FRST.txt

Duże zużycie CPU przez exploler.exe (shlwapi.dll) Win 7

To tak z DrWeb mam tylko sreenshot, bo log nie chciało mi otworzyć, a resztę logów wstawiam. Powiedz co moge pousuwac w programach MBAM i ADW.


przScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014
Ran by uzytkownik (administrator) on PC on 07-05-2014 21:21:55
Running from C:\Users\uzytkownik\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\35.0.1916.52\remoting_host.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\35.0.1916.52\remoting_host.exe
() C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(StarWind Software) G:\programy\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe
(Vimicro Corporation) C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Users\uzytkownik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\uzytkownik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\uzytkownik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\uzytkownik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\uzytkownik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\uzytkownik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\uzytkownik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\uzytkownik\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [ATICustomerCare] = & gt; C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NWEReboot] = & gt; [X]
HKLM-x32\...\Run: [] = & gt; [X]
HKLM-x32\...\Run: [StartCCC] = & gt; C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] = & gt; C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [VMonitorVMUVC] = & gt; C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe [143360 2008-08-29] (Vimicro Corporation)
HKLM-x32\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-23] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [PLTSpokes.exe] = & gt; C:\Program Files (x86)\Plantronics\Spokes3G\PLTSpokes.exe -min
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\Run: [swg] = & gt; C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-02-18] (Google Inc.)
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\Run: [Xvid] = & gt; G:\programy\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\Run: [Skype] = & gt; C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: D - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: I - I:\launcher.exe /cfg:.\script.ini /lng:en-us
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {044bed95-c940-11e1-a292-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {0d838bf2-e9c8-11df-b3ab-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {12a6f46b-c8c1-11e1-a1f8-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {27267e08-c242-11e2-beb2-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {283f5721-09e4-11e0-a4cc-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {2d63a1f2-3e3c-11e2-b84a-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {30ad2f07-4dfc-11e3-8253-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {30facd10-e765-11df-9e9e-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {30facd13-e765-11df-9e9e-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {30facd15-e765-11df-9e9e-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {3c3faac5-1b6d-11e1-9ff0-90fba6312ac8} - J:\Setup.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {3fdba072-4d5a-11e3-81c1-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {3fdba08c-4d5a-11e3-81c1-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {490bd8ce-40de-11e3-ad93-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {4b460c90-0a71-11e2-80f0-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {4f51228d-f0b5-11e2-a46d-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {64b8ceb8-d0b2-11e0-9fda-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {6e4f9fac-6e1f-11e3-a68c-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {6e4f9fb7-6e1f-11e3-a68c-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {6f318e0f-e3f0-11e1-834d-90fba6312ac8} - F:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {6f318e11-e3f0-11e1-834d-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {7ab9c1f0-4481-11e2-bb29-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {7e5afd56-dc9c-11e0-a032-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {7e5afd7e-dc9c-11e0-a032-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {80df429f-7311-11e3-8b04-90fba6312ac8} - H:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {80df42a2-7311-11e3-8b04-90fba6312ac8} - H:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {80df42ab-7311-11e3-8b04-90fba6312ac8} - H:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {86a316f7-6288-11e3-a8d0-90fba6312ac8} - F:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {86a31726-6288-11e3-a8d0-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {8d3fa9a6-5683-11e2-831f-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {8d3fa9dc-5683-11e2-831f-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {932bd366-c5e9-11e1-95d0-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {932bd380-c5e9-11e1-95d0-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {9ee89cdb-48e6-11e1-8747-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {a9618aa5-b8b1-11e2-b8d1-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {a9618ac1-b8b1-11e2-b8d1-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {b4a3bb0e-6546-11e0-812e-afb7a13ac9c2} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {b7a71832-e75d-11df-8c66-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {bf930c2c-476a-11e1-b47e-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {bf930c30-476a-11e1-b47e-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {ccff2720-b0a2-11e2-a989-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {ccff2732-b0a2-11e2-a989-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {d2f3fb6a-ede7-11e0-a0d0-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {dc9b6a6e-c9bd-11e1-a963-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {dc9b6a70-c9bd-11e1-a963-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {e6d12c00-127b-11e0-a8d7-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {e6d12c02-127b-11e0-a8d7-90fba6312ac8} - E:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {ea557078-9823-11e0-94c7-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {ea55707b-9823-11e0-94c7-90fba6312ac8} - D:\AutoRun.exe
HKU\S-1-5-21-1425542577-1703686236-3742947962-1000\...\MountPoints2: {eab7f964-c62d-11e3-bb2f-90fba6312ac8} - D:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - No File
URLSearchHook: HKCU - (No Name) - {14f6a182-4c6f-45ae-9f5a-aa3ccbb1cfa3} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://search.certified-toolbar.com?si=33953 & st=bs & tid=3546 & ts=1363428115568 & tguid=33953-3546-1363428086240-480106 & q={searchTerms}
SearchScopes: HKCU - DefaultScope {0182B482-D9C4-42CF-A85C-E17345EE17CA} URL = http://audioteka.pl/None,None,None,None,,1,12,UserOpinion,DESC,szukaj.html?szukaj={searchTerms}
SearchScopes: HKCU - {0182B482-D9C4-42CF-A85C-E17345EE17CA} URL = http://audioteka.pl/None,None,None,None,,1,12,UserOpinion,DESC,szukaj.html?szukaj={searchTerms}
SearchScopes: HKCU - {0B572A5B-7A25-463E-A097-2C6EEB60A9ED} URL = http://search.certified-toolbar.com?si=33953 & st=bs & tid=3546 & ts=1363428115568 & tguid=33953-3546-1363428086240-480106 & q={searchTerms}
SearchScopes: HKCU - {13739E1B-1442-4924-81F6-2B1150887A17} URL = http://websearch.ask.com/redirect?client=ie & tb=FXTV5 & o=101699 & src=kw & q={searchTerms} & locale= & apn_ptnrs=^F4 & apn_dtid=^YYYYYY^YY^PL & apn_uid=ca10a1ba-c038-42e9-bb91-85fbfe0323c2 & apn_sauid=FBE82E2D-ED2F-43E9-91C8-2EE7B9FB006C
SearchScopes: HKCU - {18F5E51A-5AF8-41E2-BAB1-A2E4C90DC6C2} URL = http://szukaj.onet.pl/query.html?qt={searchTerms}
SearchScopes: HKCU - {33627614-CA8E-4411-87EB-7A6D882BB0F2} URL = http://www.nasza-klasa.pl/szukaj/profile?q={searchTerms}
SearchScopes: HKCU - {388003CC-06AE-4D37-9428-CFDD55D325E5} URL = http://www.google.com/search?hl=pl & q={searchTerms} & rlz=1I7GGHP_plPL419
SearchScopes: HKCU - {80F4D4E4-EE8D-4376-B84E-A469DFCFBD48} URL = http://megaslownik.pl/slownik.php?phrase={searchTerms} & lang=en
SearchScopes: HKCU - {926D4A34-09AC-4730-A0E2-44D3EAD5A491} URL = http://www.allegro.pl/search.php?sg=0 & string={searchTerms}
SearchScopes: HKCU - {AB3FB958-C8DD-4A5C-BC76-B34C7925059E} URL = http://pl.wikipedia.org/w/index.php?title=Specjalna:Szukaj & search={searchTerms}
SearchScopes: HKCU - {ADF229D3-E669-480C-B557-C6382B006F0E} URL = http://www.google.pl/+{searchTerms}
SearchScopes: HKCU - {DCA93983-0C29-4C74-9B60-4458348C8677} URL = http://megaslownik.pl/slownik.php?phrase={searchTerms} & lang=de
SearchScopes: HKCU - {E5E13232-2216-4C79-9C2D-23776F414F45} URL = http://www.pf.pl/serwis/{searchTerms}--V1_YP.html
SearchScopes: HKCU - {EB817B83-E1B5-455C-94AD-560966F12F7D} URL = http://szukaj.gazeta.pl/portalSearch.do?s.si(navigation).navigationEnabled=true & s.sm.query={searchTerms}
SearchScopes: HKCU - {EBC07101-4E27-4192-9434-B89AF8499D5F} URL = http://www.vobis.pl/wynikiwyszukiwania.aspx?q={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: HistoryTriggerBHO Class - {21A88CB9-84D2-4020-A2D1-B25A21034884} - G:\programy\pc suite 4\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
BHO-x32: DivX Plus Web Player HTML5 & lt; video & gt; - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocnik logowania za pomocą konta Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - G:\programy\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
BHO-x32: No Name - {EF7BD87A-8024-11E2-F316-F3E56188709B} - No File
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {942CD1D4-9CC1-4D31-876A-EA8F489F7A59} - No File
Toolbar: HKCU - No Name - {14F6A182-4C6F-45AE-9F5A-AA3CCBB1CFA3} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{404A7972-9900-42DC-A1EB-7C7F904106BA}: [NameServer]89.108.195.20 89.108.202.20
Tcpip\..\Interfaces\{464470E6-2760-4EA0-BA4D-9CFB667C7CC0}: [NameServer]89.108.195.21 89.108.202.21
Tcpip\..\Interfaces\{4A5420E8-8829-4EEA-BA4F-07EEE2193F22}: [NameServer]89.108.202.21 89.108.195.21
Tcpip\..\Interfaces\{63C48214-0829-44A7-B715-C43AC3913B5D}: [NameServer]89.108.195.20 89.108.202.20
Tcpip\..\Interfaces\{8D41EF31-B794-4AFD-B5F8-50E526CF2006}: [NameServer]89.108.195.21 89.108.202.21
Tcpip\..\Interfaces\{944DF50A-9424-48F1-90CB-7DD6FA4D3604}: [NameServer]89.108.202.20 89.108.195.20

FireFox:
========
FF ProfilePath: C:\Users\uzytkownik\AppData\Roaming\Mozilla\Firefox\Profiles\2o6oapbv.default
FF Homepage: hxxp://www.wp.pl/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\uzytkownik\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\uzytkownik\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\uzytkownik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\uzytkownik\AppData\Roaming\Mozilla\Firefox\Profiles\2o6oapbv.default\searchplugins\pwn---encyklopedia.xml
FF Extension: DealPly Shopping - C:\Users\uzytkownik\AppData\Roaming\Mozilla\Firefox\Profiles\2o6oapbv.default\Extensions\amo@dealplyshopping.com [2013-04-21]
FF Extension: Zapiska - C:\Users\uzytkownik\AppData\Roaming\Mozilla\Firefox\Profiles\2o6oapbv.default\Extensions\zapiska@zapiska.pl [2010-11-06]
FF Extension: Iplex to ALLPlayer - C:\Users\uzytkownik\AppData\Roaming\Mozilla\Firefox\Profiles\2o6oapbv.default\Extensions\IplextoALL@ALLPlayer.org.xpi [2013-07-10]
FF Extension: No Name - C:\Users\uzytkownik\AppData\Roaming\Mozilla\Firefox\Profiles\2o6oapbv.default\Extensions\savedpasswordeditor@daniel.dawson.xpi [2012-05-18]
FF Extension: ALLYouTubeDownloader - C:\Users\uzytkownik\AppData\Roaming\Mozilla\Firefox\Profiles\2o6oapbv.default\Extensions\YouTubetoALL@ALLPlayer.org.xpi [2013-07-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-01-17]
FF HKLM-x32\...\Firefox\Extensions: [{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}] - G:\programy\pc suite 4\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\
FF Extension: LG Air Sync - G:\programy\pc suite 4\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-10-17]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 & lt;video & gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-04-05]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-01-17]

Chrome:
=======
CHR HomePage: hxxp://www.wp.pl/
CHR StartupUrls: " https://www.google.pl/?gws_rd=cr & ei=bRNoUp62EOSe4gSC7YD4DQ "
CHR Plugin: (Shockwave Flash) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (Microsoft(R) Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\uzytkownik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll No File
CHR Plugin: (Foxit Reader Plugin for Mozilla) - G:\programy\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
CHR Extension: (Dokumenty Google) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-15]
CHR Extension: (Dysk Google) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-15]
CHR Extension: (YouTube) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-15]
CHR Extension: (Szukaj w Google) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-15]
CHR Extension: (Speed Dial) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2013-01-15]
CHR Extension: (DealPly Brazil) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma [2013-04-21]
CHR Extension: (Pulpit zdalny Chrome) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-04-23]
CHR Extension: (Twojanuta.pl) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\golpmdddnmkckjiopggcbempclljlbjk [2013-01-20]
CHR Extension: (avast! Online Security) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-23]
CHR Extension: (Flutter) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\kapandologlbgjondeamljhnlodccikh [2013-12-15]
CHR Extension: (Remote Desktop (auto-discovery)) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmpghknnfhlgcgchochgijlgjpmhhfo [2014-04-23]
CHR Extension: (Sprawdzanie poczty Google) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-01-15]
CHR Extension: (Google Wallet) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (DivX Plus Web Player HTML5 & lt; video & gt; ) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-01-15]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-04-23]
CHR Extension: (Gmail) - C:\Users\uzytkownik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-15]
CHR HKLM-x32\...\Chrome\Extension: [aaaaoiagmlcohkmjodefppbmpjdiocmh] - C:\Users\uzytkownik\AppData\Local\APN\GoogleCRXs\aaaaoiagmlcohkmjodefppbmpjdiocmh_7.17.6.0.crx [2013-01-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-04-02]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-23] (AVAST Software)
S4 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
S4 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
S4 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2562208 2013-10-15] (G Data Software AG)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\35.0.1916.52\remoting_host.exe [51016 2014-04-17] (Google Inc.)
S4 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 Mobile Partner. RunOuc; G:\programy\mobile partner\UpdateDog\ouc.exe [655712 2012-07-25] ()
S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2013-11-14] ()
R2 StarWindServiceAE; G:\programy\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
S2 Crypkey License; crypserv.exe [X]

==================== Drivers (Whitelisted) ====================

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
S3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [31744 2010-08-02] (Google Inc)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-23] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-23] ()
S3 CSRBC; C:\Windows\System32\Drivers\csrbcx64.sys [38400 2014-04-04] (CSR plc.)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-01-08] (DT Soft Ltd)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-12-19] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-12-19] (G Data Software AG)
S3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [63320 2013-12-19] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-12-19] (G Data Software AG)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-12-19] (G Data Software AG)
R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [223744 2013-11-14] (Huawei Technologies Co., Ltd.)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
S3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-08-16] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-08-16] ()
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2012-04-01] ()
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [124176 2012-11-30] (High Criteria inc.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2012-03-02] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2012-03-02] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2012-03-02] (LG Electronics Inc.)
U3 ah1oigkc; C:\Windows\System32\Drivers\ah1oigkc.sys [0 ] (Microsoft Corporation)
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S1 NetworkX; \SystemRoot\system32\ckldrv.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\ACPI.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\aliide.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\amdide.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 22A14DF59FB8D0BE918C597988AF4296
C:\Windows\System32\DRIVERS\atikmpag.sys EE22D3ED6D55A855E709F811CCCA97ED
C:\Windows\System32\DRIVERS\amdppm.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\DRIVERS\lgandbus64.sys 48CD7E6520D47D62EAB0E6CE3EC30C65
C:\Windows\System32\DRIVERS\lganddiag64.sys 08CBACC00D15DCDBBAAE1A7C8F231C61
C:\Windows\System32\DRIVERS\lgandgps64.sys CEA9A4CD6B3A83428CE8501240833668
C:\Windows\System32\DRIVERS\lgandmodem64.sys E2B5663E547FA5E756B253EFA8EC8286
C:\Windows\System32\Drivers\lgandnetadb.sys EFD1765905491B742C531FF6C38E9EC7
C:\Windows\System32\Drivers\lgandadb.sys 9C1751B2E733471AE07561028B7D2A9B
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 5A528A540B1AEE8B1C77ED65094E8CDF
C:\Windows\system32\drivers\appid.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\aswMonFlt.sys 9C2BEA3957EFFD45F352F0938DFB3721
C:\Windows\system32\drivers\aswRdr2.sys 679712B7A353EE665B9301592164A172
C:\Windows\System32\Drivers\aswRvrt.sys C04F7B373881009D7994D9BF55D24AB4
C:\Windows\system32\drivers\aswSnx.sys 52B5F8FAF7E78C02D26B0B6E3A05F596
C:\Windows\system32\drivers\aswSP.sys 251360C2FCA22BAFE0583314B3262F98
C:\Windows\system32\drivers\aswStm.sys AAB5F5336EDBB5D99CC7E1A9F4D8F63F
C:\Windows\System32\Drivers\aswVmm.sys 90399625F341AB76BA4B85A5E860EB1F
C:\Windows\System32\DRIVERS\asyncmac.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\atapi.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\AtihdW76.sys 437F55435623D4D54D36197F5AD8B435
C:\Windows\system32\DRIVERS\bxvbda.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\Beep.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys == & gt; MD5 is legit
C:\Windows\System32\CLFS.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\cmdide.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\system32\DRIVERS\compbatt.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\csrbcx64.sys C72D445D22C23A14B8B97E36699C22AE
C:\Windows\System32\Drivers\dfsc.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\discache.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 9F98D7AFA293947A0DFC6FFD4671FE70
C:\Windows\System32\drivers\dxgkrnl.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\evbda.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\errdev.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\ew_hwusbdev.sys 86F7951BBCEE4A86E79A97306BD14318
C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys 55E0EDA185869F7EA67EA97FD0655B39
C:\Windows\System32\Drivers\exfat.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\filetrace.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\gagp30kx.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\GDBehave.sys 04E86E408C505EA00C45777347905616
C:\Windows\system32\drivers\MiniIcpt.sys 318BA73C601AACAC3036124B6BBFBE2E
C:\Windows\system32\drivers\PktIcpt.sys 7CA2CB5F8190F7E4123AED0C7E50AF24
C:\Windows\System32\drivers\gdwfpcd64.sys 3029AA9AA2A3CD7C7B35B9F7D1933FDB
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\HookCentre.sys 29F589B1543DD7AB2086C95B152B0C3D
C:\Windows\system32\drivers\HpSAMD.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\HTTP.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\ew_jucdcacm.sys 91971BCD780D6063DF90DE4F1DF10C2F
C:\Windows\System32\DRIVERS\ew_jubusenum.sys CCE3DB0BA3C615CAA321EB1301532688
C:\Windows\System32\DRIVERS\ew_juextctrl.sys C4BC37B9E5E54A50B2AA458F1FCA428C
C:\Windows\System32\DRIVERS\ew_juwwanecm.sys 62AFE38956D7A272CA010C11DD8E3840
C:\Windows\System32\DRIVERS\ewusbmdm.sys CE93B8AF848FE2AA44455A4769C1BC8A
C:\Windows\System32\drivers\hwpolicy.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\DRIVERS\iirsp.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\intelide.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\intelppm.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\ipnat.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\irenum.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\isapnp.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\lgbtpt64.sys 174803F2EEA3B22165DFE0E5A1F20685
C:\Windows\System32\DRIVERS\lgbtbs64.sys 565F93BB7C0361E61B3DAEA670C354D6
C:\Windows\System32\DRIVERS\lgvmdm64.sys ABF477857B7CED873362EC92C6CE10A7
C:\Windows\System32\DRIVERS\lltdio.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\luafv.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\DRIVERS\megasas.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\modem.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\mpio.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\msdsm.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\mup.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\ndis.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys A2F74975097F52A00745F9637451FDD8
C:\Windows\System32\Drivers\Null.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\pciide.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\pcw.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\peauth.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys == & gt; MD5 is legit
C:\Windows\system32\pwdrvio.sys 41AD0FCF47275A9BC70FA1B56BFD3E23
C:\Windows\system32\pwdspio.sys 19CF17076F2524AF6746B528584AA3C9
C:\Windows\system32\DRIVERS\ql2300.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys ABCB5A38A0D85BDF69B7877E1AD1EED5
C:\Windows\System32\DRIVERS\s0016bus.sys EA268BCE30691C2DD24F02E617FD2EB5
C:\Windows\System32\DRIVERS\s0016mdfl.sys F5F9DEB89996D333EF976624D37E24E3
C:\Windows\System32\DRIVERS\s0016mdm.sys C17CE2AEE67480FEBCC36ECCB54C0BE8
C:\Windows\System32\DRIVERS\s0016mgmt.sys CC267F04C54C5EC5B7BD658D7628469F
C:\Windows\System32\DRIVERS\s0016nd5.sys 30A35BBCE09D9FE67482FD62C61911FC
C:\Windows\System32\DRIVERS\s0016obex.sys CA394DCC38579C7AD82E83EE64D798A0
C:\Windows\System32\DRIVERS\s0016unic.sys EB267CCEA84E6E8598D92F73332AC67B
C:\Windows\system32\drivers\sbp2port.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\spldr.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ss_bus.sys D21FF3592DAEE244EE8376830A672B52
C:\Windows\System32\DRIVERS\ss_mdfl.sys 451DB3D10E6112E06B4506D4A7BECEC1
C:\Windows\System32\DRIVERS\ss_mdm.sys EF40C8A268A5263A0EF48FED8E57CBED
C:\Windows\system32\DRIVERS\stexstor.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\swenum.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\tcpip.sys ACB82BDA8F46C84F465C1AFA517DC4B9
C:\Windows\System32\DRIVERS\tcpip.sys ACB82BDA8F46C84F465C1AFA517DC4B9
C:\Windows\System32\drivers\tcpipreg.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\termdd.sys == & gt; MD5 is legit
C:\Windows\SysWOW64\Drivers\TFsExDisk.sys CE4B6956E4E12492715A53076E58761F
C:\Windows\system32\drivers\TotRec8.sys 36E1383019695CB722E685083C005FDD
C:\Windows\System32\DRIVERS\tssecsrv.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\umbus.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\lgx64bus.sys C85B8247FADD432FA54FE11667C8D97D
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\lgx64diag.sys D8CDC12F5429878F23DDB3785A0FDF95
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\System32\DRIVERS\lgx64modem.sys 79FA7A22B0F6F0082F640CBC82A00FCE
C:\Windows\System32\DRIVERS\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\DRIVERS\usb8023x.sys 70D05EE263568A742D14E1876DF80532
C:\Windows\System32\DRIVERS\VBoxDrv.sys 197AF90E01A473A1862BB5381BE77877
C:\Windows\System32\DRIVERS\VBoxNetAdp.sys 9AFB83D5E465E7F3C2C20F968C774756
C:\Windows\System32\DRIVERS\VBoxNetFlt.sys 1205DFE6DF344DF80FB3AF10F6E9AC77
C:\Windows\System32\DRIVERS\VBoxUSBMon.sys 132DFA8D09CE78952259D1A9B480C335
C:\Windows\System32\DRIVERS\VClone.sys 84BB306B7863883018D7F3EB0C453BD5
C:\Windows\System32\drivers\vdrvroot.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\vga.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\viaide.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\volmgr.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\volsnap.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys == & gt; MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\wimmount.sys == & gt; MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys == & gt; MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys == & gt; MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys == & gt; MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys == & gt; MD5 is legit
C:\Windows\System32\Drivers\ah1oigkc.sys

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-07 21:21 - 2014-05-07 21:22 - 00058251 _____ () C:\Users\uzytkownik\Desktop\FRST.txt
2014-05-07 19:16 - 2014-05-07 19:16 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Malwarebytes
2014-05-07 19:15 - 2014-05-07 19:15 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-07 19:15 - 2014-05-07 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-05-07 19:15 - 2014-05-07 19:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-07 19:15 - 2014-05-07 19:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-07 19:15 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-07 00:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-07 00:26 - 2014-05-07 00:26 - 00000000 ____D () C:\FRST
2014-05-07 00:15 - 2014-05-07 00:16 - 02063872 _____ (Farbar) C:\Users\uzytkownik\Desktop\FRST64.exe
2014-05-07 00:14 - 2014-05-07 00:25 - 148495416 _____ () C:\Users\uzytkownik\Desktop\launch.exe
2014-05-07 00:13 - 2014-05-07 00:14 - 01316991 _____ () C:\Users\uzytkownik\Desktop\adwcleaner.exe
2014-05-06 22:18 - 2014-05-06 22:33 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2014
2014-05-06 22:18 - 2014-05-06 22:18 - 00000000 ____D () C:\Program Files (x86)\DLLSuite
2014-05-06 14:27 - 2014-05-05 15:23 - 00000512 _____ () C:\Users\uzytkownik\Desktop\config.NFS13Save
2014-05-05 21:24 - 2014-05-05 21:25 - 18257650 _____ () C:\Users\uzytkownik\Desktop\Elektryczne Gitary- To jest już Koniec lekcja [DownTube.pl].mp4
2014-05-04 22:35 - 2014-05-06 19:52 - 00000000 ____D () C:\Users\uzytkownik\Desktop\2014-05-04
2014-05-04 18:12 - 2014-05-04 18:12 - 00008432 _____ () C:\Users\uzytkownik\AppData\Local\recently-used.xbel
2014-05-02 18:35 - 2014-05-04 18:13 - 00000000 ____D () C:\Users\uzytkownik\Desktop\2014-05-02
2014-05-01 19:46 - 2014-05-01 19:05 - 02205071 _____ () C:\Users\uzytkownik\Desktop\klasaiiic_cba_pl_wp_20140501_707.sql
2014-05-01 18:01 - 2014-05-01 18:01 - 01100268 _____ () C:\Users\uzytkownik\Desktop\Seeder-2.0.0b1.apk
2014-05-01 18:01 - 2014-05-01 18:01 - 01100260 _____ () C:\Users\uzytkownik\Desktop\Seeder-2.0.0.apk
2014-05-01 16:28 - 2014-05-01 16:40 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Ahnenblatt
2014-05-01 16:28 - 2014-05-01 16:28 - 00000000 ____D () C:\Users\uzytkownik\Documents\Ahnenblatt
2014-04-29 23:06 - 2014-04-29 23:15 - 00000000 ____D () C:\Users\uzytkownik\Desktop\Nowy folder (2)
2014-04-29 15:15 - 2014-04-29 15:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf
2014-04-28 19:07 - 2014-04-28 19:07 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-04-28 19:07 - 2014-04-28 19:07 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-04-23 22:27 - 2014-04-23 22:27 - 00000000 ____D () C:\Python24
2014-04-23 22:27 - 2014-04-23 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.4
2014-04-23 22:15 - 2014-04-23 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-04-23 22:15 - 2014-03-26 19:01 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-04-23 22:15 - 2014-03-26 19:00 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-04-20 00:00 - 2014-04-20 00:00 - 00000000 ____D () C:\Users\uzytkownik\Desktop\com.rovio.angrybirdsstarwarsii.ads-1
2014-04-17 21:10 - 2014-04-17 21:10 - 00000000 ____D () C:\Users\uzytkownik\Desktop\Biurko
2014-04-15 20:04 - 2014-04-15 20:04 - 00190464 _____ () C:\Users\uzytkownik\Desktop\PORTALE SPOŁECZNOŚCIOWE.ppt
2014-04-14 20:33 - 2014-04-14 20:33 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\IsolatedStorage
2014-04-14 20:33 - 2014-04-14 20:33 - 00000000 ____D () C:\Users\uzytkownik\AppData\Local\FileViewPro
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Users\uzytkownik\AppData\Local\Plantronics
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\ProgramData\Plantronics
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plantronics
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Program Files\Common Files\Plantronics
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Program Files (x86)\Plantronics
2014-04-12 21:15 - 2014-04-12 21:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-08 23:44 - 2014-04-08 23:44 - 00000000 ____D () C:\Users\uzytkownik\Documents\FormatFactory
2014-04-08 21:09 - 2014-04-08 21:09 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-04-08 21:09 - 2014-04-08 21:09 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-04-08 20:45 - 2014-04-08 20:46 - 00000016 _____ () C:\Windows\SysWOW64\w3data.vss
2014-04-08 20:45 - 2014-04-08 20:46 - 00000016 _____ () C:\Windows\SysWOW64\msvcsv60.dll
2014-04-08 20:45 - 2014-04-08 20:46 - 00000016 _____ () C:\Windows\msocreg32.dat
2014-04-08 20:45 - 2014-04-08 20:45 - 00002938 _____ () C:\Windows\System32\Tasks\{DE87D62B-C742-49F9-B41C-878E56988DF7}
2014-04-08 18:25 - 2014-04-08 18:25 - 00000525 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmpliTube2.lnk
2014-04-08 18:25 - 2014-04-08 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2014-04-08 18:24 - 2014-04-08 18:24 - 00000000 ____D () C:\ProgramData\IK Multimedia
2014-04-08 18:21 - 2014-04-08 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Pockets Guitar Tuner Demo
2014-04-08 18:20 - 2014-04-08 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GreenMachine Amp II
2014-04-07 19:31 - 2014-04-07 19:31 - 00000000 ____D () C:\Users\uzytkownik\Documents\REAPER Media
2014-04-07 19:22 - 2014-04-07 19:23 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\REAPER
2014-04-07 19:21 - 2014-04-07 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER
2014-04-07 19:20 - 2014-04-07 19:24 - 00000000 ____D () C:\Program Files (x86)\REAPER

==================== One Month Modified Files and Folders =======

2014-05-07 21:22 - 2014-05-07 21:21 - 00058251 _____ () C:\Users\uzytkownik\Desktop\FRST.txt
2014-05-07 21:11 - 2012-04-15 15:33 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-07 21:11 - 2011-02-16 19:48 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{01B74288-FF7D-42CE-81BE-3CF0826E7AD8}
2014-05-07 21:05 - 2011-01-14 21:13 - 00000302 ____H () C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
2014-05-07 20:56 - 2011-01-14 21:13 - 00000256 ____H () C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
2014-05-07 20:50 - 2013-01-15 15:02 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1425542577-1703686236-3742947962-1000UA.job
2014-05-07 20:49 - 2011-02-01 17:57 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-07 20:27 - 2011-01-14 21:13 - 00000302 ____H () C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
2014-05-07 19:57 - 2013-01-21 13:08 - 00000000 ____D () C:\Users\uzytkownik\.VirtualBox
2014-05-07 19:49 - 2011-02-01 17:57 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-07 19:26 - 2010-11-04 19:35 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Skype
2014-05-07 19:16 - 2014-05-07 19:16 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Malwarebytes
2014-05-07 19:15 - 2014-05-07 19:15 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-07 19:15 - 2014-05-07 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-05-07 19:15 - 2014-05-07 19:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-07 19:15 - 2014-05-07 19:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-07 18:58 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-07 18:58 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-07 18:50 - 2014-03-11 16:34 - 00172570 _____ () C:\Windows\PFRO.log
2014-05-07 18:50 - 2014-03-11 16:34 - 00025996 _____ () C:\Windows\setupact.log
2014-05-07 18:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-07 12:50 - 2013-01-15 15:02 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1425542577-1703686236-3742947962-1000Core.job
2014-05-07 00:28 - 2014-03-11 16:10 - 00000000 ____D () C:\AdwCleaner
2014-05-07 00:26 - 2014-05-07 00:26 - 00000000 ____D () C:\FRST
2014-05-07 00:25 - 2014-05-07 00:14 - 148495416 _____ () C:\Users\uzytkownik\Desktop\launch.exe
2014-05-07 00:16 - 2014-05-07 00:15 - 02063872 _____ (Farbar) C:\Users\uzytkownik\Desktop\FRST64.exe
2014-05-07 00:14 - 2014-05-07 00:13 - 01316991 _____ () C:\Users\uzytkownik\Desktop\adwcleaner.exe
2014-05-06 22:33 - 2014-05-06 22:18 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2014
2014-05-06 22:18 - 2014-05-06 22:18 - 00000000 ____D () C:\Program Files (x86)\DLLSuite
2014-05-06 21:55 - 2012-05-01 18:53 - 00007590 _____ () C:\Users\uzytkownik\AppData\Local\Resmon.ResmonCfg
2014-05-06 21:50 - 2010-11-03 12:41 - 02030705 _____ () C:\Windows\WindowsUpdate.log
2014-05-06 21:35 - 2013-02-22 17:48 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\inkscape
2014-05-06 19:52 - 2014-05-04 22:35 - 00000000 ____D () C:\Users\uzytkownik\Desktop\2014-05-04
2014-05-06 14:41 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-06 14:12 - 2012-07-08 23:00 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-05 21:30 - 2009-07-14 19:55 - 00697896 _____ () C:\Windows\system32\perfh015.dat
2014-05-05 21:30 - 2009-07-14 19:55 - 00135006 _____ () C:\Windows\system32\perfc015.dat
2014-05-05 21:30 - 2009-07-14 07:13 - 01549932 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-05 21:25 - 2014-05-05 21:24 - 18257650 _____ () C:\Users\uzytkownik\Desktop\Elektryczne Gitary- To jest już Koniec lekcja [DownTube.pl].mp4
2014-05-05 15:23 - 2014-05-06 14:27 - 00000512 _____ () C:\Users\uzytkownik\Desktop\config.NFS13Save
2014-05-04 18:13 - 2014-05-02 18:35 - 00000000 ____D () C:\Users\uzytkownik\Desktop\2014-05-02
2014-05-04 18:13 - 2013-03-07 20:19 - 00000000 ____D () C:\Users\uzytkownik\.gimp-2.8
2014-05-04 18:12 - 2014-05-04 18:12 - 00008432 _____ () C:\Users\uzytkownik\AppData\Local\recently-used.xbel
2014-05-01 22:25 - 2013-01-21 13:10 - 00000000 ____D () C:\Users\uzytkownik\VirtualBox VMs
2014-05-01 22:12 - 2011-01-08 17:40 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\DAEMON Tools Lite
2014-05-01 19:05 - 2014-05-01 19:46 - 02205071 _____ () C:\Users\uzytkownik\Desktop\klasaiiic_cba_pl_wp_20140501_707.sql
2014-05-01 18:01 - 2014-05-01 18:01 - 01100268 _____ () C:\Users\uzytkownik\Desktop\Seeder-2.0.0b1.apk
2014-05-01 18:01 - 2014-05-01 18:01 - 01100260 _____ () C:\Users\uzytkownik\Desktop\Seeder-2.0.0.apk
2014-05-01 16:40 - 2014-05-01 16:28 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Ahnenblatt
2014-05-01 16:28 - 2014-05-01 16:28 - 00000000 ____D () C:\Users\uzytkownik\Documents\Ahnenblatt
2014-04-29 23:15 - 2014-04-29 23:06 - 00000000 ____D () C:\Users\uzytkownik\Desktop\Nowy folder (2)
2014-04-29 19:12 - 2012-04-15 15:33 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 19:12 - 2012-04-15 15:33 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 19:12 - 2011-05-20 19:05 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 15:15 - 2014-04-29 15:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf
2014-04-28 19:07 - 2014-04-28 19:07 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-04-28 19:07 - 2014-04-28 19:07 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-04-28 19:07 - 2013-02-24 21:19 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\IrfanView
2014-04-23 22:27 - 2014-04-23 22:27 - 00000000 ____D () C:\Python24
2014-04-23 22:27 - 2014-04-23 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.4
2014-04-23 22:15 - 2014-04-23 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-04-23 20:21 - 2011-02-18 19:23 - 00000000 ____D () C:\ProgramData\Google
2014-04-23 20:21 - 2011-02-01 17:57 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-23 20:06 - 2010-11-03 12:55 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Winamp
2014-04-20 00:00 - 2014-04-20 00:00 - 00000000 ____D () C:\Users\uzytkownik\Desktop\com.rovio.angrybirdsstarwarsii.ads-1
2014-04-17 21:10 - 2014-04-17 21:10 - 00000000 ____D () C:\Users\uzytkownik\Desktop\Biurko
2014-04-16 22:00 - 2010-11-03 20:06 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Media Player Classic
2014-04-16 21:18 - 2012-10-18 19:47 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\GG
2014-04-15 20:04 - 2014-04-15 20:04 - 00190464 _____ () C:\Users\uzytkownik\Desktop\PORTALE SPOŁECZNOŚCIOWE.ppt
2014-04-14 20:33 - 2014-04-14 20:33 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\IsolatedStorage
2014-04-14 20:33 - 2014-04-14 20:33 - 00000000 ____D () C:\Users\uzytkownik\AppData\Local\FileViewPro
2014-04-14 20:33 - 2013-11-02 01:57 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-04-13 18:50 - 2012-08-11 13:15 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\ObviousIdea
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Users\uzytkownik\AppData\Local\Plantronics
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\ProgramData\Plantronics
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plantronics
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Program Files\Common Files\Plantronics
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Program Files (x86)\Plantronics
2014-04-12 21:16 - 2014-04-12 21:15 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-12 21:16 - 2013-03-15 15:15 - 00000000 ____D () C:\Program Files\DIFX
2014-04-08 23:44 - 2014-04-08 23:44 - 00000000 ____D () C:\Users\uzytkownik\Documents\FormatFactory
2014-04-08 21:09 - 2014-04-08 21:09 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-04-08 21:09 - 2014-04-08 21:09 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-04-08 20:46 - 2014-04-08 20:45 - 00000016 _____ () C:\Windows\SysWOW64\w3data.vss
2014-04-08 20:46 - 2014-04-08 20:45 - 00000016 _____ () C:\Windows\SysWOW64\msvcsv60.dll
2014-04-08 20:46 - 2014-04-08 20:45 - 00000016 _____ () C:\Windows\msocreg32.dat
2014-04-08 20:45 - 2014-04-08 20:45 - 00002938 _____ () C:\Windows\System32\Tasks\{DE87D62B-C742-49F9-B41C-878E56988DF7}
2014-04-08 18:34 - 2014-04-08 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GreenMachine Amp II
2014-04-08 18:25 - 2014-04-08 18:25 - 00000525 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmpliTube2.lnk
2014-04-08 18:25 - 2014-04-08 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2014-04-08 18:25 - 2010-11-03 13:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-08 18:24 - 2014-04-08 18:24 - 00000000 ____D () C:\ProgramData\IK Multimedia
2014-04-08 18:21 - 2014-04-08 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Pockets Guitar Tuner Demo
2014-04-07 19:31 - 2014-04-07 19:31 - 00000000 ____D () C:\Users\uzytkownik\Documents\REAPER Media
2014-04-07 19:24 - 2014-04-07 19:20 - 00000000 ____D () C:\Program Files (x86)\REAPER
2014-04-07 19:23 - 2014-04-07 19:22 - 00000000 ____D () C:\Users\uzytkownik\AppData\Roaming\REAPER
2014-04-07 19:21 - 2014-04-07 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER

ZeroAccess:
C:\Users\uzytkownik\AppData\Local\Opera
C:\Users\uzytkownik\AppData\Local\Opera\o\upgrade.log
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\widgets.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbac515-93cc-0e30-096f-3be893eaac12\prefs.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbac515-93cc-0e30-096f-3be893eaac12\cache\dcache4.url
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbac515-93cc-0e30-096f-3be893eaac12\cache\vlink4.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbabf41-f353-06b4-03e4-1ba1f375c4a2\prefs.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbabf41-f353-06b4-03e4-1ba1f375c4a2\cache\dcache4.url
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbabf41-f353-06b4-03e4-1ba1f375c4a2\cache\vlink4.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbabcce-f20a-0093-0547-63b3f22cb288\prefs.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbabcce-f20a-0093-0547-63b3f22cb288\cache\dcache4.url
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbabcce-f20a-0093-0547-63b3f22cb288\cache\vlink4.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbab63a-f5c6-0917-0ad2-436cf5e0c8e2\prefs.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbab63a-f5c6-0917-0ad2-436cf5e0c8e2\cache\dcache4.url
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbab63a-f5c6-0917-0ad2-436cf5e0c8e2\cache\vlink4.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbab3a7-f509-02f6-06bf-0b7ef52fb0ff\prefs.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbab3a7-f509-02f6-06bf-0b7ef52fb0ff\cache\dcache4.url
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbab3a7-f509-02f6-06bf-0b7ef52fb0ff\cache\vlink4.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbab1d4-f8b4-0cd5-0819-5390f8929ec4\prefs.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbab1d4-f8b4-0cd5-0819-5390f8929ec4\cache\dcache4.url
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbab1d4-f8b4-0cd5-0819-5390f8929ec4\cache\vlink4.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbaa88d-e9c7-0f38-0c79-7b5ae9e19edc\prefs.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbaa88d-e9c7-0f38-0c79-7b5ae9e19edc\cache\dcache4.url
C:\Users\uzytkownik\AppData\Local\Opera\o\widgets\wuid-4dbaa88d-e9c7-0f38-0c79-7b5ae9e19edc\cache\vlink4.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\vps\0000\adoc.bx
C:\Users\uzytkownik\AppData\Local\Opera\o\vps\0000\md.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\vps\0000\url.axx
C:\Users\uzytkownik\AppData\Local\Opera\o\vps\0000\w.axx
C:\Users\uzytkownik\AppData\Local\Opera\o\vps\0000\wb.vx
C:\Users\uzytkownik\AppData\Local\Opera\o\thumbnails\0b2af1a8-39e1-024c-a65d-6d852cbd0588.png
C:\Users\uzytkownik\AppData\Local\Opera\o\thumbnails\1bc4e4d0-ce11-6d44-a673-7d5159ab308d.png
C:\Users\uzytkownik\AppData\Local\Opera\o\thumbnails\4d1692db-ca44-474c-b701-951478a98d22.png
C:\Users\uzytkownik\AppData\Local\Opera\o\thumbnails\6f5ebd1f-2f0b-e043-9ab1-4f177c9c8739.png
C:\Users\uzytkownik\AppData\Local\Opera\o\thumbnails\86ded145-9e89-0349-9781-797b0158aa2d.png
C:\Users\uzytkownik\AppData\Local\Opera\o\opcache\dcache4.url
C:\Users\uzytkownik\AppData\Local\Opera\o\mail\accounts.ini
C:\Users\uzytkownik\AppData\Local\Opera\o\mail\omailbase.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\mail\indexer\message_id
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fimg.imgsmail.ru%2Fr%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fimg.yandex.net%2Fi%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fredir.opera.com%2Ffavicons%2Fallegro%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fredir.opera.com%2Ffavicons%2Fbigpoint%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fredir.opera.com%2Ffavicons%2Fbing%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fredir.opera.com%2Ffavicons%2Fceneopl%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fredir.opera.com%2Ffavicons%2Fdobreprogramy%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fredir.opera.com%2Ffavicons%2Fdownloadcom%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fredir.opera.com%2Ffavicons%2Ffastmail%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fredir.opera.com%2Ffavicons%2Fgoogle%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fredir.opera.com%2Ffavicons%2Fmyopera%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fredir.opera.com%2Ffavicons%2Fopera%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fredir.opera.com%2Ffavicons%2Fwikipedia%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fredir.opera.com%2Ffavicons%2Fyahoo%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fwww.fastmail.fm%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fwww.nowaera.pl%2Ftemplates%2Fnowaera%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fwww.nowaera.pl%2Ftemplates%2Fprojekt_klasa%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fwww.opera.com%2Ffavicon.ico
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\http%3A%2F%2Fwww.zs1.elblag.com.pl%2Fico.bmp
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\mail.yandex.ru.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\my.opera.com.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\persistent.txt
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\pl.wikipedia.org.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\portal.opera.com.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\redir.opera.com.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\win.mail.ru.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\www.allegro.pl.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\www.bing.com.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\www.fastmail.fm.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\www.google.com.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\www.nowaera.pl.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\www.opera.com.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\www.operamail.com.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\www.zs1.elblag.com.pl.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\yahoo.opera.com.idx
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\cache\cookies4.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\cache\dcache4.url
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\cache\vlink4.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\cache\g_0000\opr00002.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\icons\cache\g_0000\opr00003.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\CACHEDIR.TAG
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\dcache4.url
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\revocation\dcache4.url
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\revocation\vlink4.dat
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0001\opr0003K.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0001\opr0003L.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0001\opr0003M.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0001\opr0003N.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0001\opr0003Q.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00002.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00003.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00004.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00006.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00007.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00008.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00009.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000A.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000B.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000E.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000F.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000G.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000H.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000J.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000L.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000M.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000N.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000O.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000P.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000S.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000U.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000V.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000W.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0000Z.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00010.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00013.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00014.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00016.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00017.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00018.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00019.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001A.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001B.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001C.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001D.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001E.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001F.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001G.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001H.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001J.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001K.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001L.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001N.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001O.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001Q.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001R.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001S.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001T.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001U.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001V.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001W.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001X.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001Y.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0001Z.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00020.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00021.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00022.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00024.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00025.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00026.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00027.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00028.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00029.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002A.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002C.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002D.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002E.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002F.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002G.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002H.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002I.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002J.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002K.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002L.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002M.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002Q.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002T.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002U.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002W.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002X.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002Y.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0002Z.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00030.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00031.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00032.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00033.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00034.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00035.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00036.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00037.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00038.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr00039.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0003A.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0003B.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0003C.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0003D.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0003E.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0003G.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0003H.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0003I.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\cache\g_0000\opr0003J.tmp
C:\Users\uzytkownik\AppData\Local\Opera\o\application_cache\cache_groups.xml
C:\Users\uzytkownik\AppData\Local\Opera\o\application_cache\mcache\dcache4.url
C:\Users\uzytkownik\AppData\Local\Opera\o\application_cache\mcache\vlink4.dat

Files to move or delete:
====================
C:\Users\uzytkownik\comcat5.dll
C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job


Some content of TEMP:
====================
C:\Users\uzytkownik\AppData\Local\Temp\i4jdel0.exe
C:\Users\uzytkownik\AppData\Local\Temp\Quarantine.exe
C:\Users\uzytkownik\AppData\Local\Temp\ubi2678.tmp.exe
C:\Users\uzytkownik\AppData\Local\Temp\ubi4D08.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe = & gt; MD5 is legit
C:\Windows\System32\wininit.exe = & gt; MD5 is legit
C:\Windows\SysWOW64\wininit.exe = & gt; MD5 is legit
C:\Windows\explorer.exe = & gt; MD5 is legit
C:\Windows\SysWOW64\explorer.exe = & gt; MD5 is legit
C:\Windows\System32\svchost.exe = & gt; MD5 is legit
C:\Windows\SysWOW64\svchost.exe = & gt; MD5 is legit
C:\Windows\System32\services.exe = & gt; MD5 is legit
C:\Windows\System32\User32.dll = & gt; MD5 is legit
C:\Windows\SysWOW64\User32.dll = & gt; MD5 is legit
C:\Windows\System32\userinit.exe = & gt; MD5 is legit
C:\Windows\SysWOW64\userinit.exe = & gt; MD5 is legit
C:\Windows\System32\rpcss.dll = & gt; MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys = & gt; MD5 is legit

==================== BCD ================================

Menedľer rozruchu systemu Windows
---------------------------------
Identyfikator {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale pl-PL
inherit {globalsettings}
default {current}
resumeobject {666785e5-e736-11df-b6ce-cc19e7fb2ed8}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Moduˆ ˆadujĄcy rozruchu systemu Windows
---------------------------------------
Identyfikator {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale pl-PL
inherit {bootloadersettings}
osdevice partition=C:
systemroot \Windows
resumeobject {666785e5-e736-11df-b6ce-cc19e7fb2ed8}
nx OptIn

Wznawianie ze stanu hibernacji
------------------------------
Identyfikator {666785e5-e736-11df-b6ce-cc19e7fb2ed8}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale pl-PL
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Moduˆ testujĄcy pami(C)+ systemu Windows
--------------------------------------
Identyfikator {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostyka pami(C)ci systemu Windows
locale pl-PL
inherit {globalsettings}
badmemoryaccess Yes

Ustawienia usˆug EMS
--------------------
Identyfikator {emssettings}
bootems Yes

Ustawienia debugera
-------------------
Identyfikator {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Uszkodzenia pami(C)ci RAM
-----------------------
Identyfikator {badmemory}

Ustawienia globalne
-------------------
Identyfikator {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Ustawienia moduˆu ˆadujĄcego rozruchu
-------------------------------------
Identyfikator {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Ustawienia funkcji hypervisor
-----------------------------
Identyfikator {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Ustawienia moduˆu ˆadujĄcego wznawiania
---------------------------------------
Identyfikator {resumeloadersettings}
inherit {globalsettings}



LastRegBack: 2014-05-04 17:25

==================== End Of Log ============================


Pobierz plik - link do postu