Anonim / 3 lata temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Janek (administrator) on JANEK-PC on 09-04-2015 22:04:04
Running from C:\Users\Janek\Desktop
Loaded Profiles: Janek (Available profiles: Janek)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 9 (Default browser: Opera)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6962400 2012-12-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3075117369-627634477-1301871794-1000\...\MountPoints2: G - G:\Startme.exe
HKU\S-1-5-21-3075117369-627634477-1301871794-1000\...\MountPoints2: {88255731-158c-11e3-bd6b-d43d7e3439c7} - G:\Startme.exe
HKU\S-1-5-21-3075117369-627634477-1301871794-1000\...\MountPoints2: {ad66678b-2548-11e4-919f-d43d7e3439c7} - G:\LG_PC_Programs.exe
HKU\S-1-5-21-3075117369-627634477-1301871794-1000\...\MountPoints2: {b2393a91-7766-11e2-9e12-d43d7e3439c7} - F:\SETUP.EXE
HKU\S-1-5-21-3075117369-627634477-1301871794-1000\...\MountPoints2: {c90b9679-78f0-11e2-aac7-d43d7e3439c7} - G:\Startme.exe
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [19873896 2013-06-21] (Skype Technologies S.A.)
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll File Not Found
AppInit_DLLs:  c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3075117369-627634477-1301871794-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={2BDBFFE7-73EA-42AF-82B8-4C2513573CB9}&mid=1c870c7d845847d2b709057438d0d034-503b297b05cdc4559e3178d43142314b23fe2e0e&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-03-03 10:22:14&v=4.1.0.411&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-3075117369-627634477-1301871794-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3075117369-627634477-1301871794-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={2BDBFFE7-73EA-42AF-82B8-4C2513573CB9}&mid=1c870c7d845847d2b709057438d0d034-503b297b05cdc4559e3178d43142314b23fe2e0e&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2015-03-03 10:22:14&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-01-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-14] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2013-02-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-14] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.0.411\AVG Web TuneUp.dll [2015-03-12] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2013-02-01] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1

FireFox:
========
FF ProfilePath: C:\Users\Janek\AppData\Roaming\Mozilla\Firefox\Profiles\ey9afxhe.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: https://mysearch.avg.com/?cid={2BDBFFE7-73EA-42AF-82B8-4C2513573CB9}&mid=1c870c7d845847d2b709057438d0d034-503b297b05cdc4559e3178d43142314b23fe2e0e&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-03-03 10:22:14&v=4.1.0.411&pid=wtu&sg=&sap=hp
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-05-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-05-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.4.0\\npsitesafety.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-01-25] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-01-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Janek\AppData\Roaming\Mozilla\Firefox\Profiles\ey9afxhe.default\searchplugins\avg-secure-search.xml [2015-03-12]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-03-12]
FF Extension: AVG Web TuneUp - C:\Users\Janek\AppData\Roaming\Mozilla\Firefox\Profiles\ey9afxhe.default\Extensions\avg@toolbar [2015-03-12]
FF Extension: Gmail panel - C:\Users\Janek\AppData\Roaming\Mozilla\Firefox\Profiles\ey9afxhe.default\Extensions\gmail_panel@alejandrobrizuela.com.ar.xpi [2014-05-03]
FF Extension: Tile Tabs - C:\Users\Janek\AppData\Roaming\Mozilla\Firefox\Profiles\ey9afxhe.default\Extensions\tiletabs@DW-dev.xpi [2014-05-03]
FF Extension: Screengrab  (fix version) - C:\Users\Janek\AppData\Roaming\Mozilla\Firefox\Profiles\ey9afxhe.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2014-09-25]
FF Extension: Adblock Plus - C:\Users\Janek\AppData\Roaming\Mozilla\Firefox\Profiles\ey9afxhe.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-03]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-01]
FF HKU\S-1-5-21-3075117369-627634477-1301871794-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\Janek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Janek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-10]
CHR Extension: (Tab Scissors) - C:\Users\Janek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdochbecpfdpjobpgnacnbepkgcfhoek [2014-05-03]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Janek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]
CHR Extension: (Google Wallet) - C:\Users\Janek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR HKU\S-1-5-21-3075117369-627634477-1301871794-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Janek\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-02-10]
CHR HKU\S-1-5-21-3075117369-627634477-1301871794-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Extension: (modern scroll) - C:\Users\Janek\AppData\Roaming\Opera Software\Opera Stable\Extensions\eiinejdcihhdbdbipfapahmjndejdpjb [2014-04-21]
OPR Extension: (Gmail Checker) - C:\Users\Janek\AppData\Roaming\Opera Software\Opera Stable\Extensions\gpflmikkkdbabniaemneddnkaiocdknc [2014-02-16]
OPR Extension: (YouTube Downloader) - C:\Users\Janek\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2014-02-16]
OPR Extension: (To-Read sites) - C:\Users\Janek\AppData\Roaming\Opera Software\Opera Stable\Extensions\ocjdcfknlmpoicmjpklcofjlpnegobbb [2014-02-16]
OPR Extension: (Adblock Plus) - C:\Users\Janek\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-02-16]
OPR Extension: (Instant Translate) - C:\Users\Janek\AppData\Roaming\Opera Software\Opera Stable\Extensions\ollghamalkmmhboihmhoaaobmamehjgn [2014-12-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 vToolbarUpdater18.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [1875480 2015-03-03] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-03-12] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-02-25] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-15] (DT Soft Ltd)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2013-03-05] (Realtek Semiconductor Corporation                           )
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106408 2012-12-19] (Oracle Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 22:04 - 2015-04-09 22:05 - 00016276 _____ () C:\Users\Janek\Desktop\FRST.txt
2015-04-09 22:03 - 2015-04-09 22:04 - 00000000 ____D () C:\FRST
2015-04-09 22:03 - 2015-04-09 22:03 - 02095616 _____ (Farbar) C:\Users\Janek\Desktop\FRST64.exe
2015-04-09 21:48 - 2015-04-09 21:52 - 00009508 _____ () C:\Users\Janek\Desktop\hijackthis.log
2015-04-09 21:47 - 2015-04-09 21:47 - 00388608 _____ (Trend Micro Inc.) C:\Users\Janek\Desktop\HijackThis.exe
2015-04-09 20:26 - 2015-04-09 21:19 - 00014492 _____ () C:\Windows\WindowsUpdate.log
2015-04-09 19:44 - 2015-04-09 21:37 - 00000168 _____ () C:\Windows\setupact.log
2015-04-09 19:44 - 2015-04-09 19:44 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-09 18:04 - 2015-04-09 18:04 - 00000448 _____ () C:\Windows\Tasks\Opera scheduled Autoupdate 1392575945.job
2015-04-08 19:32 - 2015-04-09 21:31 - 00000435 _____ () C:\Windows\system32\avgrep.txt
2015-03-27 22:11 - 2015-03-28 11:21 - 23590897 _____ () C:\Users\Janek\Desktop\kandydaci.psd
2015-03-25 21:41 - 2015-03-25 21:41 - 36010783 _____ () C:\Users\Janek\Desktop\elektorat.psd
2015-03-25 19:44 - 2015-04-09 20:49 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 19:44 - 2015-03-25 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 19:44 - 2015-03-25 19:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 19:44 - 2014-11-21 07:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-25 19:44 - 2014-11-21 07:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-03-22 21:51 - 2015-03-26 21:54 - 00000492 _____ () C:\Users\Janek\Desktop\publikacje.txt
2015-03-19 20:02 - 2015-03-31 20:46 - 00000000 ____D () C:\Users\Janek\Desktop\Staż
2015-03-14 19:25 - 2015-03-14 19:25 - 00000000 ____D () C:\Users\Janek\AppData\Roaming\AceWebExtension
2015-03-12 23:04 - 2015-03-12 23:04 - 00000000 ____D () C:\ProgramData\Avg_Update_0215tb

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 22:05 - 2013-02-15 15:13 - 00000000 ____D () C:\Users\Janek\AppData\Roaming\HaoZip
2015-04-09 21:37 - 2013-09-01 14:13 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-09 21:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-09 21:20 - 2014-10-19 18:35 - 00000000 ____D () C:\Users\Janek\AppData\Roaming\.ACEStream
2015-04-09 21:20 - 2014-10-19 18:33 - 00000000 ____D () C:\Users\Janek\AppData\Roaming\ACEStream
2015-04-09 20:47 - 2014-05-16 16:23 - 06426112 ___SH () C:\Users\Janek\Desktop\Thumbs.db
2015-04-09 20:43 - 2013-02-16 15:18 - 00007605 _____ () C:\Users\Janek\AppData\Local\Resmon.ResmonCfg
2015-04-09 20:32 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-09 20:31 - 2009-07-14 06:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-09 20:31 - 2009-07-14 06:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-09 20:19 - 2013-12-08 15:23 - 00000000 ___RD () C:\Users\Janek\Dysk Google
2015-04-09 19:34 - 2010-11-21 14:53 - 00739694 _____ () C:\Windows\system32\perfh015.dat
2015-04-09 19:34 - 2010-11-21 14:53 - 00155268 _____ () C:\Windows\system32\perfc015.dat
2015-04-09 19:34 - 2009-07-14 07:13 - 01668226 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 18:28 - 2014-12-10 13:35 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2015-04-09 18:28 - 2014-02-10 13:52 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-09 18:15 - 2013-09-01 14:13 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-09 18:04 - 2013-02-15 12:43 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-09 17:56 - 2014-11-23 12:16 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-08 19:13 - 2014-09-19 17:12 - 00000000 ____D () C:\Users\Janek\AppData\Local\Avg2015
2015-04-08 18:37 - 2014-05-01 18:43 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-03-31 20:28 - 2014-09-19 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-28 11:21 - 2013-04-07 21:33 - 00000132 _____ () C:\Users\Janek\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
2015-03-25 19:46 - 2009-03-30 00:08 - 00000000 ____D () C:\Program Files\Radio Mobile
2015-03-25 19:44 - 2014-01-29 15:34 - 00000000 ____D () C:\Users\Janek\AppData\Roaming\Malwarebytes
2015-03-25 19:44 - 2014-01-29 15:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-25 19:43 - 2014-09-22 13:17 - 00000000 ____D () C:\Users\Janek\AppData\Local\OpenFM
2015-03-25 19:39 - 2015-02-09 23:35 - 00000000 ____D () C:\Users\Janek\AppData\Local\CrashDumps
2015-03-25 19:39 - 2013-02-15 14:43 - 00000000 ____D () C:\Users\Janek\AppData\Roaming\Media Player Classic
2015-03-18 21:52 - 2014-11-23 12:16 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-18 21:52 - 2013-02-15 19:56 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-18 21:52 - 2013-02-15 19:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-18 15:52 - 2014-06-03 20:09 - 00003872 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1392575945
2015-03-18 11:55 - 2014-03-05 20:56 - 00000000 ____D () C:\WebServ
2015-03-15 18:14 - 2013-12-08 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-03-12 23:05 - 2014-12-10 13:35 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp

==================== Files in the root of some directories =======

2014-02-13 17:14 - 2014-02-14 14:09 - 0002195 _____ () C:\Users\Janek\AppData\Roaming\LiveSupport.exe_log.txt
2015-02-26 19:31 - 2015-02-26 19:31 - 0000132 _____ () C:\Users\Janek\AppData\Roaming\Preferencje Adobe CS5 dla formatu AIFF
2013-04-07 21:33 - 2015-03-28 11:21 - 0000132 _____ () C:\Users\Janek\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
2014-02-13 17:14 - 2014-02-14 14:09 - 0000092 _____ () C:\Users\Janek\AppData\Roaming\regsvr32.exe_log.txt
2013-04-07 21:40 - 2015-02-10 15:12 - 0001496 _____ () C:\Users\Janek\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
2014-05-30 16:09 - 2014-05-30 16:09 - 0000141 _____ () C:\Users\Janek\AppData\Local\BronNetDomList.bat
2014-03-29 17:59 - 2014-03-29 17:59 - 0005325 _____ () C:\Users\Janek\AppData\Local\JunkAtx18.bin
2014-03-29 17:56 - 2014-03-29 17:56 - 0000051 _____ () C:\Users\Janek\AppData\Local\Kosong.Bron.Tok.txt
2013-02-16 15:18 - 2015-04-09 20:43 - 0007605 _____ () C:\Users\Janek\AppData\Local\Resmon.ResmonCfg
2014-06-01 17:35 - 2014-06-01 17:38 - 0001257 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-25 18:35

==================== End Of Log ============================