OTL logfile created on: 2015-11-09 21:24:02 - Run 9 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\x\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 51,43% Memory free 3,85 Gb Paging File | 3,08 Gb Available in Paging File | 79,94% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 63,47 Gb Total Space | 0,15 Gb Free Space | 0,24% Space Free | Partition Type: NTFS Drive D: | 78,13 Gb Total Space | 3,17 Gb Free Space | 4,06% Space Free | Partition Type: NTFS Drive E: | 78,13 Gb Total Space | 4,73 Gb Free Space | 6,05% Space Free | Partition Type: NTFS Drive F: | 78,35 Gb Total Space | 8,44 Gb Free Space | 10,77% Space Free | Partition Type: NTFS Drive G: | 4,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: x | User Name: x | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2015-10-05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe PRC - [2015-10-05 09:48:44 | 001,513,784 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe PRC - [2015-10-05 09:48:34 | 009,832,760 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe PRC - [2014-09-11 18:10:16 | 002,087,264 | ---- | M] (Wondershare) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe PRC - [2013-11-27 13:43:40 | 001,375,600 | ---- | M] (Binary Fortress Software) -- D:\Program Files\DisplayFusion\DisplayFusionService.exe PRC - [2013-10-27 22:54:50 | 000,151,552 | ---- | M] () -- C:\WINDOWS\KMService.exe PRC - [2013-10-27 22:49:34 | 000,008,192 | ---- | M] () -- C:\WINDOWS\system32\srvany.exe PRC - [2013-10-27 10:44:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dominik_2\Pulpit\OTL.exe PRC - [2012-05-31 15:50:30 | 001,082,368 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe PRC - [2012-05-28 17:08:28 | 000,368,726 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe PRC - [2012-05-21 14:36:12 | 000,110,695 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe PRC - [2012-05-21 14:33:56 | 000,147,563 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe PRC - [2012-03-23 13:56:54 | 004,428,800 | ---- | M] () -- C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe PRC - [2011-07-29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010-03-18 21:25:55 | 000,126,976 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2009-09-15 19:44:44 | 000,126,976 | ---- | M] () -- C:\WINDOWS\system32\UAService7.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-01-29 10:19:46 | 002,157,096 | ---- | M] (Palit Microsystems, Inc.) -- C:\Program Files\VDOTool\TBPANEL.exe PRC - [2006-11-03 10:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe PRC - [2006-03-14 12:12:26 | 001,097,728 | ---- | M] (Samsung Electronics, Inc.) -- C:\Program Files\MagicRotation\MagicPvt.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-09-11 18:09:20 | 001,498,112 | ---- | M] () -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll MOD - [2014-05-19 17:19:02 | 000,137,728 | ---- | M] () -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll MOD - [2014-02-20 20:34:05 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f00848816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll MOD - [2014-02-20 16:06:11 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2014-02-20 16:02:58 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll MOD - [2014-02-20 16:02:52 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1cdfe1998ad6794db3237006906c6fa2\System.Windows.Forms.ni.dll MOD - [2014-02-20 16:02:40 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\424bff3295c6e7539cc6df62b9425bd0\System.Drawing.ni.dll MOD - [2014-02-20 16:01:33 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll MOD - [2014-02-20 16:01:26 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll MOD - [2013-10-27 22:54:50 | 000,151,552 | ---- | M] () -- C:\WINDOWS\KMService.exe MOD - [2013-10-27 22:49:34 | 000,008,192 | ---- | M] () -- C:\WINDOWS\system32\srvany.exe MOD - [2012-05-31 15:48:32 | 000,127,096 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\setup.dll MOD - [2012-05-21 14:33:58 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\BsMobileCSps.dll MOD - [2012-03-23 13:56:54 | 004,428,800 | ---- | M] () -- C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe MOD - [2011-07-29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011-07-29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe MOD - [2011-03-28 10:05:18 | 000,061,440 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\Mobile\ExtraLib.dll MOD - [2011-03-28 10:04:52 | 000,237,568 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\Mobile\BaseLib.dll MOD - [2010-05-13 15:30:38 | 000,028,730 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\driver\usb\btcusb.dll MOD - [2010-03-31 20:59:20 | 000,122,880 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\Mobile\s40pack.dll MOD - [2010-01-30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2009-09-15 19:44:44 | 000,126,976 | ---- | M] () -- C:\WINDOWS\system32\UAService7.exe MOD - [2003-05-01 16:23:28 | 000,041,472 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\Mobile\CsCvt.dll MOD - [2001-10-29 01:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfmonnt.dll MOD - [2001-10-26 18:27:02 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll MOD - [1998-10-31 03:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files\VDOTool\TBMANAGE.DLL [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2015-11-07 23:30:47 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2015-10-05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2015-10-05 09:48:44 | 001,513,784 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2015-02-18 19:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Program Files\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-11-27 13:43:40 | 001,375,600 | ---- | M] (Binary Fortress Software) [Auto | Running] -- D:\Program Files\DisplayFusion\DisplayFusionService.exe -- (DisplayFusionService) SRV - [2013-10-27 22:49:34 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\srvany.exe -- (KMService) SRV - [2013-02-04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2012-05-31 15:50:30 | 001,082,368 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS) SRV - [2012-05-21 14:36:12 | 000,110,695 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS) SRV - [2012-05-21 14:33:56 | 000,147,563 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe -- (BsMobileCS) SRV - [2012-04-22 12:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-01-05 16:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- D:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv) SRV - [2011-06-12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010-03-18 21:25:55 | 000,126,976 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\WINDOWS\system32\Crypserv.exe -- (CrypKey License) SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009-11-06 09:18:50 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) SRV - [2009-09-15 19:44:44 | 000,126,976 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\KBFiltr.sys -- (KBFiltr) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a2kd613f) DRV - [2015-11-09 21:22:03 | 000,170,200 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV - [2015-10-05 09:50:04 | 000,023,256 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2015-05-03 00:21:16 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2014-07-31 15:55:50 | 000,025,632 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudioDevice_383.sys -- (WsAudioDevice_383) DRV - [2014-05-12 14:49:59 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2014-03-26 16:16:46 | 000,320,120 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2013-11-02 00:29:44 | 000,043,720 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hssdrv.sys -- (HssDrv) DRV - [2013-10-04 20:01:28 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\utm3nzg2.sys -- (utm3nzg2) DRV - [2013-08-12 23:16:40 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss) DRV - [2013-02-12 01:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS) DRV - [2012-06-19 15:54:20 | 006,141,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2012-06-05 15:33:00 | 000,158,552 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2012-06-05 15:33:00 | 000,116,056 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2012-06-05 15:33:00 | 000,104,792 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2012-06-05 15:33:00 | 000,091,992 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2012-06-05 15:33:00 | 000,082,776 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxUSB.sys -- (VBoxUSB) DRV - [2012-04-22 12:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2012-03-08 15:21:08 | 000,089,728 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TPLINKUDSMBus.sys -- (TPLINKUDSMBus) DRV - [2012-03-08 15:20:18 | 000,146,304 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TPLINKUDSTcpBus.sys -- (TPLINKUDSTcpBus) DRV - [2012-01-09 16:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2012-01-09 16:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2012-01-09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2012-01-09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011-12-27 09:18:46 | 000,037,344 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb) DRV - [2011-12-21 13:47:50 | 000,027,744 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (IvtPanBusSrv) DRV - [2011-12-21 13:47:50 | 000,027,744 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs) DRV - [2011-12-21 13:47:06 | 000,021,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BtHidBus.sys -- (BtHidBus) DRV - [2011-11-25 00:26:04 | 000,013,440 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pneteth.sys -- (pneteth) DRV - [2011-07-27 09:29:04 | 000,022,024 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcombus.sys -- (IvtComBusSrv) DRV - [2011-07-27 09:29:04 | 000,022,024 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcombus.sys -- (BTCOMBUS) DRV - [2011-07-27 09:28:54 | 000,025,992 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcomport.sys -- (BTCOM) DRV - [2011-01-01 10:12:18 | 000,081,168 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MijXfilt.sys -- (MotioninJoyXFilter) DRV - [2010-08-18 21:19:24 | 000,014,088 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetdrv.sys -- (BT) DRV - [2010-07-04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2010-04-06 17:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs) DRV - [2010-04-06 17:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtAudioBusSrv) DRV - [2010-03-19 00:11:11 | 000,023,360 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\Ckldrv.sys -- (NetWorkX) DRV - [2009-11-18 06:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 06:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-07-13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB) DRV - [2009-06-17 13:02:16 | 000,027,528 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - [2009-06-17 13:02:08 | 000,033,800 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2009-02-24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus) DRV - [2007-09-28 14:25:22 | 000,614,912 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207) DRV - [2007-03-16 09:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007-03-16 09:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2007-02-16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2006-11-27 15:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-11-27 15:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-11-22 12:41:18 | 000,022,416 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\device\Win2k\BTNetFilter.sys -- (BTNetFilter) DRV - [2006-10-18 15:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata) DRV - [2006-06-18 22:51:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2005-11-14 02:26:34 | 000,009,728 | R--- | M] (Samsung Electronics, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\magicpvt.sys -- (magicpvt) DRV - [2005-04-30 13:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum) DRV - [2005-04-30 13:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2005-03-25 16:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr) DRV - [2005-03-09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\libusb0.sys -- (libusb0) DRV - [2004-10-19 12:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm) DRV - [2004-02-01 04:53:20 | 000,026,166 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbfilt.sys -- (Usbfilt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9} IE - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9} IE - HKCU\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_pl IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_pl&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=uy0xzWRHC7GvonCsoHg6YvPhISk?q={searchTerms} IE - HKCU\..\SearchScopes\{E1FFD9CA-CBD9-446B-B6B5-BBE7134AD8A0}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "PL" FF - prefs.js..browser.search.isUS: false FF - prefs.js..browser.search.region: "PL" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: %7B1A2D0EC4-75F5-4c91-89C4-3656F6E44B68%7D:0.6.3.1-signed FF - prefs.js..extensions.enabledAddons: %7B71328583-3CA7-4809-B4BA-570A85818FBB%7D:0.8.6.3 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:42.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.65.2: C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.65.2: C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40620.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Dane aplikacji\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2008-05-15 13:08:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-01 22:06:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2015-11-07 23:29:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2015-11-07 23:30:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2014-04-10 12:21:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2014-08-14 19:07:55 | 000,000,000 | ---D | M] [2012-09-15 13:05:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dominik_2\Dane aplikacji\Mozilla\Extensions [2015-11-09 19:40:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dominik_2\Dane aplikacji\Mozilla\Firefox\Profiles\7wu4pgwm.default\extensions [2014-01-17 16:32:13 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Dominik_2\Dane aplikacji\Mozilla\Firefox\Profiles\7wu4pgwm.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2015-04-25 21:12:38 | 000,000,000 | ---D | M] (Google Minimalist) -- C:\Documents and Settings\Dominik_2\Dane aplikacji\Mozilla\Firefox\Profiles\7wu4pgwm.default\extensions\{64312dc5-3fc3-40d1-b183-0e4060fc52ac} [2015-07-17 16:41:31 | 000,470,468 | ---- | M] () (No name found) -- C:\Documents and Settings\Dominik_2\Dane aplikacji\Mozilla\Firefox\Profiles\7wu4pgwm.default\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2015-10-26 20:54:42 | 002,594,940 | ---- | M] () (No name found) -- C:\Documents and Settings\Dominik_2\Dane aplikacji\Mozilla\Firefox\Profiles\7wu4pgwm.default\extensions\firebug@software.joehewitt.com.xpi [2014-01-15 19:51:23 | 001,027,741 | ---- | M] () (No name found) -- C:\Documents and Settings\Dominik_2\Dane aplikacji\Mozilla\Firefox\Profiles\7wu4pgwm.default\extensions\{03A4A97B-1A44-4a3b-8A41-D982F0B6E73F}.xpi [2015-05-30 12:42:48 | 000,103,648 | ---- | M] () (No name found) -- C:\Documents and Settings\Dominik_2\Dane aplikacji\Mozilla\Firefox\Profiles\7wu4pgwm.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2015-09-11 19:21:39 | 000,085,716 | ---- | M] () (No name found) -- C:\Documents and Settings\Dominik_2\Dane aplikacji\Mozilla\Firefox\Profiles\7wu4pgwm.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}.xpi [2014-03-29 14:37:02 | 000,001,636 | ---- | M] () -- C:\Documents and Settings\Dominik_2\Dane aplikacji\Mozilla\Firefox\Profiles\7wu4pgwm.default\searchplugins\dodatki-dla-firefox.xml [2015-11-07 23:29:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2015-11-07 23:29:42 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-11-07 23:29:42 | 000,000,000 | ---D | M] (Hotspot Shield Extension) -- C:\Program Files\Mozilla Firefox\extensions\afext@anchorfree.com [2015-11-07 23:29:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2015-11-07 23:30:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2015-11-07 23:29:36 | 000,000,000 | ---D | M] (Hotspot Shield Extension) -- C:\Program Files\Mozilla Firefox\browser\extensions\afext@anchorfree.com [2012-01-12 09:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2009-01-28 19:46:54 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\mozilla firefox\plugins\npOggX.dll O1 HOSTS File: ([2014-03-30 15:08:17 | 000,000,219 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 O1 - Hosts: 127.0.0.1 license.bluesoleil.com O1 - Hosts: 127.0.0.1 license2.bluesoleil.com O1 - Hosts: 127.0.0.1 license3.bluesoleil.com O1 - Hosts: 127.0.0.1 www.bluesoleil.com O1 - Hosts: 127.0.0.1 bluesoleil.com O2 - BHO: (DivX Plus Web Player HTML5