FRST.txt

Re: Advertising Support (reklamy)

Proszę FRST i Addition.


Download file - link to post

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-05-2015
Ran by Dawid (administrator) on DAWID-PC on 13-05-2015 18:21:22
Running from C:\Users\Dawid\Desktop
Loaded Profiles: Dawid (Available profiles: Dawid)
Platform: Microsoft(R) Windows Vista(TM) Home Premium Service Pack 2 (X86) OS Language: Polski (Polska)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [avgnt] = & gt; C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153 2009-03-02] (Avira GmbH)
HKLM\...\Run: [GrooveMonitor] = & gt; C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] = & gt; C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [Windows Defender] = & gt; C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [fst_pl_136] = & gt; [X]
HKLM\...\Run: [t4pc_en_6] = & gt; [X]
HKLM\...\Run: [RtHDVCpl] = & gt; C:\Windows\RtHDVCpl.exe [6037504 2008-07-18] (Realtek Semiconductor)
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] = & gt; C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG)
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...\Run: [ehTray.exe] = & gt; C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...\Run: [Skype] = & gt; C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...\Run: [Steam] = & gt; D:\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...\MountPoints2: {42611c2d-0351-11e4-841b-001e33a418be} - F:\LGAutoRun.exe
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...\MountPoints2: {445fd05d-83e4-11e2-a0a9-001e33a418be} - F:\Startme.exe
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...\MountPoints2: {45459d83-f351-11e1-b0b0-001e33a418be} - F:\Autorun.exe
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...\MountPoints2: {45459d87-f351-11e1-b0b0-001e33a418be} - G:\RunGame.exe
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...\MountPoints2: {45459daf-f351-11e1-b0b0-001e33a418be} - F:\Autorun.exe
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...\MountPoints2: {b09a901d-2ee2-11e0-8f63-001e33a418be} - F:\Startme.exe
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...\MountPoints2: {fe26464b-db81-11e0-aaa1-001e33a418be} - F:\Install.exe
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...\MountPoints2: {fe26464d-db81-11e0-aaa1-001e33a418be} - G:\Install.exe
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ==== & gt; ZeroAccess?
HKU\S-1-5-21-2784365699-247060406-3865911345-1000\...A8F59079A8D5}\localserver32: & lt; ==== ATTENTION!
Startup: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2011-02-02]
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - & gt; C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; No File
BootExecute: autocheck autochk * aswBoot.exe /M:3e8a9ba61b /dir: " C:\Program Files\AVAST Software\Avast "
AlternateShell:
GroupPolicy: Group Policy on Chrome detected & lt; ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction & lt; ======= ATTENTION
CHR HKU\S-1-5-21-2784365699-247060406-3865911345-1000\SOFTWARE\Policies\Google: Policy restriction & lt; ======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120140908
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
URLSearchHook: HKLM - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKU\.DEFAULT - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2784365699-247060406-3865911345-1000 - & gt; ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
BHO: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-29] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-29] (Oracle Corporation)
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 208.67.220.220 8.8.4.4 192.168.1.252

FireFox:
========
FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\5tf1s1ul.default-1431528717727
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-19] ()
FF Plugin: @adobe.com/ShockwavePlayer - & gt; C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - & gt; C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-06-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - & gt; C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-06-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - & gt; C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame - & gt; C:\ProgramData\NexonEU\NGM\npnxgameEU.dll No File
FF Plugin: @pandonetworks.com/PandoWebPlugin - & gt; C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader - & gt; C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-01-28]

Chrome:
=======
CHR dev: Chrome dev build detected! & lt; ======= ATTENTION
CHR HKLM\...\Chrome\Extension: [cghopidkpepfbblompnklhpbbpanocha] - C:\Users\Dawid\AppData\Local\Temp\cghopidkpepfbblompnklhpbbpanocha.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [naipdapbimiiikbbgjcpbgmfhnlbagpj] - C:\Users\Dawid\AppData\Local\Temp\naipdapbimiiikbbgjcpbgmfhnlbagpj.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289 2009-05-13] (Avira GmbH) [File not signed]
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089 2009-07-21] (Avira GmbH) [File not signed]
S3 npggsvc; C:\Windows\system32\GameMon.des [3889424 2011-08-01] (INCA Internet Co., Ltd.) [File not signed]
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgio; C:\Program Files\Avira\AntiVir Desktop\avgio.sys [11608 2009-02-13] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [56816 2011-02-02] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [96104 2009-03-30] (Avira GmbH)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 msloop; C:\Windows\System32\DRIVERS\loop.sys [6656 2008-01-21] (Microsoft Corporation)
R0 PxHelp20; C:\Windows\System32\DRIVERS\PxHelp20.sys [20016 2003-10-28] (Sonic Solutions) [File not signed]
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2009-11-19] (MCCI Corporation)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [642560 2012-05-03] (Duplex Secure Ltd.) [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-05-11] (Avira GmbH)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 18:21 - 2015-05-13 18:23 - 00012466 _____ () C:\Users\Dawid\Desktop\FRST.txt
2015-05-13 18:19 - 2015-05-13 18:19 - 00012873 _____ () C:\Users\Dawid\Desktop\AdwCleaner[S2].txt
2015-05-13 18:15 - 2015-05-13 18:15 - 02209792 _____ () C:\Users\Dawid\Desktop\adwcleaner_4.204.exe
2015-05-13 17:33 - 2015-05-13 18:21 - 00000000 ____D () C:\FRST
2015-05-13 17:32 - 2015-05-13 17:32 - 01141248 _____ (Farbar) C:\Users\Dawid\Desktop\FRST.exe
2015-05-13 17:03 - 2015-05-13 17:03 - 00602112 _____ (OldTimer Tools) C:\Users\Dawid\Desktop\OTL.exe
2015-05-13 16:46 - 2015-05-13 18:19 - 00001450 _____ () C:\Windows\PFRO.log
2015-05-13 16:30 - 2015-05-13 16:52 - 00000000 ____D () C:\Users\Dawid\Desktop\Stare dane programu Firefox
2015-05-13 15:40 - 2015-05-13 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX
2015-05-13 15:40 - 2015-05-13 15:40 - 00000000 ____D () C:\Program Files\Common Files\Digidesign
2015-05-13 14:59 - 2015-05-13 16:10 - 00000000 ____D () C:\Users\Dawid\Downloads\ReFX.Nexus.v2.2.VSTi.RTAS.DVDR-AiRISO
2015-05-13 14:41 - 2015-05-13 14:42 - 00000000 ____D () C:\Program Files\Softcomp Software
2015-05-10 17:04 - 2015-05-10 17:05 - 00000572 _____ () C:\Users\Dawid\celownik.cfg
2015-05-02 16:12 - 2015-05-10 15:09 - 03970894 _____ () C:\Users\Dawid\Desktop\Dziewczyna taka jak ta.flp
2015-04-22 22:43 - 2015-05-09 17:49 - 05051763 _____ () C:\Users\Dawid\Desktop\Soleo - Zaczepka, Taylor Swift.flp
2015-04-21 13:59 - 2015-04-21 14:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-16 13:08 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-16 13:07 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 13:00 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 13:00 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-16 12:59 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 12:59 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-16 12:59 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 14:42 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 14:42 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 14:42 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 14:42 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 14:42 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 14:42 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 14:42 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 14:42 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-15 14:42 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 14:42 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 14:42 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 14:42 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 14:42 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 14:42 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 14:42 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-15 14:42 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-15 14:42 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-15 14:41 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 14:41 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 14:41 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 14:41 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 14:41 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 21:12 - 2015-04-14 21:12 - 00001415 _____ () C:\Users\Dawid\Documents\SAJGONKI.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 18:22 - 2011-02-02 15:41 - 00000000 ____D () C:\Users\Dawid\AppData\Roaming\Skype
2015-05-13 18:19 - 2011-02-03 19:35 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 18:19 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-13 18:19 - 2006-11-02 14:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 18:19 - 2006-11-02 14:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 18:18 - 2014-03-20 17:23 - 01083312 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 18:18 - 2013-10-15 23:17 - 00000000 ____D () C:\AdwCleaner
2015-05-13 18:18 - 2013-07-23 11:04 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-13 18:18 - 2011-02-01 17:12 - 00000949 _____ () C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-13 18:18 - 2011-02-01 17:12 - 00000000 ____D () C:\Users\Dawid
2015-05-13 18:18 - 2006-11-02 15:01 - 00032562 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-13 17:28 - 2011-02-03 19:35 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 16:50 - 2006-11-02 14:47 - 00372728 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-10 22:03 - 2011-02-05 09:14 - 00000119 _____ () C:\Users\Dawid\AppData\default.pls
2015-05-10 16:15 - 2015-03-26 14:39 - 00000000 ____D () C:\Users\Dawid\Desktop\Projekt FLP
2015-05-02 10:39 - 2015-02-09 23:13 - 00000076 _____ () C:\Users\Dawid\Desktop\Serwerki.txt
2015-04-26 10:13 - 2015-04-07 20:49 - 00000000 ____D () C:\Users\Dawid\Desktop\Muzyka 2015
2015-04-23 16:08 - 2008-01-21 08:24 - 01608124 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-23 16:08 - 2008-01-21 08:24 - 00712224 _____ () C:\Windows\system32\perfh015.dat
2015-04-23 16:08 - 2008-01-21 08:24 - 00150178 _____ () C:\Windows\system32\perfc015.dat
2015-04-22 20:51 - 2015-02-12 22:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-19 17:18 - 2013-03-19 18:37 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-19 17:18 - 2011-07-31 16:40 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-16 13:23 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-16 13:07 - 2011-02-02 15:24 - 00000000 ____D () C:\ProgramData\Microsoft Help

==================== Files in the root of some directories =======

2014-03-18 23:49 - 2014-04-25 19:50 - 0056023 _____ () C:\Users\Dawid\AppData\Roaming\Java(TM) Platform SE Auto Updater.jar
2014-06-22 14:18 - 2014-06-22 14:18 - 0000042 _____ () C:\Users\Dawid\AppData\Roaming\WB.CFG
2012-04-12 14:37 - 2014-07-22 11:49 - 0000552 _____ () C:\Users\Dawid\AppData\Local\d3d8caps.dat
2011-02-01 17:12 - 2015-02-08 00:07 - 0001356 _____ () C:\Users\Dawid\AppData\Local\d3d9caps.dat
2011-02-02 13:51 - 2011-06-06 21:05 - 0009728 _____ () C:\Users\Dawid\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-20 23:53 - 2014-06-20 23:53 - 0623616 _____ (Click Me In Limited) C:\Users\Dawid\AppData\Local\nseCD8B.tmp
2014-06-22 14:38 - 2014-06-22 14:38 - 0623616 _____ (Click Me In Limited) C:\Users\Dawid\AppData\Local\nsp8E8E.tmp
2011-03-05 21:43 - 2011-03-05 23:52 - 0000600 _____ () C:\Users\Dawid\AppData\Local\PUTTY.RND
2013-06-04 20:27 - 2013-06-04 20:27 - 0001457 _____ () C:\Users\Dawid\AppData\Local\recently-used.xbel
2011-10-20 17:32 - 2011-10-20 17:32 - 0000000 _____ () C:\Users\Dawid\AppData\Local\{79FA99EE-9814-4AF1-9B07-C75B189BE5E3}
2011-06-05 11:31 - 2011-06-05 11:31 - 0000000 _____ () C:\Users\Dawid\AppData\Local\{F04F8A3E-8C62-4B25-B03C-3C4981E04B51}
2011-02-03 19:36 - 2011-02-03 19:36 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2014-12-21 20:36 - 2014-12-21 20:36 - 0148736 _____ (Avanquest Software) C:\ProgramData\hpe9E18.dll

Files to move or delete:
====================
C:\ProgramData\hpe9E18.dll


Some content of TEMP:
====================
C:\Users\Dawid\AppData\Local\Temp\Quarantine.exe
C:\Users\Dawid\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe = & gt; File is digitally signed
C:\Windows\system32\winlogon.exe = & gt; File is digitally signed
C:\Windows\system32\wininit.exe = & gt; File is digitally signed
C:\Windows\system32\svchost.exe = & gt; File is digitally signed
C:\Windows\system32\services.exe = & gt; File is digitally signed
C:\Windows\system32\User32.dll = & gt; File is digitally signed
C:\Windows\system32\userinit.exe = & gt; File is digitally signed
C:\Windows\system32\rpcss.dll = & gt; File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys = & gt; File is digitally signed


LastRegBack: 2015-05-13 18:26

==================== End Of Log ============================

 Search on offer
Close 
Search 200 000 TME products