ____D C:\Users\internet\Desktop\tak 2015-06-22 20:18 - 2015-02-24 17:15 - 00000000 ___RD C:\Users\internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-06-22 20:18 - 2015-02-24 17:15 - 00000000 ___RD C:\Users\internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-06-22 20:18 - 2015-02-24 17:15 - 00000000 ____D C:\Users\internet 2015-06-22 20:18 - 2015-01-15 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-06-22 20:18 - 2015-01-15 21:15 - 00000000 ____D C:\Program Files (x86)\GameforgeLive 2015-06-22 20:18 - 2015-01-13 21:04 - 00000000 ____D C:\ProgramData\BitRaider 2015-06-22 20:18 - 2015-01-01 14:37 - 00000000 ____D C:\Users\Grzesiek\Desktop\Fotki 2015-06-22 20:18 - 2014-12-27 21:19 - 00000000 ____D C:\ProgramData\IePluginServices 2015-06-22 20:18 - 2014-12-27 21:19 - 00000000 ____D C:\ProgramData\EpicScale 2015-06-22 20:18 - 2014-12-27 21:19 - 00000000 ____D C:\Program Files (x86)\SupTab 2015-06-22 20:18 - 2014-12-27 21:18 - 00000000 ____D C:\Users\Grzesiek\AppData\Roaming\omiga-plus 2015-06-22 20:18 - 2014-11-17 20:52 - 00000000 ____D C:\Program Files (x86)\Origin 2015-06-22 20:18 - 2014-11-16 18:18 - 00000000 ___RD C:\Users\Grzesiek\Desktop\pierdoły 2015-06-22 20:18 - 2014-11-16 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-06-22 20:18 - 2014-11-16 17:56 - 00000000 ____D C:\Program Files\CCleaner 2015-06-22 20:18 - 2014-11-16 17:55 - 00000000 ____D C:\Users\Grzesiek\AppData\Roaming\RHEng 2015-06-22 20:18 - 2014-11-16 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-22 20:18 - 2014-11-16 17:31 - 00000000 ____D C:\Windows\SysWOW64\NV 2015-06-22 20:18 - 2014-11-16 17:31 - 00000000 ____D C:\Windows\system32\NV 2015-06-22 20:18 - 2009-07-14 20:09 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-06-22 20:18 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries 2015-06-22 20:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\GroupPolicy 2015-06-22 20:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat 2015-06-22 20:17 - 2015-05-15 19:50 - 00000000 ____D C:\Users\internet\Documents\Electronic Arts 2015-06-22 20:17 - 2015-02-24 17:15 - 00000000 ____D C:\Users\internet\AppData\Roaming\Intel 2015-06-22 20:17 - 2015-01-13 21:04 - 00000000 ____D C:\Users\Public\Documents\BitRaider 2015-06-22 20:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2015-06-22 20:16 - 2015-02-24 17:15 - 00000000 ____D C:\Users\internet\AppData\Local\Google 2015-06-22 20:16 - 2014-11-16 17:46 - 00000000 ____D C:\Users\Grzesiek\AppData\Roaming\Winamp 2015-06-22 20:15 - 2014-11-16 17:20 - 00000000 ____D C:\ProgramData\NVIDIA 2015-06-22 20:15 - 2014-11-16 17:18 - 00000000 ____D C:\Program Files\Common Files\Intel 2015-06-22 20:14 - 2014-11-16 17:15 - 00000000 ____D C:\Program Files (x86)\Intel 2015-06-22 20:10 - 2014-12-06 12:37 - 00000000 ____D C:\Users\Grzesiek\AppData\Local\CrashDumps 2015-06-22 19:59 - 2015-01-16 14:03 - 00000000 ____D C:\Windows\Minidump 2015-06-09 16:02 - 2014-11-17 20:52 - 00000000 ____D C:\Users\Grzesiek\AppData\Roaming\Origin 2015-06-09 15:59 - 2015-02-24 17:17 - 00000000 ____D C:\Users\internet\Documents\Bluetooth Folder 2015-06-05 09:59 - 2015-03-16 18:49 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-05 09:57 - 2015-04-06 18:33 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-04 11:35 - 2015-05-08 17:43 - 00001789 _____ C:\Users\Public\Desktop\Picexa.lnk 2015-05-27 22:36 - 2015-03-16 18:49 - 00002491 _____ C:\Users\Public\Desktop\Google Chrome.lnk ==================== Files in the root of some directories ======= 2014-11-16 17:32 - 2014-11-16 17:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Grzesiek\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-08 17:47 ==================== End of log ============================