OTL logfile created on: 6/28/2015 10:09:05 PM - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kamil\Desktop\Pobrane Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17843) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2.99 Gb Total Physical Memory | 1.26 Gb Available Physical Memory | 42.01% Memory free 5.98 Gb Paging File | 3.43 Gb Available in Paging File | 57.41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 99.14 Gb Total Space | 53.51 Gb Free Space | 53.97% Space Free | Partition Type: NTFS Drive D: | 39.06 Gb Total Space | 28.31 Gb Free Space | 72.47% Space Free | Partition Type: NTFS Drive E: | 4.25 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS Drive F: | 312.44 Gb Total Space | 172.96 Gb Free Space | 55.36% Space Free | Partition Type: exFAT Drive G: | 7.20 Gb Total Space | 3.42 Gb Free Space | 47.52% Space Free | Partition Type: FAT32 Drive H: | 7.64 Gb Total Space | 7.60 Gb Free Space | 99.43% Space Free | Partition Type: FAT32 Drive I: | 1.92 Gb Total Space | 1.87 Gb Free Space | 97.69% Space Free | Partition Type: FAT32 Computer Name: KAMIL-KOMPUTER | User Name: Kamil | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2015/06/28 22:08:40 | 001,636,352 | ---- | M] (Farbar) -- C:\Users\Kamil\Desktop\Pobrane\FRST.exe PRC - [2015/06/20 07:46:07 | 000,813,896 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2015/06/19 22:49:09 | 000,450,808 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2015/06/19 22:48:53 | 000,429,304 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2015/06/19 22:48:49 | 000,450,808 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2015/05/24 18:07:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\Pobrane\OTL.exe PRC - [2015/05/21 11:01:32 | 000,130,864 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\Launcher\Avira.Systray.exe PRC - [2015/05/14 19:12:19 | 000,244,040 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe PRC - [2015/05/07 23:21:06 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\GWX\GWX.exe PRC - [2015/05/01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe PRC - [2015/05/01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe PRC - [2014/11/28 19:22:44 | 005,419,792 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe PRC - [2014/09/12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2014/07/14 22:50:54 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2014/03/12 00:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE PRC - [2014/01/17 21:52:14 | 000,224,096 | ---- | M] () -- C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe PRC - [2013/12/28 13:15:50 | 000,086,016 | ---- | M] (Dassault Systèmes) -- C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe PRC - [2013/05/03 14:48:53 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2011/03/14 17:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe PRC - [2011/03/14 17:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/11/04 06:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2009/10/26 13:53:14 | 000,091,136 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe PRC - [2009/10/13 12:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2009/10/07 03:31:56 | 002,246,144 | ---- | M] (SEC) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe PRC - [2009/10/02 18:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe PRC - [2009/08/14 12:45:18 | 000,062,744 | ---- | M] (Sierra Wireless Inc.) -- C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe PRC - [2009/08/14 04:39:00 | 000,622,592 | ---- | M] () -- C:\Windows\Xerox\PanelMgr\SSMMgr.exe PRC - [2009/08/13 20:59:22 | 000,562,456 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe PRC - [2009/04/15 16:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe PRC - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\System32\Rezip.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2015/06/20 07:46:06 | 015,003,976 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll MOD - [2015/06/20 07:46:04 | 001,281,864 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\43.0.2357.130\libglesv2.dll MOD - [2015/06/20 07:46:04 | 000,080,712 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\43.0.2357.130\libegl.dll MOD - [2015/05/13 06:55:02 | 019,696,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\dda205128364510499bff84e347d0d28\System.ServiceModel.ni.dll MOD - [2015/05/13 06:39:10 | 012,935,680 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ad9feb3143717fe0e0a50f792718bbed\System.Windows.Forms.ni.dll MOD - [2015/05/13 06:39:08 | 006,990,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\d2acb5226fa8916ef6417139a742a09d\System.Core.ni.dll MOD - [2015/05/13 06:39:06 | 003,950,080 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8115eb34e0d122591c2a9595cfff225e\WindowsBase.ni.dll MOD - [2015/05/13 06:38:58 | 000,976,384 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5023210ae4242a319712718fc6a23848\System.Configuration.ni.dll MOD - [2015/05/13 06:35:22 | 000,223,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\432b41d4311091908117abe08d5ccdcb\System.ServiceProcess.ni.dll MOD - [2014/10/16 15:41:15 | 000,399,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\7ab3e68c2e523f60bfc4f222cbd1c1d0\System.Xml.Linq.ni.dll MOD - [2014/10/15 07:09:45 | 007,409,664 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\5d2c01ae1ca8c40ed74cdfd7b7b7dcb1\System.Data.ni.dll MOD - [2014/10/15 07:09:45 | 002,542,080 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\5e84979fadb7eb63caedea9f4acefcc9\System.Data.Linq.ni.dll MOD - [2014/10/15 07:09:42 | 001,046,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\cc7bb025e7cca401787cec5893c2cb67\System.ComponentModel.Composition.ni.dll MOD - [2014/10/15 07:09:38 | 007,668,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll MOD - [2014/10/15 07:09:38 | 002,822,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll MOD - [2014/10/15 07:09:33 | 001,644,544 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll MOD - [2014/10/15 07:09:31 | 010,100,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll MOD - [2014/02/26 23:58:02 | 016,953,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2009/12/12 16:12:03 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2009/08/14 04:39:00 | 000,622,592 | ---- | M] () -- C:\Windows\Xerox\PanelMgr\SSMMgr.exe MOD - [2009/08/13 20:46:24 | 000,234,776 | ---- | M] () -- C:\Program Files\Sierra Wireless Inc\WebUpdater\WebUpdtAPI.dll MOD - [2006/08/12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2015/06/24 17:57:16 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2015/06/19 22:49:09 | 000,450,808 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2015/06/19 22:48:53 | 001,188,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe -- (AntiVirWebService) SRV - [2015/06/19 22:48:51 | 000,827,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe -- (AntiVirMailService) SRV - [2015/06/19 22:48:49 | 000,450,808 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2015/06/04 05:58:03 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2015/05/25 20:01:45 | 000,853,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack) SRV - [2015/05/23 05:05:18 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2015/05/21 10:59:50 | 000,208,632 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe -- (Avira.ServiceHost) SRV - [2015/05/01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc) SRV - [2015/05/01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc) SRV - [2015/02/18 19:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2014/11/28 19:22:44 | 005,419,792 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\TeamViewer_Service.exe -- (TeamViewer) SRV - [2014/09/12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2014/04/09 15:12:50 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService) SRV - [2014/03/12 00:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate) SRV - [2014/03/12 00:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc) SRV - [2014/01/30 21:26:14 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2014/01/17 21:52:14 | 000,224,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe -- (Internet Manager. RunOuc) SRV - [2013/12/28 13:15:50 | 000,086,016 | ---- | M] (Dassault Systèmes) [Auto | Running] -- C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe -- (DraftSight API Service) SRV - [2013/12/19 01:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2013/05/27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013/03/28 21:34:12 | 001,737,728 | ---- | M] (Lavasoft Limited ) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2013/03/24 22:09:40 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011/03/14 17:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe) SRV - [2009/10/02 18:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\System32\Rezip.exe -- (Rezip) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\swumx20.sys -- (SWUMX20) DRV - [2015/06/19 22:49:39 | 000,136,728 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2015/06/19 22:49:39 | 000,108,448 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2015/06/19 22:49:39 | 000,031,848 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2015/05/20 17:44:46 | 000,037,896 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2015/03/10 16:44:27 | 000,037,896 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\avnetflt.sys -- (avnetflt) DRV - [2014/01/17 21:52:16 | 000,181,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm) DRV - [2014/01/17 21:52:16 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2014/01/17 21:52:16 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - [2014/01/17 21:52:16 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2014/01/17 21:52:16 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV - [2014/01/17 21:52:16 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM) DRV - [2014/01/17 21:52:16 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad) DRV - [2014/01/17 21:52:16 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV - [2013/03/28 21:34:55 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer) DRV - [2011/12/13 04:32:24 | 002,228,224 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2011/05/13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2011/05/13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) DRV - [2011/05/13 03:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) DRV - [2011/05/13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2011/05/13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/08/12 14:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd) DRV - [2009/11/06 06:07:10 | 009,923,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009/10/26 22:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd) DRV - [2009/09/28 11:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009/07/22 17:45:34 | 000,222,720 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8ua3.sys -- (SWNC8UA3) DRV - [2009/07/22 17:44:18 | 000,148,992 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swumxa3.sys -- (SWUMXA3) DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/01 22:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt) DRV - [2009/06/27 16:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2009/04/06 08:57:46 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT) DRV - [2009/04/06 08:57:44 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp) DRV - [2009/01/14 23:20:01 | 000,028,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "PL" FF - prefs.js..browser.search.isUS: false FF - prefs.js..browser.search.region: "PL" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.5 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_190.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2088: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2014/01/17 21:52:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8}: C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014/04/04 12:36:14 | 000,010,691 | ---- | M] () [2013/03/24 17:57:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions [2015/05/30 07:17:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamil\AppData\Roaming\mozilla\Firefox\Profiles\aiulbbdh.default\extensions [2015/05/30 07:17:49 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\Kamil\AppData\Roaming\mozilla\Firefox\Profiles\aiulbbdh.default\extensions\abs@avira.com [2015/06/04 05:57:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2015/06/04 05:58:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.8_0\ CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\ CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\ CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\ CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjeclnkejmbepoibfnamioojinoopln\2.0_0\ CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.9_0\ CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.4.0.9058_0\ CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\ CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\ CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Avira Systray] C:\Program Files\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.) O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TRUUpdater] C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe (Sierra Wireless, Inc.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [WatcherHelper] C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe (Sierra Wireless Inc.) O4 - HKLM..\Run: [Xerox PanelMgr] C:\Windows\Xerox\PanelMgr\SSMMgr.exe () O4 - HKCU..\Run: [GoogleChromeAutoLaunch_46BF133ACA8BEB7ACDB8F921980892DB] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKLM..\RunOnce: [] File not found O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\windows\system32\Macromed\Flash\FlashUtil32_17_0_0_188_Plugin.exe -update plugin File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 1721265593 = C:\ProgramData\mszstcuhk.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3EF49C61-7250-4594-9209-2DEFB90CC069}: NameServer = 193.41.112.14 193.41.112.18 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47287A51-D4AB-4ED4-B2CD-E7E1354E6F75}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66C91A3F-368E-40F7-A0C8-886D06D27D3C}: NameServer = 193.41.112.14 193.41.112.18 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F2E45BE-2E40-4F73-9B88-B527CF7EBA8C}: NameServer = 193.41.112.18 193.41.112.14 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2613D24-FFDD-44A2-800B-89DFF45993D3}: NameServer = 193.41.112.14 193.41.112.18 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\System32\Userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{9cd24bf5-0e67-11e5-8d8e-506313d145df}\Shell - "" = AutoRun O33 - MountPoints2\{9cd24bf5-0e67-11e5-8d8e-506313d145df}\Shell\AutoRun\command - "" = G:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2015/06/27 07:33:00 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\zdjecia madzia praca wawa [2015/06/26 19:45:20 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\mp3 [2015/06/26 19:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeRIP MP3 Converter [2015/06/26 19:19:33 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter [2015/06/26 19:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\FreeRIP [2015/06/24 17:57:02 | 018,174,128 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerInstaller.exe [2015/06/10 21:46:25 | 002,384,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2015/06/10 21:46:23 | 000,901,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aeinv.dll [2015/06/10 21:46:23 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\appraiser.dll [2015/06/10 21:46:23 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\invagent.dll [2015/06/10 21:46:23 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\generaltel.dll [2015/06/10 21:46:23 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\devinv.dll [2015/06/10 21:46:23 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aepdu.dll [2015/06/10 21:46:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aepic.dll [2015/06/10 21:46:23 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\acmigration.dll [2015/06/10 21:46:22 | 000,054,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\stream.sys [2015/06/10 21:46:09 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe [2015/06/10 21:46:09 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MsSpellCheckingFacility.exe [2015/06/10 21:46:09 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwcollector.exe [2015/06/10 21:46:09 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\JavaScriptCollectionAgent.dll [2015/06/10 21:46:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwproxystub.dll [2015/06/10 21:46:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll [2015/06/10 21:46:08 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2015/06/10 21:46:08 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll [2015/06/10 21:46:08 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2015/06/10 21:46:08 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9diag.dll [2015/06/10 21:46:08 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll [2015/06/10 21:46:08 | 000,342,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2015/06/10 21:46:08 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe [2015/06/10 21:46:08 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2015/06/10 21:46:06 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl [2015/06/10 21:46:06 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msrating.dll [2015/06/10 21:46:06 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll [2015/06/10 21:46:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwcollectorres.dll [2015/06/10 21:46:05 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll [2015/06/10 21:46:04 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2015/06/10 21:46:03 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec [2015/06/10 21:46:02 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtmlmedia.dll [2015/06/10 21:46:02 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MshtmlDac.dll [2015/06/10 21:46:01 | 004,305,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll [2015/06/10 21:45:02 | 000,853,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\diagtrack.dll [2015/06/10 21:45:01 | 003,989,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe [2015/06/10 21:45:00 | 003,934,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe [2015/06/10 21:45:00 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srcore.dll [2015/06/10 21:45:00 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tracerpt.exe [2015/06/10 21:45:00 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rstrui.exe [2015/06/10 21:44:59 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll [2015/06/10 21:44:59 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\logman.exe [2015/06/10 21:44:58 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tdh.dll [2015/06/10 21:44:58 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\auditpol.exe [2015/06/10 21:44:57 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\typeperf.exe [2015/06/10 21:44:57 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll [2015/06/10 21:44:57 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\relog.exe [2015/06/10 21:44:57 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\diskperf.exe [2015/06/10 21:44:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll [2015/06/10 21:44:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\apisetschema.dll [2015/06/10 21:44:55 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\adtschema.dll [2015/06/10 21:44:55 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msaudite.dll [2015/06/10 21:44:55 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msobjs.dll [2015/06/10 21:44:55 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\UtcResources.dll [2015/06/10 21:44:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spwmp.dll [2015/06/10 21:44:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdxm.ocx [2015/06/10 21:44:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxmasf.dll [2015/06/10 21:44:11 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmploc.DLL [2015/06/10 21:44:09 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe [2015/06/10 21:44:08 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll [2015/06/10 21:44:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2015/06/10 21:44:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2015/06/10 21:44:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll [2015/06/10 21:44:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll [2015/06/10 21:44:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2015/06/10 21:44:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2015/06/10 21:44:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll [2015/06/10 21:44:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2015/06/10 21:44:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2015/06/10 21:44:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll [2015/06/10 21:44:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2015/06/10 21:44:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2015/06/10 21:44:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll [2015/06/10 21:44:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll [2015/06/10 21:44:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2015/06/10 21:44:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll [2015/06/10 21:44:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll [2015/06/10 21:44:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll [2015/06/10 21:44:06 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll [2015/06/10 21:44:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2015/06/10 21:44:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2015/06/10 21:44:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2015/06/10 21:44:05 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll [2015/06/10 21:44:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2015/06/10 21:44:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll [2015/06/10 21:44:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2015/06/10 21:44:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll [2015/06/10 21:44:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll [2015/06/10 21:12:58 | 000,000,000 | ---D | C] -- C:\FRST [2015/06/09 21:33:00 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\GWX [2015/06/04 05:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2015/06/28 22:05:16 | 000,740,348 | ---- | M] () -- C:\windows\System32\perfh015.dat [2015/06/28 22:05:16 | 000,654,140 | ---- | M] () -- C:\windows\System32\perfh009.dat [2015/06/28 22:05:16 | 000,155,890 | ---- | M] () -- C:\windows\System32\perfc015.dat [2015/06/28 22:05:16 | 000,122,012 | ---- | M] () -- C:\windows\System32\perfc009.dat [2015/06/28 21:53:39 | 000,023,552 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2015/06/28 21:53:39 | 000,023,552 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2015/06/28 21:44:00 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2015/06/28 20:31:01 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2015/06/26 20:36:45 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\MBAMSwissArmy.sys [2015/06/26 19:29:42 | 005,345,707 | ---- | M] () -- C:\Users\Kamil\Desktop\01-Ścieżka 1.mp3 [2015/06/26 19:19:41 | 000,001,534 | ---- | M] () -- C:\ProgramData\ss.ini [2015/06/26 19:19:33 | 000,000,920 | ---- | M] () -- C:\Users\Kamil\Desktop\FreeRIP MP3 Converter.lnk [2015/06/26 19:04:26 | 000,000,064 | ---- | M] () -- C:\windows\System32\rp_stats.dat [2015/06/26 19:04:26 | 000,000,044 | ---- | M] () -- C:\windows\System32\rp_rules.dat [2015/06/24 17:57:15 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2015/06/24 17:57:15 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2015/06/24 17:57:02 | 018,174,128 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerInstaller.exe [2015/06/19 22:49:39 | 000,136,728 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avipbb.sys [2015/06/19 22:49:39 | 000,108,448 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avgntflt.sys [2015/06/19 22:49:39 | 000,031,848 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\ssmdrv.sys [2015/06/19 22:38:00 | 2406,912,000 | -HS- | M] () -- C:\hiberfil.sys [2015/06/11 07:28:01 | 000,430,104 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2015/06/09 21:03:57 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2015/06/09 19:06:01 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2015/06/02 21:35:47 | 000,342,728 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [color=#E56717]========== Files Created - No Company Name ==========[/color] [2015/06/26 19:29:03 | 005,345,707 | ---- | C] () -- C:\Users\Kamil\Desktop\01-Ścieżka 1.mp3 [2015/06/26 19:19:41 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini [2015/06/26 19:19:33 | 000,000,920 | ---- | C] () -- C:\Users\Kamil\Desktop\FreeRIP MP3 Converter.lnk [2015/06/09 19:06:01 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2015/06/04 05:31:58 | 000,002,074 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk [2014/12/08 19:59:51 | 000,008,192 | ---- | C] () -- C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014/12/06 23:32:07 | 000,007,680 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2014/07/14 22:52:54 | 000,000,025 | ---- | C] () -- C:\windows\cdplayer.ini [2013/05/01 07:14:33 | 068,001,792 | -HS- | C] () -- C:\ProgramData\mszstcuhk.exe [2013/04/30 06:49:40 | 000,000,712 | ---- | C] () -- C:\Users\Kamil\AppData\Roaming\wklnhst.dat [2010/03/11 19:02:51 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== Files - Unicode (All) ==========[/color] [2013/10/28 18:37:02 | 103,746,026 | ---- | M] ()(C:\windows\System32\???m) -- C:\windows\System32\핇쪑m [2013/10/28 18:37:02 | 103,746,026 | ---- | C] ()(C:\windows\System32\???m) -- C:\windows\System32\핇쪑m [2013/10/11 21:53:14 | 100,567,204 | ---- | M] ()(C:\windows\System32\???d) -- C:\windows\System32\臫ᤅd [2013/10/11 15:53:15 | 100,567,204 | ---- | C] ()(C:\windows\System32\???d) -- C:\windows\System32\臫ᤅd < End of report >