Powolny laptop

**Posty:** 8079 · przez **kajtekjr** 04 Lis 2014, 23:20

Witam! Laptop zaczął chodzić wolniej niż wcześniej i być może jest to spowodowane jakimiś nie pożądanymi gośćmi na nim

Proszę o sprawdzenie logów:

Kod: Zaznacz wszystko: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014 Ran by ŁUKASZ (administrator) on DOM-ŁUKASZ on 04-11-2014 21:24:45 Running from C:\Users\ŁUKASZ\Desktop Loaded Profile: ŁUKASZ (Available profiles: ŁUKASZ) Platform: Windows 7 Professional (X64) OS Language: Polski (Polska) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Transaction Software, D 81829 Munich) D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\tbmux32.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe () C:\Program Files (x86)\Polar\WebSync\WebSync.exe (Transaction Software, D 81829 Munich) D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\tbmux32.exe (Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Transaction Software, D 81829 Munich) D:\PRACA_TRUCKS\EWA net\database\TransBase WIS\tbmux32.exe (Alexandria Software Consulting) D:\PRACA_TRUCKS\EWA net\server\bin\tomcat.exe () C:\Windows\SysWOW64\srvany.exe () C:\Windows\KMService.exe ( ) C:\Windows\System32\lxducoms.exe () C:\Program Files (x86)\Polar\Daemon\polard.exe (Transaction Software, D 81737 Munich) D:\PRACA_TRUCKS\BMWgroup\ETKLokal\transbase\tbmux32.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Transaction Software, D 81829 Munich) D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\tbkern32.exe (Transaction Software, D 81829 Munich) D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\tbkern32.exe (Transaction Software, D 81829 Munich) D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\tbkern32.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4366704 2009-09-29] (Lenovo(beijing) Limited) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [5825536 2009-08-19] (Lenovo (Beijing) Limited) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-26] () HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-680891385-980522-2338184603-1000\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-26] () HKU\S-1-5-21-680891385-980522-2338184603-1000\...\Run: [uTorrent] => "C:\Users\AUKASZ\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED HKU\S-1-5-21-680891385-980522-2338184603-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3125280 2013-10-17] (Disc Soft Ltd) HKU\S-1-5-21-680891385-980522-2338184603-1000\...\MountPoints2: I - I:\Startme.exe HKU\S-1-5-21-680891385-980522-2338184603-1000\...\MountPoints2: {1c326251-0151-11e4-9aa8-806e6f6e6963} - I:\Startme.exe HKU\S-1-5-21-680891385-980522-2338184603-1000\...\MountPoints2: {caddbdeb-ce03-11e3-85f9-88ae1ddab855} - G:\setup.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Polar WebSync.lnk ShortcutTarget: Polar WebSync.lnk -> C:\Program Files (x86)\Polar\WebSync\WebSync.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: WebCGMHlprObj Class -> {56B38F40-4E70-11d4-A076-0080AD86BA2F} -> C:\Windows\SysWow64\cgmopenbho.dll (CGM Open Consortium, Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Lexmark -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll () BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - No File Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\ŁUKASZ\AppData\Roaming\Mozilla\Firefox\Profiles\7g0h8or6.default FF Homepage: https://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Screengrab (fix version) - C:\Users\ŁUKASZ\AppData\Roaming\Mozilla\Firefox\Profiles\7g0h8or6.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2014-08-03] Chrome: ======= CHR Profile: C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dysk Google) - C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-16] CHR Extension: (YouTube) - C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-16] CHR Extension: (Szukaj w Google) - C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-16] CHR Extension: (Google Wallet) - C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16] CHR Extension: (Gmail) - C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-16] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation) [File not signed] S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation) [File not signed] S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation) [File not signed] S3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-14] (Microsoft Corporation) [File not signed] S3 AppMgmt; C:\Windows\System32\appmgmts.dll [193536 2009-07-14] (Microsoft Corporation) [File not signed] S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [149504 2009-07-14] (Microsoft Corporation) [File not signed] R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed] R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed] S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed] S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation) [File not signed] R2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-14] (Microsoft Corporation) [File not signed] S3 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-14] (Microsoft Corporation) [File not signed] R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation) [File not signed] S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) [File not signed] S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed] S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation) [File not signed] S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) [File not signed] R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [182272 2012-06-02] (Microsoft Corporation) [File not signed] R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [139264 2012-06-02] (Microsoft Corporation) [File not signed] R2 CscService; C:\Windows\System32\cscsvc.dll [689152 2009-07-14] (Microsoft Corporation) [File not signed] R2 DcomLaunch; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed] S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) [File not signed] R2 Dhcp; C:\Windows\system32\dhcpcore.dll [314368 2009-07-14] (Microsoft Corporation) [File not signed] R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [253440 2009-07-14] (Microsoft Corporation) [File not signed] R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2011-03-03] (Microsoft Corporation) [File not signed] S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-14] (Microsoft Corporation) [File not signed] R2 DPS; C:\Windows\system32\dps.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed] R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) [File not signed] S3 EFS; C:\Windows\System32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) [File not signed] S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696320 2010-08-04] (Microsoft Corporation) [File not signed] S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation) [File not signed] R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2009-07-14] (Microsoft Corporation) [File not signed] R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) [File not signed] R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed] R2 EWA net DB Core; D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\tbmux32.exe [326616 2011-03-09] (Transaction Software, D 81829 Munich) [File not signed] R2 EWA net DB EPC; D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\tbmux32.exe [417792 2007-11-27] (Transaction Software, D 81829 Munich) [File not signed] R2 EWA net DB WIS; D:\PRACA_TRUCKS\EWA net\database\TransBase WIS\tbmux32.exe [326616 2011-03-09] (Transaction Software, D 81829 Munich) [File not signed] R2 EWA net Server; D:\PRACA_TRUCKS\EWA net\server\bin\tomcat.exe [65536 2003-07-31] (Alexandria Software Consulting) [File not signed] S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2009-07-14] (Microsoft Corporation) [File not signed] R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) [File not signed] R3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) [File not signed] R2 FontCache; C:\Windows\system32\FntCache.dll [1135104 2011-02-19] (Microsoft Corporation) [File not signed] R2 gpsvc; C:\Windows\System32\gpsvc.dll [776192 2009-07-14] (Microsoft Corporation) [File not signed] R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed] R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed] S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed] R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [231936 2009-07-14] (Microsoft Corporation) [File not signed] R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2009-07-14] (Microsoft Corporation) [File not signed] R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2009-07-14] (Microsoft Corporation) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-14] (Microsoft Corporation) [File not signed] S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) [File not signed] R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-14] (Microsoft Corporation) [File not signed] R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) [File not signed] R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-04-19] () [File not signed] S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) [File not signed] R2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-08-27] (Microsoft Corporation) [File not signed] R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-14] (Microsoft Corporation) [File not signed] S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) [File not signed] R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation) [File not signed] S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [33960 2008-05-23] (Lexmark International, Inc.) R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1040552 2008-05-23] ( ) R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [594600 2008-05-23] ( ) S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed] R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed] R2 MpsSvc; C:\Windows\system32\mpssvc.dll [824832 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation) [File not signed] S3 msiserver; C:\Windows\System32\msiexec.exe [127488 2009-07-14] (Microsoft Corporation) [File not signed] S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2009-07-14] (Microsoft Corporation) [File not signed] S3 napagent; C:\Windows\system32\qagentRT.dll [475648 2009-07-14] (Microsoft Corporation) [File not signed] S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) [File not signed] R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed] R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) [File not signed] R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed] R2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-14] (Microsoft Corporation) [File not signed] R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) [File not signed] R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed] R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation) [File not signed] R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation) [File not signed] S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1361920 2009-07-14] (Microsoft Corporation) [File not signed] S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation) [File not signed] S3 pla; C:\Windows\system32\pla.dll [1390080 2009-07-14] (Microsoft Corporation) [File not signed] S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2009-07-14] (Microsoft Corporation) [File not signed] R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404992 2011-05-24] (Microsoft Corporation) [File not signed] S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed] R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed] R2 Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [419536 2012-12-12] () R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-14] (Microsoft Corporation) [File not signed] R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) [File not signed] R2 ProfSvc; C:\Windows\system32\profsvc.dll [208896 2012-05-02] (Microsoft Corporation) [File not signed] S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) [File not signed] S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed] S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed] S3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-14] (Microsoft Corporation) [File not signed] S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation) [File not signed] S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed] S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) [File not signed] R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) [File not signed] S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation) [File not signed] R2 RpcSs; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed] R2 SamSs; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) [File not signed] S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation) [File not signed] R2 Schedule; C:\Windows\system32\schedsvc.dll [1114624 2010-11-02] (Microsoft Corporation) [File not signed] S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed] S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2009-07-14] (Microsoft Corporation) [File not signed] S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-14] (Microsoft Corporation) [File not signed] R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed] R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed] S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation) [File not signed] S3 SessionEnv; C:\Windows\system32\sessenv.dll [104960 2009-07-14] (Microsoft Corporation) [File not signed] S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed] S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) [File not signed] R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [369664 2009-07-14] (Microsoft Corporation) [File not signed] R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2009-07-14] (Microsoft Corporation) [File not signed] S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation) [File not signed] R2 Spooler; C:\Windows\System32\spoolsv.exe [558592 2010-08-21] (Microsoft Corporation) [File not signed] S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2009-07-14] (Microsoft Corporation) [File not signed] S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed] R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) [File not signed] S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed] R2 stisvc; C:\Windows\System32\wiaservc.dll [578560 2009-07-14] (Microsoft Corporation) [File not signed] S3 StorSvc; C:\Windows\system32\storsvc.dll [17920 2009-07-14] (Microsoft Corporation) [File not signed] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) [File not signed] R2 SysMain; C:\Windows\system32\sysmain.dll [1780736 2009-07-14] (Microsoft Corporation) [File not signed] S3 TabletInputService; C:\Windows\System32\TabSvc.dll [93184 2009-07-14] (Microsoft Corporation) [File not signed] S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-14] (Microsoft Corporation) [File not signed] S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [241664 2009-07-14] (Microsoft Corporation) [File not signed] S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed] S3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-14] (Microsoft Corporation) [File not signed] R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [File not signed] S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed] R2 Transbase; D:\PRACA_TRUCKS\BMWgroup\ETKLokal\transbase\tbmux32.exe [385024 2004-08-05] (Transaction Software, D 81737 Munich) [File not signed] R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) [File not signed] S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2009-07-14] (Microsoft Corporation) [File not signed] S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation) [File not signed] S3 UmRdpService; C:\Windows\System32\umrdp.dll [195072 2009-07-14] (Microsoft Corporation) [File not signed] R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) [File not signed] R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed] R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed] S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) [File not signed] S3 vds; C:\Windows\System32\vds.exe [532480 2009-07-14] (Microsoft Corporation) [File not signed] S3 VSS; C:\Windows\system32\vssvc.exe [1598976 2009-07-14] (Microsoft Corporation) [File not signed] S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) [File not signed] S3 wbengine; C:\Windows\system32\wbengine.exe [1503744 2009-07-14] (Microsoft Corporation) [File not signed] S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation) [File not signed] S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-09-14] (Microsoft Corporation) [File not signed] S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-09-14] (Microsoft Corporation) [File not signed] S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation) [File not signed] S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed] R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed] R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed] R3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed] R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed] S3 WebClient; C:\Windows\System32\webclnt.dll [258048 2010-12-21] (Microsoft Corporation) [File not signed] S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [204800 2010-12-21] (Microsoft Corporation) [File not signed] S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) [File not signed] S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed] S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed] S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) [File not signed] S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [442880 2010-12-21] (Microsoft Corporation) [File not signed] S3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [350720 2010-12-21] (Microsoft Corporation) [File not signed] R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed] S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018816 2009-07-14] (Microsoft Corporation) [File not signed] S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2009-07-14] (Microsoft Corporation) [File not signed] R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation) [File not signed] S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation) [File not signed] R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2009-07-14] (Microsoft Corporation) [File not signed] S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation) [File not signed] S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed] S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [116736 2009-07-14] (Microsoft Corporation) [File not signed] R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2010-12-21] (Microsoft Corporation) [File not signed] S2 WSearch; C:\Windows\system32\SearchIndexer.exe [593408 2011-05-04] (Microsoft Corporation) [File not signed] S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [428032 2011-05-04] (Microsoft Corporation) [File not signed] S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation) [File not signed] S3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-14] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 1394ohci; C:\Windows\system32\DRIVERS\1394ohci.sys [227840 2009-07-14] (Microsoft Corporation) [File not signed] S3 AcpiPmi; C:\Windows\system32\DRIVERS\acpipmi.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed] R1 AFD; C:\Windows\system32\drivers\afd.sys [499200 2011-12-28] (Microsoft Corporation) [File not signed] S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] (Microsoft Corporation) [File not signed] S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed] S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2009-07-14] (Microsoft Corporation) [File not signed] S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) [File not signed] S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) [File not signed] S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) [File not signed] R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed] R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation) [File not signed] R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation) [File not signed] S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) [File not signed] S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) [File not signed] S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.) [File not signed] S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) [File not signed] S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) [File not signed] S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) [File not signed] S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation) [File not signed] S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) [File not signed] R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-14] (Microsoft Corporation) [File not signed] S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] (Microsoft Corporation) [File not signed] R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation) [File not signed] R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2009-07-14] (Microsoft Corporation) [File not signed] R1 CSC; C:\Windows\System32\drivers\csc.sys [514048 2009-07-14] (Microsoft Corporation) [File not signed] R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2011-04-27] (Microsoft Corporation) [File not signed] R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed] S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation) [File not signed] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-27] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) [File not signed] S3 ErrDev; C:\Windows\system32\DRIVERS\errdev.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed] S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) [File not signed] S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed] S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed] S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) [File not signed] S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed] S2 hardlock; C:\Windows\system32\drivers\hardlock.sys [318464 2009-03-13] (Aladdin Knowledge Systems Ltd.) [File not signed] S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed] S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-14] (Microsoft Corporation) [File not signed] R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-14] (Microsoft Corporation) [File not signed] S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed] S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] (Microsoft Corporation) [File not signed] S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed] R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed] S2 hlemu; C:\Windows\System32\drivers\hlemu.SYS [98304 2013-03-01] () [File not signed] R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-14] (Microsoft Corporation) [File not signed] R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation) [File not signed] R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10628640 2011-02-11] (Intel Corporation) [File not signed] R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed] S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-14] (Microsoft Corporation) [File not signed] S3 IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [78848 2009-07-14] (Microsoft Corporation) [File not signed] S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) [File not signed] S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed] S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-14] (Microsoft Corporation) [File not signed] R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed] R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed] R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) [File not signed] S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed] R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed] R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation) [File not signed] R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation) [File not signed] S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2009-07-14] (Microsoft Corporation) [File not signed] R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157696 2011-05-04] (Microsoft Corporation) [File not signed] R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [287744 2011-07-09] (Microsoft Corporation) [File not signed] R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [126464 2011-05-04] (Microsoft Corporation) [File not signed] R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed] S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) [File not signed] S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation) [File not signed] S2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [67584 2009-05-16] (Chingachguk & Denger2k (Elite & SP edition)) [File not signed] R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation) [File not signed] S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed] R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed] R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed] R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-14] (Microsoft Corporation) [File not signed] R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-14] (Microsoft Corporation) [File not signed] R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed] R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-14] (Microsoft Corporation) [File not signed] R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation) [File not signed] R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed] R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed] S3 ohci1394; C:\Windows\system32\DRIVERS\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation) [File not signed] S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] (Microsoft Corporation) [File not signed] R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation) [File not signed] R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-14] (Microsoft Corporation) [File not signed] S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed] R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-14] (Microsoft Corporation) [File not signed] S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed] S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) [File not signed] R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed] R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-14] (Microsoft Corporation) [File not signed] R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) [File not signed] R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation) [File not signed] R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-14] (Microsoft Corporation) [File not signed] R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed] R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed] S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165376 2009-07-14] (Microsoft Corporation) [File not signed] R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed] R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed] S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2012-04-28] (Microsoft Corporation) [File not signed] R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) [File not signed] S3 s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed] S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed] R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed] S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed] S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Microsoft Corporation) [File not signed] S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed] S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed] S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed] S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2009-10-10] (Microsoft Corporation) [File not signed] S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed] S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) [File not signed] R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-04-27] (Duplex Secure Ltd.) R3 srv; C:\Windows\System32\DRIVERS\srv.sys [461312 2011-04-29] (Microsoft Corporation) [File not signed] R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [399872 2011-04-29] (Microsoft Corporation) [File not signed] R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [161792 2011-04-29] (Microsoft Corporation) [File not signed] R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed] S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) [File not signed] S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-15] (Microsoft Corporation) [File not signed] R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-14] (Microsoft Corporation) [File not signed] S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-14] (Microsoft Corporation) [File not signed] R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-14] (Microsoft Corporation) [File not signed] S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-14] (Microsoft Corporation) [File not signed] R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-14] (Microsoft Corporation) [File not signed] S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed] R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2011-03-25] (Microsoft Corporation) [File not signed] S3 usbcir; C:\Windows\system32\DRIVERS\usbcir.sys [100352 2009-07-14] (Microsoft Corporation) [File not signed] R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [52224 2011-03-25] (Microsoft Corporation) [File not signed] R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2011-03-25] (Microsoft Corporation) [File not signed] S3 usbohci; C:\Windows\system32\DRIVERS\usbohci.sys [25600 2011-03-25] (Microsoft Corporation) [File not signed] S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed] S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-14] (Microsoft Corporation) [File not signed] R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [197376 2009-10-16] (SMI) [File not signed] S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91136 2011-03-11] (Microsoft Corporation) [File not signed] R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2011-03-25] (Microsoft Corporation) [File not signed] S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184832 2010-03-04] (Microsoft Corporation) [File not signed] S3 usb_rndisx; C:\Windows\System32\DRIVERS\usb8023x.sys [19968 2013-02-12] (Microsoft Corporation) [File not signed] S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed] R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed] S3 VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [21760 2009-07-14] (Microsoft Corporation) [File not signed] R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed] R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation) [File not signed] S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] (Microsoft Corporation) [File not signed] S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed] R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed] R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) [File not signed] S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed] S3 WmiAcpi; C:\Windows\system32\DRIVERS\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed] S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed] S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation) [File not signed] S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) [File not signed] U3 awf3c17b; C:\Windows\System32\Drivers\awf3c17b.sys [0 ] (Advanced Micro Devices) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-04 21:24 - 2014-11-04 21:25 - 00049180 _____ () C:\Users\ŁUKASZ\Desktop\FRST.txt 2014-11-04 21:24 - 2014-11-04 21:24 - 00000000 ____D () C:\FRST 2014-11-04 21:22 - 2014-11-04 21:23 - 01292800 _____ () C:\Users\ŁUKASZ\Desktop\zoek.exe 2014-11-04 21:22 - 2014-11-04 21:22 - 00602112 _____ (OldTimer Tools) C:\Users\ŁUKASZ\Desktop\OTL.exe 2014-11-04 21:21 - 2014-11-04 21:22 - 02114560 _____ (Farbar) C:\Users\ŁUKASZ\Desktop\FRST64.exe 2014-11-04 20:54 - 2014-11-04 20:54 - 02174848 _____ () C:\Users\ŁUKASZ\Desktop\instsf450_[www.programosy.pl].exe 2014-11-04 20:54 - 2014-11-04 20:54 - 00000999 _____ () C:\Users\ŁUKASZ\Desktop\SpeedFan.lnk 2014-11-04 20:54 - 2014-11-04 20:54 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo 2014-11-04 20:54 - 2014-11-04 20:54 - 00000000 ____D () C:\Users\ŁUKASZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-11-04 20:54 - 2014-11-04 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-11-04 20:54 - 2014-11-04 20:54 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-11-04 20:49 - 2014-11-04 20:49 - 00686058 _____ () C:\Users\ŁUKASZ\Desktop\hwmonitor_1.22-64bit.zip 2014-11-02 19:23 - 2014-11-02 19:23 - 00007560 _____ () C:\Windows\SysWOW64\hs_err_pid1948.log 2014-10-30 23:02 - 2014-10-30 23:02 - 00019259 _____ () C:\Users\ŁUKASZ\Desktop\bayou_cowboy.zip 2014-10-30 23:02 - 2014-10-30 23:02 - 00000000 ____D () C:\Users\ŁUKASZ\Desktop\bayou_cowboy 2014-10-30 08:17 - 2014-11-04 21:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-29 22:54 - 2014-11-04 20:50 - 00000000 ____D () C:\Windows\Minidump 2014-10-23 17:18 - 2014-10-30 23:25 - 00011078 _____ () C:\Users\ŁUKASZ\Desktop\Ekstra pensja.xlsx ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-04 21:20 - 2014-02-16 10:05 - 01313391 _____ () C:\Windows\WindowsUpdate.log 2014-11-04 20:59 - 2014-04-19 15:28 - 00000000 ____D () C:\Users\ŁUKASZ\AppData\Roaming\uTorrent 2014-11-04 20:53 - 2009-07-14 05:45 - 00024320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-04 20:53 - 2009-07-14 05:45 - 00024320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-04 20:52 - 2009-07-14 18:55 - 00738094 _____ () C:\Windows\system32\perfh015.dat 2014-11-04 20:52 - 2009-07-14 18:55 - 00154750 _____ () C:\Windows\system32\perfc015.dat 2014-11-04 20:52 - 2009-07-14 06:13 - 01662996 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-04 20:50 - 2014-04-27 13:01 - 00000000 ____D () C:\Users\ŁUKASZ\AppData\Roaming\DAEMON Tools Pro 2014-11-04 20:47 - 2014-06-02 16:58 - 00000000 ____D () C:\Program Files\CCleaner 2014-11-04 20:46 - 2014-04-19 15:07 - 00000089 _____ () C:\AtmApInit.txt 2014-11-04 20:46 - 2014-02-16 10:43 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-04 20:45 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-04 20:38 - 2014-02-16 10:43 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-04 07:28 - 2014-04-18 13:17 - 00000000 ____D () C:\Users\ŁUKASZ\AppData\Local\Adobe 2014-10-31 07:34 - 2009-07-14 05:45 - 05038136 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-31 07:33 - 2014-02-16 10:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-30 23:23 - 2014-04-19 14:17 - 00110832 _____ () C:\Users\ŁUKASZ\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-29 18:40 - 2014-02-16 10:44 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-10-23 17:00 - 2014-06-19 13:11 - 00000000 ____D () C:\ProgramData\firebird 2014-10-19 07:33 - 2014-02-16 10:43 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-10-19 07:33 - 2014-02-16 10:43 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-10-12 18:32 - 2014-07-05 19:00 - 00000544 _____ () C:\Users\ŁUKASZ\Desktop\MyPlayer.lnk 2014-10-12 18:32 - 2014-07-05 19:00 - 00000544 _____ () C:\Users\ŁUKASZ\AppData\Roaming\Microsoft\Windows\Start Menu\MyPlayer.lnk Some content of TEMP: ==================== C:\Users\ŁUKASZ\AppData\Local\Temp\sfamcc00001.dll C:\Users\ŁUKASZ\AppData\Local\Temp\sfextra.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-27 10:27 ==================== End Of Log ============================

Kod: Zaznacz wszystko: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014 Ran by ŁUKASZ at 2014-11-04 21:26:08 Running from C:\Users\ŁUKASZ\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House) Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ) Ashampoo Burning Studio 14 v.14.0.1 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.1 - Ashampoo GmbH & Co. KG) BPW Genuine Parts (HKLM-x32\...\{24C92A38-7588-4B42-AE06-5A3BC31F0D05}) (Version: - ) Bullzip PDF Printer 10.7.0.2277 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.7.0.2277 - Bullzip) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version: - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.60 - Conexant) Consult V4 RenaultTrucks (HKLM-x32\...\Consult V4 RenaultTrucks) (Version: - ) Consult VIN (HKLM-x32\...\Consult VIN) (Version: - ) Crystal Reports for .NET Framework 2.0 (x86) (HKLM-x32\...\{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}) (Version: 10.2.0 - Business Objects) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.4.0.0377 - Disc Soft Ltd) Document_Installer (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - ) Energy Management (HKLM-x32\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.4.1.3 - Lenovo) ETK (Lokal) (HKLM-x32\...\{EC17C160-E2F0-47CC-86D4-140AE22EC38E}) (Version: 2.02.000 - BMW AG) EWA net (HKLM-x32\...\EWA net) (Version: - ) EWA_net_Admin (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_Client_Applications (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_Core (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_EPC (x32 Version: 1.00.0000 - Daimler) Hidden EWA_net_Server (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_WIS (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_WIS_CaseOnline_Importer (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden GordonKatalog 4.2.34 (HKLM-x32\...\{42D6250E-61AA-4D78-BD16-33496CB2A42C}_is1) (Version: 4.2.34 - CatSoft) Hardlock Device Drivers (HKLM-x32\...\Hardlock Device Drivers) (Version: - ) HDVidCodec (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - hdvidcodec.com) <==== ATTENTION Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\Heroes of Might and Magic III - Złota Edycja_is1) (Version: - ) inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - ) ITEDO IsoView ActiveX Control 6.0 (HKLM-x32\...\{666C8948-D1FE-4896-9921-1BD30A1BE656}) (Version: 6.0.001 - ) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) JDownloader 0.9 (HKLM-x32\...\jdownloader09) (Version: 0.9 - AppWork GmbH) Katalog FOTA (HKLM-x32\...\Katalog Fota) (Version: - ) K-Lite Codec Pack 10.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - ) Lenovo EasyCamera (HKLM\...\Lenovo EasyCamera) (Version: 5.8.0.12 - Silicon Motion) Lenovo EasyCamera (HKLM-x32\...\{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}) (Version: 5.8.0.12 - Silicon Motion) Lexmark (HKLM-x32\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - ) Lexmark 5600-6600 Series (HKLM\...\Lexmark 5600-6600 Series) (Version: - Lexmark International, Inc.) MANTIS (HKLM-x32\...\MANTIS) (Version: - ) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation) Microsoft Access 2000 SR-1 Runtime (HKLM-x32\...\{004F0409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office XP Professional z programem FrontPage - Beta (HKLM-x32\...\{80280415-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.1 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Monopoly by Parker Brothers (HKLM-x32\...\Monopoly by Parker Brothers) (Version: 1.0.406.0 - GameHouse, Inc.) Mozilla Firefox 33.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 pl)) (Version: 33.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 pl)) (Version: 24.6.0 - Mozilla) Multi (HKLM-x32\...\{20ABF63B-BE90-4D01-B119-E277812054A9}) (Version: 6.11.3 - Scania) MyPlayer (HKLM-x32\...\MyPlayer) (Version: 2.4.1.10 - MyPortal) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) OpenFM (HKCU\...\OpenFM) (Version: 2 - GG Network S.A.) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (05/19/2009 4.4.0.1) (HKLM\...\92F4CDC794E6E4E29DC063D292D1C94F6FA1EA1E) (Version: 05/19/2009 4.4.0.1 - Lenovo) PartsRapido (HKLM-x32\...\{725136F0-5E3C-11D4-98DD-00508BCBE9C2}) (Version: - ) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Polar Daemon (HKLM-x32\...\{2BA9320D-E061-4C71-ACCB-AC0E9D4FC82B}) (Version: 2.2.20000 - Polar Electro Oy) Polar WebSync (HKLM-x32\...\{320453EE-6AEA-4E1A-8E64-72F33C0C928F}) (Version: 2.8.10006 - Polar Electro Oy) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30320 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30320 - Microsoft Corporation) SAF-HOLLAND MATERIAŁY INFORMACYJNE (CD) (PL) (HKLM-x32\...\Parts-Publisher (PL) 2418) (Version: 5.0.19.0 - ) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) SimCity 4 (HKLM-x32\...\{01339AE5-04D4-43F8-008E-13AD788DC4F7}) (Version: - ) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) SuperKat 2014-1 (HKLM-x32\...\{A27F6D0D-74F8-46B6-B2D1-908901A81AA2}_is1) (Version: - ) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH) WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) XVL Player / XVL Player Pro (HKLM-x32\...\{E95BCA9A-F9ED-48C7-AFB3-4053A0F1E02C}) (Version: 8.4a - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 29-09-2014 13:16:30 Zaplanowany punkt kontrolny 08-10-2014 15:11:06 Zaplanowany punkt kontrolny 16-10-2014 13:37:21 Zaplanowany punkt kontrolny 27-10-2014 11:10:35 Zaplanowany punkt kontrolny ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {17408453-FFF2-445C-ABD0-1B30287C5E0E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16] (Google Inc.) Task: {97793BCC-F95E-4DF6-9A70-E0CD49353212} - System32\Tasks\AdobeAAMUpdater-1.0-DOM-ŁUKASZ-ŁUKASZ => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {AD5D6561-BFCB-42A7-8029-B145E979682A} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe [2008-09-10] () Task: {AEBD0289-B46C-4282-B09C-27EB47C25B24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16] (Google Inc.) Task: {F9C69F1A-E190-4686-87E7-6A7F4D6A366B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: C:\Windows\Tasks\BYTQIMM.job => C:\Users\ý˙UKASZ\AppData\Roaming\BYTQIMM.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\QBEWTC.job => C:\Users\ý˙UKASZ\AppData\Roaming\QBEWTC.exe <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2014-06-06 21:01 - 2008-05-01 01:44 - 00045568 _____ () C:\Windows\System32\LXDUPMON.DLL 2014-06-06 21:01 - 2008-09-10 10:43 - 00086016 _____ () C:\Windows\System32\LXDUOEM.DLL 2014-06-06 21:01 - 2008-09-10 10:41 - 00081408 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\ipcmt64.dll 2014-06-06 21:03 - 2008-05-23 13:17 - 00147456 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdudrpp.dll 2010-01-30 01:40 - 2010-01-30 01:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-04-19 15:07 - 2009-07-15 14:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2014-04-19 15:07 - 2009-07-15 14:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2014-06-06 21:00 - 2008-09-10 12:11 - 00676520 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe 2013-02-26 15:59 - 2013-02-26 15:59 - 06227512 _____ () C:\Program Files (x86)\Polar\WebSync\WebSync.exe 2014-04-19 14:18 - 2014-04-19 14:18 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe 2014-04-19 14:18 - 2014-04-19 14:18 - 00151552 _____ () C:\Windows\KMService.exe 2012-12-12 14:20 - 2012-12-12 14:20 - 00419536 _____ () C:\Program Files (x86)\Polar\Daemon\polard.exe 2014-05-20 18:33 - 2014-05-20 18:33 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2014-04-14 20:41 - 2014-04-14 20:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll 2014-06-06 21:00 - 2008-09-10 10:56 - 00380928 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduscw.dll 2014-06-06 21:00 - 2008-05-23 13:02 - 00188416 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudatr.dll 2014-06-06 21:00 - 2008-09-10 10:56 - 01036288 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduDRS.dll 2014-06-06 21:00 - 2008-09-10 10:56 - 00081920 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducaps.dll 2014-06-06 21:00 - 2008-09-10 10:40 - 00069632 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducnv4.dll 2013-02-26 15:59 - 2013-02-26 15:59 - 00110648 _____ () C:\Program Files (x86)\Polar\WebSync\PTransform.dll 2010-02-10 15:06 - 2010-02-10 15:06 - 00334848 _____ () C:\Program Files (x86)\Polar\WebSync\QtXml4.dll 2011-01-14 15:01 - 2011-01-14 15:01 - 02142720 _____ () C:\Program Files (x86)\Polar\WebSync\QtCore4.dll 2013-02-26 15:59 - 2013-02-26 15:59 - 03722296 _____ () C:\Program Files (x86)\Polar\WebSync\libpolar.dll 2010-02-10 15:22 - 2010-02-10 15:22 - 07971840 _____ () C:\Program Files (x86)\Polar\WebSync\QtGui4.dll 2010-02-10 15:07 - 2010-02-10 15:07 - 00929280 _____ () C:\Program Files (x86)\Polar\WebSync\QtNetwork4.dll 2010-02-10 17:45 - 2010-02-10 17:45 - 00025600 _____ () C:\Program Files (x86)\Polar\WebSync\imageformats\qgif4.dll 2010-02-10 17:45 - 2010-02-10 17:45 - 00119808 _____ () C:\Program Files (x86)\Polar\WebSync\imageformats\qjpeg4.dll 2014-04-27 13:21 - 2014-04-27 13:21 - 00135168 __RSH () C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll 2014-05-11 10:53 - 2013-06-28 16:24 - 00163840 _____ () D:\PRACA_TRUCKS\EWA net\apps\jre\private_jre\bin\server\jvm.dll 2012-12-12 14:20 - 2012-12-12 14:20 - 03483856 _____ () C:\Program Files (x86)\Polar\Daemon\libpolar.dll 2014-05-11 10:54 - 2011-03-09 10:48 - 00036864 ____N () D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\polycsr.dll 2014-05-11 10:54 - 2011-03-09 10:48 - 00166912 ____N () D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\libmcrypt.dll 2014-05-11 10:55 - 2005-03-21 15:54 - 00036864 ____N () D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\polycsr.dll 2014-05-11 10:55 - 2007-11-26 16:26 - 00166912 ____N () D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\libmcrypt.dll 2014-10-30 08:17 - 2014-10-30 08:17 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2010-01-30 01:41 - 2010-01-30 01:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-04-18 13:45 - 2014-04-18 13:45 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeBridge => MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: Lexmark 5600-6600 Series => "C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe" /s MSCONFIG\startupreg: lxduamon => "C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe" MSCONFIG\startupreg: lxdumon.exe => "C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-680891385-980522-2338184603-500 - Administrator - Disabled) Gość (S-1-5-21-680891385-980522-2338184603-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-680891385-980522-2338184603-1004 - Limited - Enabled) ŁUKASZ (S-1-5-21-680891385-980522-2338184603-1000 - Administrator - Enabled) => C:\Users\ŁUKASZ ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. System errors: ============= Error: (11/04/2014 08:59:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 8. Error: (11/04/2014 08:59:53 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Error: (11/04/2014 08:53:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 7. Error: (11/04/2014 08:53:20 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Error: (11/04/2014 08:52:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 6. Error: (11/04/2014 08:52:40 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Error: (11/04/2014 08:50:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 5. Error: (11/04/2014 08:50:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Error: (11/04/2014 08:50:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 4. Error: (11/04/2014 08:50:00 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Microsoft Office Sessions: ========================= Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/04/2014 09:26:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 CodeIntegrity Errors: =================================== Date: 2014-11-04 20:46:03.848 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hlemu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-04 20:46:03.786 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hlemu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-04 20:46:03.708 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-04 20:46:03.630 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-04 20:45:58.482 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-04 20:45:58.419 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-04 20:45:49.902 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-04 20:45:49.855 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-04 18:34:40.115 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hlemu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-04 18:34:40.037 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hlemu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Celeron(R) Dual-Core CPU T3500 @ 2.10GHz Percentage of memory in use: 45% Total physical RAM: 4028.6 MB Available physical RAM: 2182.77 MB Total Pagefile: 8055.33 MB Available Pagefile: 6025.11 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:99.9 GB) (Free:64.48 GB) NTFS Drive d: () (Fixed) (Total:200 GB) (Free:96.27 GB) NTFS Drive e: () (Fixed) (Total:398.63 GB) (Free:26.34 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 85B685B6) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=99.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=200 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=398.6 GB) - (Type=OF Extended) ==================== End Of Log ============================

Kod: Zaznacz wszystko: OTL logfile created on: 2014-11-04 21:29:09 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ŁUKASZ\Desktop 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,93 Gb Total Physical Memory | 2,15 Gb Available Physical Memory | 54,64% Memory free 7,87 Gb Paging File | 5,91 Gb Available in Paging File | 75,07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 99,90 Gb Total Space | 64,47 Gb Free Space | 64,54% Space Free | Partition Type: NTFS Drive D: | 200,00 Gb Total Space | 96,27 Gb Free Space | 48,13% Space Free | Partition Type: NTFS Drive E: | 398,63 Gb Total Space | 26,34 Gb Free Space | 6,61% Space Free | Partition Type: NTFS Computer Name: DOM-ŁUKASZ | User Name: ŁUKASZ | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-11-04 21:22:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ŁUKASZ\Desktop\OTL.exe PRC - [2014-10-30 08:17:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2014-07-25 11:29:36 | 000,511,872 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe PRC - [2014-04-19 14:18:01 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe PRC - [2014-04-19 14:18:01 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe PRC - [2014-04-18 13:45:00 | 001,864,368 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe PRC - [2013-12-21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013-10-17 10:49:40 | 002,761,760 | ---- | M] (Disc Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe PRC - [2013-02-26 15:59:08 | 006,227,512 | ---- | M] () -- C:\Program Files (x86)\Polar\WebSync\WebSync.exe PRC - [2012-12-12 14:20:18 | 000,419,536 | ---- | M] () -- C:\Program Files (x86)\Polar\Daemon\polard.exe PRC - [2011-03-09 11:04:12 | 000,326,616 | ---- | M] (Transaction Software, D 81829 Munich) -- D:\PRACA_TRUCKS\EWA net\database\TransBase WIS\tbmux32.exe PRC - [2011-03-09 11:04:12 | 000,326,616 | ---- | M] (Transaction Software, D 81829 Munich) -- D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\tbmux32.exe PRC - [2011-03-09 11:03:32 | 002,497,496 | ---- | M] (Transaction Software, D 81829 Munich) -- D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\tbkern32.exe PRC - [2010-04-26 16:39:55 | 000,716,344 | ---- | M] (Conexant Systems, Inc) -- C:\Program Files\CONEXANT\SAII\SmartAudio.exe PRC - [2009-06-04 18:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009-06-04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2008-09-10 12:11:12 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe PRC - [2007-11-27 12:33:52 | 002,387,968 | ---- | M] (Transaction Software, D 81829 Munich) -- D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\tbkern32.exe PRC - [2007-11-27 12:33:52 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\tbmux32.exe PRC - [2004-08-05 12:02:30 | 000,385,024 | ---- | M] (Transaction Software, D 81737 Munich) -- D:\PRACA_TRUCKS\BMWgroup\ETKLokal\transbase\tbmux32.exe PRC - [2003-07-31 18:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) -- D:\PRACA_TRUCKS\EWA net\server\bin\tomcat.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-10-30 08:17:20 | 003,649,648 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2014-04-27 13:21:22 | 000,135,168 | RHS- | M] () -- C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll MOD - [2014-04-19 15:45:35 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\24b67c1b2ec7be301ca76726b4b205c1\WindowsFormsIntegration.ni.dll MOD - [2014-04-19 15:44:48 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a97f4e39d47dc3d5098150a8b14a9662\Microsoft.VisualBasic.ni.dll MOD - [2014-04-19 15:10:06 | 001,308,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SmartAudio\c25f0a67ac87e9ed67b90e9fa30c1413\SmartAudio.ni.exe MOD - [2014-04-19 15:10:06 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.CxHDAudioAP#\b6d0851cf170411219fa07f977bfa572\Interop.CxHDAudioAPILib.ni.dll MOD - [2014-04-19 14:55:05 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll MOD - [2014-04-18 13:45:00 | 016,351,920 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll MOD - [2014-04-18 10:01:57 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\24ab5f14e55ae0dec23141f6e59a577c\CustomMarshalers.ni.dll MOD - [2014-02-16 12:16:16 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0aeaf4f1629dbe8eafc8f47b1795b18a\PresentationFramework.Aero.ni.dll MOD - [2014-02-16 12:15:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll MOD - [2014-02-16 12:15:46 | 014,325,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\36b839247bd1d22a7fd014a74abe9729\PresentationFramework.ni.dll MOD - [2014-02-16 12:15:23 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll MOD - [2014-02-16 12:15:21 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\549690bfac66934b7c7fd5cf8b120b7c\PresentationCore.ni.dll MOD - [2014-02-16 12:15:09 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll MOD - [2014-02-16 12:15:04 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll MOD - [2014-02-16 12:15:00 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll MOD - [2014-02-16 12:14:59 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll MOD - [2014-02-16 12:14:53 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll MOD - [2013-02-26 15:59:08 | 006,227,512 | ---- | M] () -- C:\Program Files (x86)\Polar\WebSync\WebSync.exe MOD - [2013-02-26 15:59:06 | 000,110,648 | ---- | M] () -- C:\Program Files (x86)\Polar\WebSync\PTransform.dll MOD - [2013-02-26 15:59:00 | 003,722,296 | ---- | M] () -- C:\Program Files (x86)\Polar\WebSync\libpolar.dll MOD - [2012-04-06 01:49:40 | 001,737,296 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll MOD - [2011-01-14 15:01:02 | 002,142,720 | ---- | M] () -- C:\Program Files (x86)\Polar\WebSync\QtCore4.dll MOD - [2010-02-10 17:45:48 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Polar\WebSync\imageformats\qgif4.dll MOD - [2010-02-10 17:45:40 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Polar\WebSync\imageformats\qjpeg4.dll MOD - [2010-02-10 15:22:16 | 007,971,840 | ---- | M] () -- C:\Program Files (x86)\Polar\WebSync\QtGui4.dll MOD - [2010-02-10 15:07:32 | 000,929,280 | ---- | M] () -- C:\Program Files (x86)\Polar\WebSync\QtNetwork4.dll MOD - [2010-02-10 15:06:06 | 000,334,848 | ---- | M] () -- C:\Program Files (x86)\Polar\WebSync\QtXml4.dll MOD - [2010-01-30 01:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf MOD - [2009-07-14 18:54:59 | 000,167,936 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_pl_b77a5c561934e089\System.Xml.resources.dll MOD - [2009-06-10 22:22:50 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll MOD - [2008-09-10 12:11:12 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe MOD - [2008-09-10 10:56:27 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducaps.dll MOD - [2008-09-10 10:56:14 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduscw.dll MOD - [2008-09-10 10:56:12 | 001,036,288 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduDRS.dll MOD - [2008-09-10 10:40:31 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducnv4.dll MOD - [2008-05-23 13:02:14 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudatr.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2008-05-23 13:58:53 | 001,040,552 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device) SRV:[b]64bit:[/b] - [2008-05-23 13:58:45 | 000,033,960 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService) SRV - [2014-10-30 08:17:20 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-04-19 14:18:01 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService) SRV - [2013-12-21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-12-12 14:20:18 | 000,419,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Polar\Daemon\polard.exe -- (Polar Daemon) SRV - [2011-03-09 11:04:12 | 000,326,616 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- D:\PRACA_TRUCKS\EWA net\database\TransBase WIS\tbmux32.exe -- (EWA net DB WIS) SRV - [2011-03-09 11:04:12 | 000,326,616 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\tbmux32.exe -- (EWA net DB Core) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-06-04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) SRV - [2008-05-23 13:58:45 | 000,033,960 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService) SRV - [2008-05-23 13:58:34 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxducoms.exe -- (lxdu_device) SRV - [2007-11-27 12:33:52 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\tbmux32.exe -- (EWA net DB EPC) SRV - [2004-08-05 12:02:30 | 000,385,024 | ---- | M] (Transaction Software, D 81737 Munich) [Auto | Running] -- D:\PRACA_TRUCKS\BMWgroup\ETKLokal\transbase\tbmux32.exe -- (Transbase) SRV - [2003-07-31 18:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) [Auto | Running] -- D:\PRACA_TRUCKS\EWA net\server\bin\tomcat.exe -- (EWA net Server) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014-06-16 07:01:38 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2014-06-16 07:01:38 | 000,110,336 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2014-04-27 13:02:53 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2014-04-27 13:01:37 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2014-04-11 09:39:14 | 000,188,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:[b]64bit:[/b] - [2014-04-11 09:39:14 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:[b]64bit:[/b] - [2014-04-11 09:39:14 | 000,158,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) DRV:[b]64bit:[/b] - [2014-04-11 09:39:14 | 000,021,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:[b]64bit:[/b] - [2013-03-01 13:26:59 | 000,098,304 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hlemu.sys -- (hlemu) DRV:[b]64bit:[/b] - [2013-02-12 15:02:24 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2012-03-01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-06-10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-03-11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-02-11 18:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2010-04-26 16:39:55 | 000,717,368 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:[b]64bit:[/b] - [2010-04-26 16:26:25 | 000,260,216 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:[b]64bit:[/b] - [2009-10-16 17:37:34 | 000,197,376 | ---- | M] (SMI) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SMIksdrv.sys -- (usbsmi) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-07 23:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-06-04 17:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009-05-19 12:43:32 | 000,026,128 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC) DRV:[b]64bit:[/b] - [2009-05-16 18:38:22 | 000,067,584 | ---- | M] (Chingachguk & Denger2k (Elite & SP edition)) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\multikey.sys -- (multikey) DRV:[b]64bit:[/b] - [2009-03-13 09:55:38 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-680891385-980522-2338184603-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/ IE - HKU\S-1-5-21-680891385-980522-2338184603-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-680891385-980522-2338184603-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-680891385-980522-2338184603-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "https://www.google.pl/" FF - prefs.js..extensions.enabledAddons: %7B02450914-cdd9-410f-b1da-db004e18c671%7D:0.98.02c FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.0.2 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014-02-16 10:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ŁUKASZ\AppData\Roaming\mozilla\Extensions [2014-10-10 13:32:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ŁUKASZ\AppData\Roaming\mozilla\Firefox\Profiles\7g0h8or6.default\extensions [2014-10-10 13:32:50 | 000,097,121 | ---- | M] () (No name found) -- C:\Users\ŁUKASZ\AppData\Roaming\mozilla\firefox\profiles\7g0h8or6.default\extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2014-10-30 08:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014-10-30 08:17:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} File not found (No name found) -- C:\USERS\ĹUKASZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7G0H8OR6.DEFAULT\EXTENSIONS\{02450914-CDD9-410F-B1DA-DB004E18C671}.XPI [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Error reading preferences file CHR - Extension: No name found = C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: No name found = C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: No name found = C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: No name found = C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: No name found = C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (WebCGMHlprObj Class) - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\Windows\SysWOW64\cgmopenbho.dll (CGM Open Consortium, Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3:[b]64bit:[/b] - HKU\S-1-5-21-680891385-980522-2338184603-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.) O3 - HKU\S-1-5-21-680891385-980522-2338184603-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4:[b]64bit:[/b] - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:[b]64bit:[/b] - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe () O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-680891385-980522-2338184603-1000..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (Disc Soft Ltd) O4 - HKU\S-1-5-21-680891385-980522-2338184603-1000..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe () O4 - HKU\S-1-5-21-680891385-980522-2338184603-1000..\Run: [uTorrent] C:\Users\ŁUKASZ\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-680891385-980522-2338184603-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08867520-8984-45DB-A335-EAC37DCC0985}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51ADF9C3-6E24-4E66-AF63-9A0DCFB66A5C}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89FE010A-DC43-4DC6-B6B1-61405C3B55A8}: DhcpNameServer = 192.168.1.254 O18:[b]64bit:[/b] - Protocol\Handler\cdo - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1c326251-0151-11e4-9aa8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{1c326251-0151-11e4-9aa8-806e6f6e6963}\Shell\AutoRun\command - "" = I:\Startme.exe O33 - MountPoints2\{caddbdeb-ce03-11e3-85f9-88ae1ddab855}\Shell - "" = AutoRun O33 - MountPoints2\{caddbdeb-ce03-11e3-85f9-88ae1ddab855}\Shell\AutoRun\command - "" = G:\setup.exe O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-11-04 21:24:10 | 000,000,000 | ---D | C] -- C:\FRST [2014-11-04 21:22:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ŁUKASZ\Desktop\OTL.exe [2014-11-04 21:21:52 | 002,114,560 | ---- | C] (Farbar) -- C:\Users\ŁUKASZ\Desktop\FRST64.exe [2014-11-04 20:54:14 | 000,000,000 | ---D | C] -- C:\Users\ŁUKASZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan [2014-11-04 20:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan [2014-11-04 20:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan [2014-10-30 23:02:27 | 000,000,000 | ---D | C] -- C:\Users\ŁUKASZ\Desktop\bayou_cowboy [2014-10-30 08:17:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2014-10-29 22:54:27 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2014-09-11 19:29:57 | 001,479,528 | ---- | C] (home) -- C:\Users\ŁUKASZ\AppData\Roaming\BYTQIMM.exe [2014-09-11 19:29:28 | 001,920,360 | ---- | C] (home) -- C:\Users\ŁUKASZ\AppData\Roaming\QBEWTC.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-11-04 21:23:04 | 001,292,800 | ---- | M] () -- C:\Users\ŁUKASZ\Desktop\zoek.exe [2014-11-04 21:22:12 | 002,114,560 | ---- | M] (Farbar) -- C:\Users\ŁUKASZ\Desktop\FRST64.exe [2014-11-04 21:22:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ŁUKASZ\Desktop\OTL.exe [2014-11-04 20:54:14 | 000,000,999 | ---- | M] () -- C:\Users\ŁUKASZ\Desktop\SpeedFan.lnk [2014-11-04 20:54:14 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo [2014-11-04 20:54:07 | 002,174,848 | ---- | M] () -- C:\Users\ŁUKASZ\Desktop\instsf450_[www.programosy.pl].exe [2014-11-04 20:53:19 | 000,024,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-11-04 20:53:19 | 000,024,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-11-04 20:52:58 | 001,662,996 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014-11-04 20:52:58 | 000,738,094 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2014-11-04 20:52:58 | 000,652,262 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014-11-04 20:52:58 | 000,154,750 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2014-11-04 20:52:58 | 000,121,194 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014-11-04 20:49:44 | 000,686,058 | ---- | M] () -- C:\Users\ŁUKASZ\Desktop\hwmonitor_1.22-64bit.zip [2014-11-04 20:46:46 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-11-04 20:45:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-11-04 20:45:44 | 3168,215,040 | -HS- | M] () -- C:\hiberfil.sys [2014-11-04 20:38:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-10-31 07:34:50 | 005,038,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014-10-30 23:02:16 | 000,019,259 | ---- | M] () -- C:\Users\ŁUKASZ\Desktop\bayou_cowboy.zip [2014-10-30 22:51:11 | 000,055,213 | ---- | M] () -- C:\Users\ŁUKASZ\Desktop\rainbow_puke_by_hennessycool-d4cjvf5.jpg [2014-10-29 18:40:02 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-10-28 13:59:39 | 000,015,043 | ---- | M] () -- C:\Users\ŁUKASZ\Desktop\images.jpg [2014-10-12 18:32:13 | 000,000,544 | ---- | M] () -- C:\Users\ŁUKASZ\Desktop\MyPlayer.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-11-04 21:22:53 | 001,292,800 | ---- | C] () -- C:\Users\ŁUKASZ\Desktop\zoek.exe [2014-11-04 20:54:14 | 000,000,999 | ---- | C] () -- C:\Users\ŁUKASZ\Desktop\SpeedFan.lnk [2014-11-04 20:54:14 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo [2014-11-04 20:54:02 | 002,174,848 | ---- | C] () -- C:\Users\ŁUKASZ\Desktop\instsf450_[www.programosy.pl].exe [2014-11-04 20:49:42 | 000,686,058 | ---- | C] () -- C:\Users\ŁUKASZ\Desktop\hwmonitor_1.22-64bit.zip [2014-10-30 23:02:16 | 000,019,259 | ---- | C] () -- C:\Users\ŁUKASZ\Desktop\bayou_cowboy.zip [2014-10-30 22:51:10 | 000,055,213 | ---- | C] () -- C:\Users\ŁUKASZ\Desktop\rainbow_puke_by_hennessycool-d4cjvf5.jpg [2014-10-28 13:59:39 | 000,015,043 | ---- | C] () -- C:\Users\ŁUKASZ\Desktop\images.jpg [2014-09-01 09:18:44 | 000,002,086 | ---- | C] () -- C:\Users\ŁUKASZ\AppData\Roaming\BYTQIMM [2014-09-01 09:18:44 | 000,001,248 | ---- | C] () -- C:\Users\ŁUKASZ\AppData\Roaming\QBEWTC [2014-06-06 21:01:56 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdudrs.dll [2014-06-06 21:01:56 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxducaps.dll [2014-06-06 21:01:56 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxducnv4.dll [2014-06-06 20:59:55 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\LXDUinst.dll [2014-06-06 20:59:55 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxducomx.dll [2014-06-06 20:59:54 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdupmui.dll [2014-06-06 20:59:54 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduinpa.dll [2014-06-06 20:59:54 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduiesc.dll [2014-06-06 20:59:53 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduserv.dll [2014-06-06 20:59:53 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduusb1.dll [2014-06-06 20:59:53 | 000,679,936 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduhbn3.dll [2014-06-06 20:59:53 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdulmpm.dll [2014-06-06 20:59:53 | 000,328,360 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduih.exe [2014-06-06 20:59:52 | 000,765,952 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomc.dll [2014-06-06 20:59:52 | 000,594,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducoms.exe [2014-06-06 20:59:52 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomm.dll [2014-06-06 20:59:52 | 000,369,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducfg.exe [2014-05-12 18:27:00 | 000,000,132 | ---- | C] () -- C:\Users\ŁUKASZ\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe [2014-05-11 10:53:19 | 000,001,606 | ---- | C] () -- C:\Windows\SysWow64\font.ini [2014-05-10 14:38:25 | 000,000,000 | ---- | C] () -- C:\Windows\MultiCd.ini [2014-05-10 10:52:56 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE [2014-05-10 10:52:56 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\hlduinst.exe [2014-05-09 18:52:21 | 000,000,102 | ---- | C] () -- C:\Users\ŁUKASZ\.ewanapi_cookie [2014-05-07 20:42:36 | 000,000,029 | ---- | C] () -- C:\Windows\UNWISE.INI [2014-05-07 20:42:35 | 000,178,179 | ---- | C] () -- C:\Windows\UNMANTI5.EXE [2014-05-07 20:42:35 | 000,000,477 | ---- | C] () -- C:\Windows\MANTIS.INI [2014-05-07 20:41:30 | 000,127,184 | ---- | C] () -- C:\Windows\UNWISE.EXE [2014-04-27 14:43:56 | 001,684,480 | ---- | C] () -- C:\Windows\SysWow64\ltclr13n.dll [2014-04-27 14:43:56 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\SP32W.DLL [2014-04-27 14:20:43 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI [2014-04-19 15:33:07 | 001,638,406 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2014-04-19 14:18:33 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe [2014-04-19 14:18:33 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe [2014-04-18 20:36:54 | 000,218,200 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2014-01-23 17:31:12 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2014-01-23 17:31:08 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2014-01-23 17:31:08 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2014-01-23 17:31:08 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2014-01-23 17:31:08 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2014-06-07 12:07:28 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\5600-6600 Series [2014-06-21 17:35:02 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\Ashampoo [2014-04-19 15:25:41 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\Canon [2014-11-04 20:50:11 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\DAEMON Tools Pro [2014-09-08 16:49:43 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\EurekaLog [2014-04-22 23:08:22 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\GHISLER [2014-05-10 14:33:51 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\ITEDO [2014-04-18 20:56:39 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\MPC-HC [2014-05-03 09:16:38 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\NapiProjekt [2014-08-12 13:50:24 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\OpenFM [2014-09-02 22:10:41 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\PDF Writer [2014-08-05 17:53:19 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\Samsung [2014-05-23 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\Thunderbird [2014-11-04 20:59:51 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\uTorrent [2014-05-10 09:55:36 | 000,000,000 | ---D | M] -- C:\Users\ŁUKASZ\AppData\Roaming\VitySoft [color=#E56717]========== Purity Check ==========[/color] < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2014-11-04 21:29:09 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ŁUKASZ\Desktop 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,93 Gb Total Physical Memory | 2,15 Gb Available Physical Memory | 54,64% Memory free 7,87 Gb Paging File | 5,91 Gb Available in Paging File | 75,07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 99,90 Gb Total Space | 64,47 Gb Free Space | 64,54% Space Free | Partition Type: NTFS Drive D: | 200,00 Gb Total Space | 96,27 Gb Free Space | 48,13% Space Free | Partition Type: NTFS Drive E: | 398,63 Gb Total Space | 26,34 Gb Free Space | 6,61% Space Free | Partition Type: NTFS Computer Name: DOM-ŁUKASZ | User Name: ŁUKASZ | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-680891385-980522-2338184603-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- D:\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- D:\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{29F13822-E754-4105-952F-8116BB876E31}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2DFB0C83-B564-406F-908F-F8D10BDA2E44}" = lport=137 | protocol=17 | dir=in | app=system | "{40E3258E-6098-4878-9BB2-ABA8255E3488}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{5108CA08-44BD-4907-B5AF-016C95B44CC2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5505F273-65A6-46EA-8FBC-09CEF48E7C95}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5808C15D-C15A-4FF9-B0E8-579823894349}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{62CDDA53-D90E-4928-8AD0-5D0D38B75456}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{63738216-EE1F-4E88-BFDC-E6C1CBE7EC8F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{6B020F01-A530-4D7D-BDF0-946D968FABA8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{71970BA4-8694-452F-BB6E-F41C7B001FC0}" = rport=138 | protocol=17 | dir=out | app=system | "{8AD738A0-2032-43D8-8F71-57419659B7AA}" = rport=137 | protocol=17 | dir=out | app=system | "{8E0D249C-066C-4805-8C88-22A305CA5640}" = rport=10243 | protocol=6 | dir=out | app=system | "{97839A2B-6536-4B07-A026-DF1049E6BF00}" = lport=2869 | protocol=6 | dir=in | app=system | "{A5431B77-8FD5-40F8-8F92-4C223821E0FC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{A71CAA3A-A5C4-4BC2-AE31-BFDE89BA656D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AC0BF90C-C3BA-462C-8A3C-3490513F3F3E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AC281198-14B0-437C-9C7B-5B8FED312869}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{ACD4A81C-85FB-41A3-A43F-009029B639EB}" = rport=445 | protocol=6 | dir=out | app=system | "{BB299724-7077-40DA-8A5B-ECF2E5A6F6C8}" = lport=138 | protocol=17 | dir=in | app=system | "{BBD35BCB-235A-4604-8B01-3DD74B597C31}" = lport=139 | protocol=6 | dir=in | app=system | "{C18FAF2C-2A0A-4C89-861C-B4ECEE5A053B}" = lport=445 | protocol=6 | dir=in | app=system | "{C6372F82-AE4B-44D1-9588-E7CE79A69832}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{C7E74B96-79F7-488C-A423-E151244F87FA}" = rport=139 | protocol=6 | dir=out | app=system | "{CA67690A-2A04-4E9C-B2EE-C0AC32B49B5D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F6804F00-99C5-4E7E-BEC9-811D70D96B0F}" = lport=10243 | protocol=6 | dir=in | app=system | "{FB6B3AF4-504E-419F-8FA8-0153FED49159}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0450E568-3E97-4C2C-8E51-7F85DDB0596C}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxducoms.exe | "{0BD95DA9-63FA-4F8B-8364-48DE43141883}" = protocol=6 | dir=out | app=system | "{0DB6B77D-5D40-4DB7-9A72-AE1185029921}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{10318E2E-FF5E-49C9-B677-36C2C4B0DACF}" = protocol=17 | dir=in | app=c:\windows\system32\lxducoms.exe | "{21497600-F1D2-457D-9462-F724F99011AB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{24D0D616-BD38-471A-84EA-7B89BF3F4993}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{28C0CB99-67CE-4A6F-93B2-8C1764C572FF}" = protocol=6 | dir=in | app=c:\users\łukasz\appdata\roaming\utorrent\utorrent.exe | "{2BC3BBC0-A06F-4B4F-8D91-12251EEA688A}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{2CEDDCF8-7A0C-496C-B96D-7823DB2C9F2B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3331C8D4-2010-41A4-AC96-4E206888455F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3639223F-F101-40FD-882E-1942BA97FEF7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4414F2D2-935F-40E4-B0AB-6E9609060090}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxducoms.exe | "{449138D3-8471-4515-930F-D0C6FB403CBB}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\lxduamon.exe | "{4817217C-BA4C-4B75-8049-6FAB142DFEDE}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\lxduamon.exe | "{50194101-E629-4E34-96B0-D597F4E2CB69}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{595B2DDD-04AE-4DB6-B3F3-5C52C119FF27}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{63410592-A3AB-44F5-9230-5CB6DBD771BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{673B6553-FF11-429B-85CD-E36A816C71A5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{68E6ACA4-5BD9-422E-8372-733243972B3C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{6EEE8639-8C03-4B95-9E70-92C49A3F3937}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{730F3E3A-DA09-4891-9417-4FB5FFBBF046}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{833C70C5-7DDF-4C1B-B9BA-FC1CB036E4B5}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\frun.exe | "{8A9FC2D6-29EE-46A1-9549-8DC13905D3A0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8DF0664B-F811-4605-A5D7-0500A04F108E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{9BF81E29-03EC-42B4-AB0A-ABAF6325D8E8}" = protocol=17 | dir=in | app=c:\users\łukasz\appdata\roaming\utorrent\utorrent.exe | "{9EBB755F-B179-4778-8DA1-9391737EC3F3}" = protocol=6 | dir=in | app=c:\windows\system32\lxducoms.exe | "{A0265AB3-9A12-4144-9291-75A8DAEFC1C5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{A4F823A4-6830-4558-8D35-DD90A6685991}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A743F95F-245F-420E-83D9-F6020C170BD2}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{A84D59C4-FCDC-4D9B-B4BC-30318E342A4C}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\lxdufax.exe | "{AAFA4EC8-17AA-4BD2-AF94-4797275843C1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B11D7804-D878-4AF8-A990-CCF766554520}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{B4C30A8E-4305-434E-8E8B-D4F0AB2218E7}" = protocol=6 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe | "{B6C328EF-4C05-471A-A5C3-CFE89FF43188}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{C2F7A0B5-72B1-4D01-85FE-123C5F564873}" = protocol=17 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe | "{D5516539-C5C8-4AAC-9F4F-1C4E77B38013}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\frun.exe | "{D87B78DA-00CD-43FC-B4FF-E93456E069CF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E0AA6142-D0E6-4D5A-85C8-03ED21B4732F}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\lxdufax.exe | "{EF3AE018-0944-4EDD-9E08-2E8C318031A7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "TCP Query User{3C045E65-CF96-41D9-9610-A40279B7143B}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe | "UDP Query User{C94B963A-36B5-4A83-888F-FBA5E1036FD4}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series" = Canon MP495 series MP Drivers "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010 "{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "92F4CDC794E6E4E29DC063D292D1C94F6FA1EA1E" = Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (05/19/2009 4.4.0.1) "Bullzip PDF Printer_is1" = Bullzip PDF Printer 10.7.0.2277 "CCleaner" = CCleaner "CNXT_AUDIO_HDA" = Conexant HD Audio "Lenovo EasyCamera" = Lenovo EasyCamera "Lexmark 5600-6600 Series" = Lexmark 5600-6600 Series "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Totalcmd64" = Total Commander 64-bit (Remove or Repair) "WinRAR archiver" = WinRAR 5.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{004F0409-78E1-11D2-B60F-006097C998E7}" = Microsoft Access 2000 SR-1 Runtime "{00989200-325C-4910-8D7C-708529685D64}" = EWA_net_WIS_CaseOnline_Importer "{01339AE5-04D4-43F8-008E-13AD788DC4F7}" = SimCity 4 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20ABF63B-BE90-4D01-B119-E277812054A9}" = Multi "{24C92A38-7588-4B42-AE06-5A3BC31F0D05}" = BPW Genuine Parts "{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67 "{278DB2A0-512A-4555-8BA0-C5D65E9DDC79}" = EWA_net_Client_Applications "{2BA9320D-E061-4C71-ACCB-AC0E9D4FC82B}" = Polar Daemon "{320453EE-6AEA-4E1A-8E64-72F33C0C928F}" = Polar WebSync "{42D6250E-61AA-4D78-BD16-33496CB2A42C}_is1" = GordonKatalog 4.2.34 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{666C8948-D1FE-4896-9921-1BD30A1BE656}" = ITEDO IsoView ActiveX Control 6.0 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{725136F0-5E3C-11D4-98DD-00508BCBE9C2}" = PartsRapido "{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6 "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{7A997C02-81D4-4FEC-9C1C-F916611F8360}" = EWA_net_EPC "{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}" = Crystal Reports for .NET Framework 2.0 (x86) "{80280415-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional z programem FrontPage - Beta "{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3 "{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1" = Ashampoo Burning Studio 14 v.14.0.1 "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}" = inSSIDer Home "{A27F6D0D-74F8-46B6-B2D1-908901A81AA2}_is1" = SuperKat 2014-1 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.08) - Polish "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6 "{C0F1D697-0C8F-4563-A406-830AE52BCE65}" = EWA_net_WIS "{C7B52FAF-58D8-438C-B810-F78C3C927504}" = ChomikBox "{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark "{D78A1468-84FD-4226-BB33-713A7EBE3028}" = Document_Installer "{E68C5783-A1E6-4D4C-83D4-99DD470F3D94}" = EWA_net_Server "{E95BCA9A-F9ED-48C7-AFB3-4053A0F1E02C}" = XVL Player / XVL Player Pro "{EC17C160-E2F0-47CC-86D4-140AE22EC38E}" = ETK (Lokal) "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F41852C7-939E-49A3-A5A7-5E3A81C32A8B}" = EWA_net_Core "{F49AFE1E-A8F1-4764-9138-C82C8E617E2B}" = EWA_net_Admin "{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}" = Lenovo EasyCamera "1ClickDownload" = HDVidCodec "Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin "Canon_IJ_Network_UTILITY" = Canon IJ Network Tool "CanonMyPrinter" = Canon My Printer "Consult V4 RenaultTrucks" = Consult V4 RenaultTrucks "Consult VIN" = Consult VIN "DAEMON Tools Pro" = DAEMON Tools Pro "DVD Decrypter" = DVD Decrypter (Remove Only) "Easy-WebPrint EX" = Canon Easy-WebPrint EX "EWA net" = EWA net "Google Chrome" = Google Chrome "Hardlock Device Drivers" = Hardlock Device Drivers "Heroes of Might and Magic III - Złota Edycja_is1" = Heroes of Might and Magic III - Złota Edycja "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3 "IrfanView" = IrfanView (remove only) "jdownloader09" = JDownloader 0.9 "Katalog Fota" = Katalog FOTA "KLiteCodecPack_is1" = K-Lite Codec Pack 10.4.0 Full "MANTIS" = MANTIS "Monopoly by Parker Brothers" = Monopoly by Parker Brothers "Mozilla Firefox 33.0.2 (x86 pl)" = Mozilla Firefox 33.0.2 (x86 pl) "Mozilla Thunderbird 24.6.0 (x86 pl)" = Mozilla Thunderbird 24.6.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "MP Navigator EX 4.0" = Canon MP Navigator EX 4.0 "MyPlayer" = MyPlayer "NapiProjekt_is1" = NapiProjekt (2.2.0.2399) "Parts-Publisher (PL) 2418" = SAF-HOLLAND MATERIAŁY INFORMACYJNE (CD) (PL) "SpeedFan" = SpeedFan (remove only) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-680891385-980522-2338184603-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "OpenFM" = OpenFM "uTorrent" = µTorrent [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-10-12 02:54:19 | Computer Name = DOM-ŁUKASZ | Source = Windows Search Service | ID = 9000 Description = Error - 2014-10-12 02:54:19 | Computer Name = DOM-ŁUKASZ | Source = Windows Search Service | ID = 1006 Description = Error - 2014-10-12 03:09:23 | Computer Name = DOM-ŁUKASZ | Source = Windows Search Service | ID = 9000 Description = Error - 2014-10-12 03:09:23 | Computer Name = DOM-ŁUKASZ | Source = Windows Search Service | ID = 1006 Description = Error - 2014-10-12 03:09:41 | Computer Name = DOM-ŁUKASZ | Source = Windows Search Service | ID = 9000 Description = Error - 2014-10-12 03:09:41 | Computer Name = DOM-ŁUKASZ | Source = Windows Search Service | ID = 1006 Description = Error - 2014-10-12 07:39:58 | Computer Name = DOM-ŁUKASZ | Source = Microsoft-Windows-CAPI2 | ID = 257 Description = Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error - 2014-10-12 07:39:58 | Computer Name = DOM-ŁUKASZ | Source = Microsoft-Windows-CAPI2 | ID = 257 Description = Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error - 2014-10-12 07:39:58 | Computer Name = DOM-ŁUKASZ | Source = Microsoft-Windows-CAPI2 | ID = 257 Description = Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error - 2014-10-12 07:39:58 | Computer Name = DOM-ŁUKASZ | Source = Microsoft-Windows-CAPI2 | ID = 257 Description = Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. [ System Events ] Error - 2014-08-02 02:04:57 | Computer Name = DOM-ŁUKASZ | Source = Service Control Manager | ID = 7031 Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2014-08-02 02:05:29 | Computer Name = DOM-ŁUKASZ | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Error - 2014-08-02 02:05:29 | Computer Name = DOM-ŁUKASZ | Source = Service Control Manager | ID = 7031 Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2014-08-02 02:06:01 | Computer Name = DOM-ŁUKASZ | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Error - 2014-08-02 02:06:01 | Computer Name = DOM-ŁUKASZ | Source = Service Control Manager | ID = 7034 Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 3. Error - 2014-08-02 02:07:03 | Computer Name = DOM-ŁUKASZ | Source = Service Control Manager | ID = 7023 Description = Usługa Windows Defender zakończyła działanie; wystąpił następujący błąd: %%-1906441657 Error - 2014-08-02 02:08:01 | Computer Name = DOM-ŁUKASZ | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Error - 2014-08-02 02:08:01 | Computer Name = DOM-ŁUKASZ | Source = Service Control Manager | ID = 7034 Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 4. Error - 2014-08-02 02:14:53 | Computer Name = DOM-ŁUKASZ | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Error - 2014-08-02 02:14:53 | Computer Name = DOM-ŁUKASZ | Source = Service Control Manager | ID = 7034 Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 5. < End of report >

**Posty:** 4765 · przez **ordynat** 04 Lis 2014, 23:39

Otwórz Notatnik i wklej w nim:

Task: C:\Windows\Tasks\BYTQIMM.job => C:\Users\ý˙UKASZ\AppData\Roaming\BYTQIMM.exe <==== ATTENTION
C:\Users\ý˙UKASZ\AppData\Roaming\BYTQIMM.exe
Task: C:\Windows\Tasks\QBEWTC.job => C:\Users\ý˙UKASZ\AppData\Roaming\QBEWTC.exe <==== ATTENTION
C:\Users\ý˙UKASZ\AppData\Roaming\QBEWTC.exe
C:\Users\ŁUKASZ\AppData\Roaming\BYTQIMM
C:\Users\ŁUKASZ\AppData\Roaming\QBEWTC
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij przycisk Fix.
Powstanie plik fixlog.txt.
Daj ten log.

Zrób nowe logi z FRST.
.

**Posty:** 8079 · przez **kajtekjr** 05 Lis 2014, 22:58

zrobione

Kod: Zaznacz wszystko: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-11-2014 Ran by ŁUKASZ at 2014-11-05 21:51:32 Run:1 Running from C:\Users\ŁUKASZ\Desktop Loaded Profile: ŁUKASZ (Available profiles: ŁUKASZ) Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: C:\Windows\Tasks\BYTQIMM.job => C:\Users\ý˙UKASZ\AppData\Roaming\BYTQIMM.exe <==== ATTENTION C:\Users\ý˙UKASZ\AppData\Roaming\BYTQIMM.exe Task: C:\Windows\Tasks\QBEWTC.job => C:\Users\ý˙UKASZ\AppData\Roaming\QBEWTC.exe <==== ATTENTION C:\Users\ý˙UKASZ\AppData\Roaming\QBEWTC.exe C:\Users\ŁUKASZ\AppData\Roaming\BYTQIMM C:\Users\ŁUKASZ\AppData\Roaming\QBEWTC EmptyTemp: ***************** C:\Windows\Tasks\BYTQIMM.job => Moved successfully. "C:\Users\ý˙UKASZ\AppData\Roaming\BYTQIMM.exe" => File/Directory not found. C:\Windows\Tasks\QBEWTC.job => Moved successfully. "C:\Users\ý˙UKASZ\AppData\Roaming\QBEWTC.exe" => File/Directory not found. C:\Users\ŁUKASZ\AppData\Roaming\BYTQIMM => Moved successfully. C:\Users\ŁUKASZ\AppData\Roaming\QBEWTC => Moved successfully. EmptyTemp: => Removed 407.6 MB temporary data. The system needed a reboot. ==== End of Fixlog ====

Kod: Zaznacz wszystko: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014 Ran by ŁUKASZ (administrator) on DOM-ŁUKASZ on 05-11-2014 21:55:43 Running from C:\Users\ŁUKASZ\Desktop Loaded Profile: ŁUKASZ (Available profiles: ŁUKASZ) Platform: Windows 7 Professional (X64) OS Language: Polski (Polska) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Transaction Software, D 81829 Munich) D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\tbmux32.exe (Transaction Software, D 81829 Munich) D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\tbmux32.exe (Transaction Software, D 81829 Munich) D:\PRACA_TRUCKS\EWA net\database\TransBase WIS\tbmux32.exe (Alexandria Software Consulting) D:\PRACA_TRUCKS\EWA net\server\bin\tomcat.exe (Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Windows\SysWOW64\srvany.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe () C:\Windows\KMService.exe ( ) C:\Windows\System32\lxducoms.exe (BitTorrent Inc.) C:\Users\ŁUKASZ\AppData\Roaming\uTorrent\uTorrent.exe (Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe () C:\Program Files (x86)\Polar\WebSync\WebSync.exe () C:\Program Files (x86)\Polar\Daemon\polard.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Transaction Software, D 81737 Munich) D:\PRACA_TRUCKS\BMWgroup\ETKLokal\transbase\tbmux32.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Transaction Software, D 81829 Munich) D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\tbkern32.exe (Transaction Software, D 81829 Munich) D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\tbkern32.exe (Transaction Software, D 81829 Munich) D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\tbkern32.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4366704 2009-09-29] (Lenovo(beijing) Limited) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [5825536 2009-08-19] (Lenovo (Beijing) Limited) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-26] () HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-680891385-980522-2338184603-1000\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-26] () HKU\S-1-5-21-680891385-980522-2338184603-1000\...\Run: [uTorrent] => "C:\Users\AUKASZ\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED HKU\S-1-5-21-680891385-980522-2338184603-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3125280 2013-10-17] (Disc Soft Ltd) HKU\S-1-5-21-680891385-980522-2338184603-1000\...\MountPoints2: I - I:\Startme.exe HKU\S-1-5-21-680891385-980522-2338184603-1000\...\MountPoints2: {1c326251-0151-11e4-9aa8-806e6f6e6963} - I:\Startme.exe HKU\S-1-5-21-680891385-980522-2338184603-1000\...\MountPoints2: {caddbdeb-ce03-11e3-85f9-88ae1ddab855} - G:\setup.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Polar WebSync.lnk ShortcutTarget: Polar WebSync.lnk -> C:\Program Files (x86)\Polar\WebSync\WebSync.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: WebCGMHlprObj Class -> {56B38F40-4E70-11d4-A076-0080AD86BA2F} -> C:\Windows\SysWow64\cgmopenbho.dll (CGM Open Consortium, Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Lexmark -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll () BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - No File Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\ŁUKASZ\AppData\Roaming\Mozilla\Firefox\Profiles\7g0h8or6.default FF Homepage: https://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Screengrab (fix version) - C:\Users\ŁUKASZ\AppData\Roaming\Mozilla\Firefox\Profiles\7g0h8or6.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2014-08-03] Chrome: ======= CHR Profile: C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dysk Google) - C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-16] CHR Extension: (YouTube) - C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-16] CHR Extension: (Szukaj w Google) - C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-16] CHR Extension: (Google Wallet) - C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16] CHR Extension: (Gmail) - C:\Users\ŁUKASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-16] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation) [File not signed] S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation) [File not signed] S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation) [File not signed] S3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-14] (Microsoft Corporation) [File not signed] S3 AppMgmt; C:\Windows\System32\appmgmts.dll [193536 2009-07-14] (Microsoft Corporation) [File not signed] S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [149504 2009-07-14] (Microsoft Corporation) [File not signed] R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed] R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed] S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed] S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation) [File not signed] R2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-14] (Microsoft Corporation) [File not signed] S3 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-14] (Microsoft Corporation) [File not signed] R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation) [File not signed] S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) [File not signed] S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed] S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation) [File not signed] S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) [File not signed] R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [182272 2012-06-02] (Microsoft Corporation) [File not signed] R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [139264 2012-06-02] (Microsoft Corporation) [File not signed] R2 CscService; C:\Windows\System32\cscsvc.dll [689152 2009-07-14] (Microsoft Corporation) [File not signed] R2 DcomLaunch; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed] S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) [File not signed] R2 Dhcp; C:\Windows\system32\dhcpcore.dll [314368 2009-07-14] (Microsoft Corporation) [File not signed] R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [253440 2009-07-14] (Microsoft Corporation) [File not signed] R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2011-03-03] (Microsoft Corporation) [File not signed] S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-14] (Microsoft Corporation) [File not signed] R2 DPS; C:\Windows\system32\dps.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed] R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) [File not signed] S3 EFS; C:\Windows\System32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) [File not signed] S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696320 2010-08-04] (Microsoft Corporation) [File not signed] S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation) [File not signed] R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2009-07-14] (Microsoft Corporation) [File not signed] R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) [File not signed] R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed] R2 EWA net DB Core; D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\tbmux32.exe [326616 2011-03-09] (Transaction Software, D 81829 Munich) [File not signed] R2 EWA net DB EPC; D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\tbmux32.exe [417792 2007-11-27] (Transaction Software, D 81829 Munich) [File not signed] R2 EWA net DB WIS; D:\PRACA_TRUCKS\EWA net\database\TransBase WIS\tbmux32.exe [326616 2011-03-09] (Transaction Software, D 81829 Munich) [File not signed] R2 EWA net Server; D:\PRACA_TRUCKS\EWA net\server\bin\tomcat.exe [65536 2003-07-31] (Alexandria Software Consulting) [File not signed] S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2009-07-14] (Microsoft Corporation) [File not signed] R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) [File not signed] R3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) [File not signed] R2 FontCache; C:\Windows\system32\FntCache.dll [1135104 2011-02-19] (Microsoft Corporation) [File not signed] R2 gpsvc; C:\Windows\System32\gpsvc.dll [776192 2009-07-14] (Microsoft Corporation) [File not signed] R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed] R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed] S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed] R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [231936 2009-07-14] (Microsoft Corporation) [File not signed] R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2009-07-14] (Microsoft Corporation) [File not signed] R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2009-07-14] (Microsoft Corporation) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-14] (Microsoft Corporation) [File not signed] S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) [File not signed] R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-14] (Microsoft Corporation) [File not signed] R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) [File not signed] R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-04-19] () [File not signed] S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) [File not signed] R2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-08-27] (Microsoft Corporation) [File not signed] R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-14] (Microsoft Corporation) [File not signed] S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) [File not signed] R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation) [File not signed] S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [33960 2008-05-23] (Lexmark International, Inc.) R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1040552 2008-05-23] ( ) R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [594600 2008-05-23] ( ) S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed] R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed] R2 MpsSvc; C:\Windows\system32\mpssvc.dll [824832 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation) [File not signed] S3 msiserver; C:\Windows\System32\msiexec.exe [127488 2009-07-14] (Microsoft Corporation) [File not signed] S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2009-07-14] (Microsoft Corporation) [File not signed] S3 napagent; C:\Windows\system32\qagentRT.dll [475648 2009-07-14] (Microsoft Corporation) [File not signed] S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) [File not signed] R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed] R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) [File not signed] R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed] R2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-14] (Microsoft Corporation) [File not signed] R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) [File not signed] R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed] R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation) [File not signed] R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation) [File not signed] S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1361920 2009-07-14] (Microsoft Corporation) [File not signed] S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation) [File not signed] S3 pla; C:\Windows\system32\pla.dll [1390080 2009-07-14] (Microsoft Corporation) [File not signed] S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2009-07-14] (Microsoft Corporation) [File not signed] R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404992 2011-05-24] (Microsoft Corporation) [File not signed] S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed] R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed] R2 Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [419536 2012-12-12] () R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-14] (Microsoft Corporation) [File not signed] R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) [File not signed] R2 ProfSvc; C:\Windows\system32\profsvc.dll [208896 2012-05-02] (Microsoft Corporation) [File not signed] S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) [File not signed] S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed] S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed] S3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-14] (Microsoft Corporation) [File not signed] S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation) [File not signed] S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed] S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) [File not signed] R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) [File not signed] S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation) [File not signed] R2 RpcSs; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed] R2 SamSs; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) [File not signed] S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation) [File not signed] R2 Schedule; C:\Windows\system32\schedsvc.dll [1114624 2010-11-02] (Microsoft Corporation) [File not signed] S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed] S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2009-07-14] (Microsoft Corporation) [File not signed] S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-14] (Microsoft Corporation) [File not signed] R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed] R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed] S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation) [File not signed] S3 SessionEnv; C:\Windows\system32\sessenv.dll [104960 2009-07-14] (Microsoft Corporation) [File not signed] S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed] S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) [File not signed] R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [369664 2009-07-14] (Microsoft Corporation) [File not signed] R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2009-07-14] (Microsoft Corporation) [File not signed] S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation) [File not signed] R2 Spooler; C:\Windows\System32\spoolsv.exe [558592 2010-08-21] (Microsoft Corporation) [File not signed] R2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2009-07-14] (Microsoft Corporation) [File not signed] S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed] R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) [File not signed] S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed] R2 stisvc; C:\Windows\System32\wiaservc.dll [578560 2009-07-14] (Microsoft Corporation) [File not signed] S3 StorSvc; C:\Windows\system32\storsvc.dll [17920 2009-07-14] (Microsoft Corporation) [File not signed] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) [File not signed] R2 SysMain; C:\Windows\system32\sysmain.dll [1780736 2009-07-14] (Microsoft Corporation) [File not signed] S3 TabletInputService; C:\Windows\System32\TabSvc.dll [93184 2009-07-14] (Microsoft Corporation) [File not signed] S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-14] (Microsoft Corporation) [File not signed] S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [241664 2009-07-14] (Microsoft Corporation) [File not signed] S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed] S3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-14] (Microsoft Corporation) [File not signed] R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [File not signed] S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed] R2 Transbase; D:\PRACA_TRUCKS\BMWgroup\ETKLokal\transbase\tbmux32.exe [385024 2004-08-05] (Transaction Software, D 81737 Munich) [File not signed] R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) [File not signed] S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2009-07-14] (Microsoft Corporation) [File not signed] S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation) [File not signed] S3 UmRdpService; C:\Windows\System32\umrdp.dll [195072 2009-07-14] (Microsoft Corporation) [File not signed] R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) [File not signed] R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed] R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed] S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) [File not signed] S3 vds; C:\Windows\System32\vds.exe [532480 2009-07-14] (Microsoft Corporation) [File not signed] S3 VSS; C:\Windows\system32\vssvc.exe [1598976 2009-07-14] (Microsoft Corporation) [File not signed] S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) [File not signed] S3 wbengine; C:\Windows\system32\wbengine.exe [1503744 2009-07-14] (Microsoft Corporation) [File not signed] S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation) [File not signed] S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-09-14] (Microsoft Corporation) [File not signed] S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-09-14] (Microsoft Corporation) [File not signed] S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation) [File not signed] S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed] R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed] R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed] R3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed] R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed] S3 WebClient; C:\Windows\System32\webclnt.dll [258048 2010-12-21] (Microsoft Corporation) [File not signed] S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [204800 2010-12-21] (Microsoft Corporation) [File not signed] S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) [File not signed] S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed] S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) [File not signed] R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [442880 2010-12-21] (Microsoft Corporation) [File not signed] R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [350720 2010-12-21] (Microsoft Corporation) [File not signed] R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed] S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018816 2009-07-14] (Microsoft Corporation) [File not signed] S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2009-07-14] (Microsoft Corporation) [File not signed] R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation) [File not signed] S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation) [File not signed] R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2009-07-14] (Microsoft Corporation) [File not signed] S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation) [File not signed] S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed] S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [116736 2009-07-14] (Microsoft Corporation) [File not signed] R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2010-12-21] (Microsoft Corporation) [File not signed] U2 WSearch; C:\Windows\system32\SearchIndexer.exe [593408 2011-05-04] (Microsoft Corporation) [File not signed] U2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [428032 2011-05-04] (Microsoft Corporation) [File not signed] S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation) [File not signed] S3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-14] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 1394ohci; C:\Windows\system32\DRIVERS\1394ohci.sys [227840 2009-07-14] (Microsoft Corporation) [File not signed] S3 AcpiPmi; C:\Windows\system32\DRIVERS\acpipmi.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed] R1 AFD; C:\Windows\system32\drivers\afd.sys [499200 2011-12-28] (Microsoft Corporation) [File not signed] S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] (Microsoft Corporation) [File not signed] S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed] S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2009-07-14] (Microsoft Corporation) [File not signed] S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) [File not signed] S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) [File not signed] S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) [File not signed] R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed] R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation) [File not signed] R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation) [File not signed] S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) [File not signed] S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) [File not signed] S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.) [File not signed] S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) [File not signed] S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) [File not signed] S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) [File not signed] S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation) [File not signed] S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) [File not signed] R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-14] (Microsoft Corporation) [File not signed] S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] (Microsoft Corporation) [File not signed] R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation) [File not signed] R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2009-07-14] (Microsoft Corporation) [File not signed] R1 CSC; C:\Windows\System32\drivers\csc.sys [514048 2009-07-14] (Microsoft Corporation) [File not signed] R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2011-04-27] (Microsoft Corporation) [File not signed] R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed] S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation) [File not signed] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-27] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) [File not signed] S3 ErrDev; C:\Windows\system32\DRIVERS\errdev.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed] S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) [File not signed] S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed] S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed] S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) [File not signed] S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed] S2 hardlock; C:\Windows\system32\drivers\hardlock.sys [318464 2009-03-13] (Aladdin Knowledge Systems Ltd.) [File not signed] S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed] S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-14] (Microsoft Corporation) [File not signed] R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-14] (Microsoft Corporation) [File not signed] S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed] S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] (Microsoft Corporation) [File not signed] S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed] R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed] S2 hlemu; C:\Windows\System32\drivers\hlemu.SYS [98304 2013-03-01] () [File not signed] R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-14] (Microsoft Corporation) [File not signed] R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation) [File not signed] R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10628640 2011-02-11] (Intel Corporation) [File not signed] R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed] S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-14] (Microsoft Corporation) [File not signed] S3 IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [78848 2009-07-14] (Microsoft Corporation) [File not signed] S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) [File not signed] S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed] S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-14] (Microsoft Corporation) [File not signed] R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed] R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed] R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) [File not signed] S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed] R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed] R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation) [File not signed] R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation) [File not signed] S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2009-07-14] (Microsoft Corporation) [File not signed] R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157696 2011-05-04] (Microsoft Corporation) [File not signed] R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [287744 2011-07-09] (Microsoft Corporation) [File not signed] R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [126464 2011-05-04] (Microsoft Corporation) [File not signed] R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed] S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) [File not signed] S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) [File not signed] S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation) [File not signed] S2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [67584 2009-05-16] (Chingachguk & Denger2k (Elite & SP edition)) [File not signed] R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation) [File not signed] S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed] R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed] R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed] R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-14] (Microsoft Corporation) [File not signed] R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-14] (Microsoft Corporation) [File not signed] R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed] R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-14] (Microsoft Corporation) [File not signed] R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation) [File not signed] R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed] R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed] S3 ohci1394; C:\Windows\system32\DRIVERS\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation) [File not signed] S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] (Microsoft Corporation) [File not signed] R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation) [File not signed] R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-14] (Microsoft Corporation) [File not signed] S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed] R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-14] (Microsoft Corporation) [File not signed] S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed] S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) [File not signed] R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed] R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-14] (Microsoft Corporation) [File not signed] R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) [File not signed] R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation) [File not signed] R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-14] (Microsoft Corporation) [File not signed] R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed] R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed] S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165376 2009-07-14] (Microsoft Corporation) [File not signed] R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed] R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed] S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2012-04-28] (Microsoft Corporation) [File not signed] R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) [File not signed] S3 s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed] S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed] R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed] S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed] S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Microsoft Corporation) [File not signed] S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed] S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed] S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed] S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2009-10-10] (Microsoft Corporation) [File not signed] S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed] S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) [File not signed] R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-04-27] (Duplex Secure Ltd.) R3 srv; C:\Windows\System32\DRIVERS\srv.sys [461312 2011-04-29] (Microsoft Corporation) [File not signed] R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [399872 2011-04-29] (Microsoft Corporation) [File not signed] R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [161792 2011-04-29] (Microsoft Corporation) [File not signed] R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed] S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) [File not signed] S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-15] (Microsoft Corporation) [File not signed] R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-14] (Microsoft Corporation) [File not signed] S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-14] (Microsoft Corporation) [File not signed] R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-14] (Microsoft Corporation) [File not signed] S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-14] (Microsoft Corporation) [File not signed] R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-14] (Microsoft Corporation) [File not signed] S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed] R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2011-03-25] (Microsoft Corporation) [File not signed] S3 usbcir; C:\Windows\system32\DRIVERS\usbcir.sys [100352 2009-07-14] (Microsoft Corporation) [File not signed] R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [52224 2011-03-25] (Microsoft Corporation) [File not signed] R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2011-03-25] (Microsoft Corporation) [File not signed] S3 usbohci; C:\Windows\system32\DRIVERS\usbohci.sys [25600 2011-03-25] (Microsoft Corporation) [File not signed] S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed] S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-14] (Microsoft Corporation) [File not signed] R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [197376 2009-10-16] (SMI) [File not signed] S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91136 2011-03-11] (Microsoft Corporation) [File not signed] R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2011-03-25] (Microsoft Corporation) [File not signed] S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184832 2010-03-04] (Microsoft Corporation) [File not signed] S3 usb_rndisx; C:\Windows\System32\DRIVERS\usb8023x.sys [19968 2013-02-12] (Microsoft Corporation) [File not signed] S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed] R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed] S3 VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [21760 2009-07-14] (Microsoft Corporation) [File not signed] R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed] R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation) [File not signed] S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] (Microsoft Corporation) [File not signed] S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed] R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed] R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) [File not signed] S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed] S3 WmiAcpi; C:\Windows\system32\DRIVERS\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed] S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed] S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation) [File not signed] S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) [File not signed] U3 aftn9wj4; C:\Windows\System32\Drivers\aftn9wj4.sys [0 ] (Advanced Micro Devices) R3 cpuz136; \??\C:\Users\UKASZ~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-05 21:55 - 2014-11-05 21:56 - 00048945 _____ () C:\Users\ŁUKASZ\Desktop\FRST.txt 2014-11-05 07:50 - 2014-11-05 21:53 - 00000896 _____ () C:\Windows\PFRO.log 2014-11-04 22:17 - 2014-11-04 22:17 - 00007605 _____ () C:\Users\ŁUKASZ\AppData\Local\Resmon.ResmonCfg 2014-11-04 22:13 - 2014-11-04 22:13 - 00000000 ____D () C:\zoek_backup 2014-11-04 22:12 - 2014-11-04 22:12 - 00000000 ____D () C:\Users\ŁUKASZ\Desktop\hwmonitor_1.22-64bit 2014-11-04 21:46 - 2014-11-05 21:53 - 00000280 _____ () C:\Windows\setupact.log 2014-11-04 21:46 - 2014-11-04 21:46 - 507660581 _____ () C:\Windows\MEMORY.DMP 2014-11-04 21:46 - 2014-11-04 21:46 - 00276928 _____ () C:\Windows\Minidump\110414-21356-01.dmp 2014-11-04 21:46 - 2014-11-04 21:46 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-04 21:24 - 2014-11-05 21:55 - 00000000 ____D () C:\FRST 2014-11-04 21:22 - 2014-11-04 21:23 - 01292800 _____ () C:\Users\ŁUKASZ\Desktop\zoek.exe 2014-11-04 21:22 - 2014-11-04 21:22 - 00602112 _____ (OldTimer Tools) C:\Users\ŁUKASZ\Desktop\OTL.exe 2014-11-04 21:21 - 2014-11-04 21:22 - 02114560 _____ (Farbar) C:\Users\ŁUKASZ\Desktop\FRST64.exe 2014-11-04 20:54 - 2014-11-04 21:46 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-11-04 20:54 - 2014-11-04 20:54 - 00000999 _____ () C:\Users\ŁUKASZ\Desktop\SpeedFan.lnk 2014-11-04 20:54 - 2014-11-04 20:54 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo 2014-11-04 20:54 - 2014-11-04 20:54 - 00000000 ____D () C:\Users\ŁUKASZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-11-04 20:54 - 2014-11-04 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-11-02 19:23 - 2014-11-02 19:23 - 00007560 _____ () C:\Windows\SysWOW64\hs_err_pid1948.log 2014-10-30 08:17 - 2014-11-04 21:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-29 22:54 - 2014-11-04 21:46 - 00000000 ____D () C:\Windows\Minidump 2014-10-23 17:18 - 2014-10-30 23:25 - 00011078 _____ () C:\Users\ŁUKASZ\Desktop\Ekstra pensja.xlsx ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-05 21:55 - 2014-04-19 15:28 - 00000000 ____D () C:\Users\ŁUKASZ\AppData\Roaming\uTorrent 2014-11-05 21:53 - 2014-04-19 15:07 - 00000089 _____ () C:\AtmApInit.txt 2014-11-05 21:53 - 2014-02-16 10:43 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-05 21:53 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-05 21:52 - 2009-07-14 05:45 - 00024320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-05 21:52 - 2009-07-14 05:45 - 00024320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-05 21:32 - 2014-02-16 10:05 - 01371651 _____ () C:\Windows\WindowsUpdate.log 2014-11-05 20:38 - 2014-02-16 10:43 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-05 08:01 - 2014-04-18 13:17 - 00000000 ____D () C:\Users\ŁUKASZ\AppData\Local\Adobe 2014-11-05 07:55 - 2009-07-14 18:55 - 00738094 _____ () C:\Windows\system32\perfh015.dat 2014-11-05 07:55 - 2009-07-14 18:55 - 00154750 _____ () C:\Windows\system32\perfc015.dat 2014-11-05 07:55 - 2009-07-14 06:13 - 01662996 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-04 22:10 - 2009-07-14 06:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-11-04 20:50 - 2014-04-27 13:01 - 00000000 ____D () C:\Users\ŁUKASZ\AppData\Roaming\DAEMON Tools Pro 2014-11-04 20:47 - 2014-06-02 16:58 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-31 07:34 - 2009-07-14 05:45 - 05038136 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-31 07:33 - 2014-02-16 10:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-30 23:23 - 2014-04-19 14:17 - 00110832 _____ () C:\Users\ŁUKASZ\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-29 18:40 - 2014-02-16 10:44 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-10-23 17:00 - 2014-06-19 13:11 - 00000000 ____D () C:\ProgramData\firebird 2014-10-19 07:33 - 2014-02-16 10:43 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-10-19 07:33 - 2014-02-16 10:43 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-10-12 18:32 - 2014-07-05 19:00 - 00000544 _____ () C:\Users\ŁUKASZ\Desktop\MyPlayer.lnk 2014-10-12 18:32 - 2014-07-05 19:00 - 00000544 _____ () C:\Users\ŁUKASZ\AppData\Roaming\Microsoft\Windows\Start Menu\MyPlayer.lnk ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-27 10:27 ==================== End Of Log ============================

Kod: Zaznacz wszystko: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014 Ran by ŁUKASZ at 2014-11-05 21:57:08 Running from C:\Users\ŁUKASZ\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House) Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ) Ashampoo Burning Studio 14 v.14.0.1 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.1 - Ashampoo GmbH & Co. KG) BPW Genuine Parts (HKLM-x32\...\{24C92A38-7588-4B42-AE06-5A3BC31F0D05}) (Version: - ) Bullzip PDF Printer 10.7.0.2277 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.7.0.2277 - Bullzip) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version: - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.60 - Conexant) Consult V4 RenaultTrucks (HKLM-x32\...\Consult V4 RenaultTrucks) (Version: - ) Consult VIN (HKLM-x32\...\Consult VIN) (Version: - ) Crystal Reports for .NET Framework 2.0 (x86) (HKLM-x32\...\{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}) (Version: 10.2.0 - Business Objects) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.4.0.0377 - Disc Soft Ltd) Document_Installer (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - ) Energy Management (HKLM-x32\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.4.1.3 - Lenovo) ETK (Lokal) (HKLM-x32\...\{EC17C160-E2F0-47CC-86D4-140AE22EC38E}) (Version: 2.02.000 - BMW AG) EWA net (HKLM-x32\...\EWA net) (Version: - ) EWA_net_Admin (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_Client_Applications (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_Core (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_EPC (x32 Version: 1.00.0000 - Daimler) Hidden EWA_net_Server (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_WIS (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden EWA_net_WIS_CaseOnline_Importer (x32 Version: 1.00.0000 - DaimlerChrysler AG) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden GordonKatalog 4.2.34 (HKLM-x32\...\{42D6250E-61AA-4D78-BD16-33496CB2A42C}_is1) (Version: 4.2.34 - CatSoft) Hardlock Device Drivers (HKLM-x32\...\Hardlock Device Drivers) (Version: - ) HDVidCodec (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - hdvidcodec.com) <==== ATTENTION Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\Heroes of Might and Magic III - Złota Edycja_is1) (Version: - ) inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - ) ITEDO IsoView ActiveX Control 6.0 (HKLM-x32\...\{666C8948-D1FE-4896-9921-1BD30A1BE656}) (Version: 6.0.001 - ) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) JDownloader 0.9 (HKLM-x32\...\jdownloader09) (Version: 0.9 - AppWork GmbH) Katalog FOTA (HKLM-x32\...\Katalog Fota) (Version: - ) K-Lite Codec Pack 10.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - ) Lenovo EasyCamera (HKLM\...\Lenovo EasyCamera) (Version: 5.8.0.12 - Silicon Motion) Lenovo EasyCamera (HKLM-x32\...\{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}) (Version: 5.8.0.12 - Silicon Motion) Lexmark (HKLM-x32\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - ) Lexmark 5600-6600 Series (HKLM\...\Lexmark 5600-6600 Series) (Version: - Lexmark International, Inc.) MANTIS (HKLM-x32\...\MANTIS) (Version: - ) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation) Microsoft Access 2000 SR-1 Runtime (HKLM-x32\...\{004F0409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office XP Professional z programem FrontPage - Beta (HKLM-x32\...\{80280415-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.1 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Monopoly by Parker Brothers (HKLM-x32\...\Monopoly by Parker Brothers) (Version: 1.0.406.0 - GameHouse, Inc.) Mozilla Firefox 33.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 pl)) (Version: 33.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 pl)) (Version: 24.6.0 - Mozilla) Multi (HKLM-x32\...\{20ABF63B-BE90-4D01-B119-E277812054A9}) (Version: 6.11.3 - Scania) MyPlayer (HKLM-x32\...\MyPlayer) (Version: 2.4.1.10 - MyPortal) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) OpenFM (HKCU\...\OpenFM) (Version: 2 - GG Network S.A.) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (05/19/2009 4.4.0.1) (HKLM\...\92F4CDC794E6E4E29DC063D292D1C94F6FA1EA1E) (Version: 05/19/2009 4.4.0.1 - Lenovo) PartsRapido (HKLM-x32\...\{725136F0-5E3C-11D4-98DD-00508BCBE9C2}) (Version: - ) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Polar Daemon (HKLM-x32\...\{2BA9320D-E061-4C71-ACCB-AC0E9D4FC82B}) (Version: 2.2.20000 - Polar Electro Oy) Polar WebSync (HKLM-x32\...\{320453EE-6AEA-4E1A-8E64-72F33C0C928F}) (Version: 2.8.10006 - Polar Electro Oy) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30320 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30320 - Microsoft Corporation) SAF-HOLLAND MATERIAŁY INFORMACYJNE (CD) (PL) (HKLM-x32\...\Parts-Publisher (PL) 2418) (Version: 5.0.19.0 - ) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) SimCity 4 (HKLM-x32\...\{01339AE5-04D4-43F8-008E-13AD788DC4F7}) (Version: - ) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) SuperKat 2014-1 (HKLM-x32\...\{A27F6D0D-74F8-46B6-B2D1-908901A81AA2}_is1) (Version: - ) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH) WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) XVL Player / XVL Player Pro (HKLM-x32\...\{E95BCA9A-F9ED-48C7-AFB3-4053A0F1E02C}) (Version: 8.4a - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 29-09-2014 13:16:30 Zaplanowany punkt kontrolny 08-10-2014 15:11:06 Zaplanowany punkt kontrolny 16-10-2014 13:37:21 Zaplanowany punkt kontrolny 27-10-2014 11:10:35 Zaplanowany punkt kontrolny ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {17408453-FFF2-445C-ABD0-1B30287C5E0E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16] (Google Inc.) Task: {97793BCC-F95E-4DF6-9A70-E0CD49353212} - System32\Tasks\AdobeAAMUpdater-1.0-DOM-ŁUKASZ-ŁUKASZ => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {AD5D6561-BFCB-42A7-8029-B145E979682A} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe [2008-09-10] () Task: {AEBD0289-B46C-4282-B09C-27EB47C25B24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16] (Google Inc.) Task: {F9C69F1A-E190-4686-87E7-6A7F4D6A366B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-06-06 21:01 - 2008-05-01 01:44 - 00045568 _____ () C:\Windows\System32\LXDUPMON.DLL 2014-06-06 21:01 - 2008-09-10 10:43 - 00086016 _____ () C:\Windows\System32\LXDUOEM.DLL 2014-06-06 21:01 - 2008-09-10 10:41 - 00081408 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\ipcmt64.dll 2014-06-06 21:03 - 2008-05-23 13:17 - 00147456 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdudrpp.dll 2010-01-30 01:40 - 2010-01-30 01:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-04-19 14:18 - 2014-04-19 14:18 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe 2014-04-19 15:07 - 2009-07-15 14:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2014-04-19 15:07 - 2009-07-15 14:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2014-04-19 14:18 - 2014-04-19 14:18 - 00151552 _____ () C:\Windows\KMService.exe 2013-02-26 15:59 - 2013-02-26 15:59 - 06227512 _____ () C:\Program Files (x86)\Polar\WebSync\WebSync.exe 2012-12-12 14:20 - 2012-12-12 14:20 - 00419536 _____ () C:\Program Files (x86)\Polar\Daemon\polard.exe 2014-05-11 10:53 - 2013-06-28 16:24 - 00163840 _____ () D:\PRACA_TRUCKS\EWA net\apps\jre\private_jre\bin\server\jvm.dll 2014-04-27 13:21 - 2014-04-27 13:21 - 00135168 __RSH () C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll 2013-02-26 15:59 - 2013-02-26 15:59 - 00110648 _____ () C:\Program Files (x86)\Polar\WebSync\PTransform.dll 2010-02-10 15:06 - 2010-02-10 15:06 - 00334848 _____ () C:\Program Files (x86)\Polar\WebSync\QtXml4.dll 2011-01-14 15:01 - 2011-01-14 15:01 - 02142720 _____ () C:\Program Files (x86)\Polar\WebSync\QtCore4.dll 2013-02-26 15:59 - 2013-02-26 15:59 - 03722296 _____ () C:\Program Files (x86)\Polar\WebSync\libpolar.dll 2010-02-10 15:22 - 2010-02-10 15:22 - 07971840 _____ () C:\Program Files (x86)\Polar\WebSync\QtGui4.dll 2010-02-10 15:07 - 2010-02-10 15:07 - 00929280 _____ () C:\Program Files (x86)\Polar\WebSync\QtNetwork4.dll 2010-02-10 17:45 - 2010-02-10 17:45 - 00025600 _____ () C:\Program Files (x86)\Polar\WebSync\imageformats\qgif4.dll 2010-02-10 17:45 - 2010-02-10 17:45 - 00119808 _____ () C:\Program Files (x86)\Polar\WebSync\imageformats\qjpeg4.dll 2012-12-12 14:20 - 2012-12-12 14:20 - 03483856 _____ () C:\Program Files (x86)\Polar\Daemon\libpolar.dll 2014-05-11 10:54 - 2011-03-09 10:48 - 00036864 ____N () D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\polycsr.dll 2014-05-11 10:54 - 2011-03-09 10:48 - 00166912 ____N () D:\PRACA_TRUCKS\EWA net\database\TransBase EWA\libmcrypt.dll 2014-05-11 10:55 - 2005-03-21 15:54 - 00036864 ____N () D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\polycsr.dll 2014-05-11 10:55 - 2007-11-26 16:26 - 00166912 ____N () D:\PRACA_TRUCKS\EWA net\database\TransBase EPC\libmcrypt.dll 2014-10-30 08:17 - 2014-10-30 08:17 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2010-01-30 01:41 - 2010-01-30 01:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeBridge => MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: Lexmark 5600-6600 Series => "C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe" /s MSCONFIG\startupreg: lxduamon => "C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe" MSCONFIG\startupreg: lxdumon.exe => "C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-680891385-980522-2338184603-500 - Administrator - Disabled) Gość (S-1-5-21-680891385-980522-2338184603-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-680891385-980522-2338184603-1004 - Limited - Enabled) ŁUKASZ (S-1-5-21-680891385-980522-2338184603-1000 - Administrator - Enabled) => C:\Users\ŁUKASZ ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -583. System errors: ============= Error: (11/05/2014 09:56:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Windows Defender zakończyła działanie; wystąpił następujący błąd: %%-1906441657 Error: (11/05/2014 09:54:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 8. Error: (11/05/2014 09:54:47 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Error: (11/05/2014 09:54:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 7. Error: (11/05/2014 09:54:29 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Error: (11/05/2014 09:54:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 6. Error: (11/05/2014 09:54:24 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Error: (11/05/2014 09:54:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 5. Error: (11/05/2014 09:54:19 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147217025. Error: (11/05/2014 09:54:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 4. Microsoft Office Sessions: ========================= Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 Error: (11/05/2014 09:57:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -583 CodeIntegrity Errors: =================================== Date: 2014-11-05 21:53:30.151 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hlemu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-05 21:53:30.042 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hlemu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-05 21:53:29.901 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-05 21:53:29.792 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-05 21:53:28.606 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-05 21:53:28.497 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-05 21:53:19.683 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-05 21:53:19.621 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-05 21:49:26.726 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hlemu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-05 21:49:26.648 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hlemu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Celeron(R) Dual-Core CPU T3500 @ 2.10GHz Percentage of memory in use: 35% Total physical RAM: 4028.6 MB Available physical RAM: 2580.68 MB Total Pagefile: 8055.33 MB Available Pagefile: 6419.09 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:99.9 GB) (Free:64.21 GB) NTFS Drive d: () (Fixed) (Total:200 GB) (Free:96.27 GB) NTFS Drive e: () (Fixed) (Total:398.63 GB) (Free:26.34 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 85B685B6) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=99.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=200 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=398.6 GB) - (Type=OF Extended) ==================== End Of Log ============================

**Posty:** 4765 · przez **ordynat** 05 Lis 2014, 23:29

W nowych logach nie widzę już niczego podejrzanego, więc kończymy:
Otwórz Notatnik i wklej w nim:

DeleteQuarantine:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix.
przez SHIFT+DEL usuń pozostały folder C:\FRST

Autor postu otrzymał pochwałę

**Posty:** 8079 · przez **kajtekjr** 06 Lis 2014, 19:28

Zrobione. Dzięki :wink:

Powolny laptop

Powolny laptop

Powolny laptop

Powolny laptop

Powolny laptop

Powolny laptop

Kto jest na forum