Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-08-2013 Ran by WILO (administrator) on 29-08-2013 22:51:33 Running from C:\Users\WILO\Downloads Windows 7 Ultimate Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 10 Boot Mode: Safe Mode (with Networking) ==================== Could not list processes =============== ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-23] (Realtek Semiconductor) HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2008-07-29] () HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation) HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software) HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.) HKLM\...\Runonce: [Del1272765] - cmd.exe /Q /D /c del "C:\Users\WILO\AppData\Local\Temp\0.del" [x] HKCU\...\Run: [Sony PC Companion] - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony) HKCU\...\Run: [NTRedirect] - C:\Users\WILO\AppData\Roaming\BabSolution\Shared\enhancedNT.dll [187888 2013-08-22] () HKCU\...\Runonce: [Del1272765] - cmd.exe /Q /D /c del "C:\Users\WILO\AppData\Local\Temp\0.del" [x] MountPoints2: {557f6b29-ca6b-11e0-a25f-001b24418303} - G:\Startme.exe MountPoints2: {8c79a2cc-9e53-11df-b77e-001b24418303} - F:\Installer.exe MountPoints2: {9855b509-d5b3-11e2-8b80-001b24418303} - G:\LGAutoRun.exe MountPoints2: {98fdee6b-9400-11e0-ad9b-001b24418303} - F:\Razor1911_Installer.exe Startup: C:\Users\WILO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\unuuqscgwoknyijugfd.lnk ShortcutTarget: unuuqscgwoknyijugfd.lnk -> C:\Users\WILO\AppData\Local\Temp\dfgujiynkowgcsquunu.bfg (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=74EF0013E824E803&affID=119357&tsp=4989 SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=74EF0013E824E803&affID=119357&tsp=4989 BHO: WebConnect - {2316c625-b487-4410-a1a5-ff040b65245f} - C:\Program Files\WebConnect\WebConnectbho.dll (Web Connect) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com) BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com) DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 193.17.174.5 193.17.174.26 Chrome: ======= CHR RestoreOnStartup: "hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=74EF0013E824E803&affID=119357&tsp=4989" CHR Extension: (YouTube) - C:\Users\WILO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\WILO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (vshare plugin) - C:\Users\WILO\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0 CHR Extension: (Gmail) - C:\Users\WILO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\WILO\AppData\Roaming\BabSolution\CR\Delta.crx CHR HKLM\...\Chrome\Extension: [ieakfmpjhljbpbfpldjkddkjmmgjmgon] - C:\Program Files\WebConnect\ieakfmpjhljbpbfpldjkddkjmmgjmgon.crx CHR HKLM\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files\vShare.tv plugin\vshareplg.crx ========================== Services (Whitelisted) ================= S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software) S2 ProtexisLicensing; C:\Program Files\Common Files\Protexis\License Service\PSIService.exe [174656 2006-11-02] () S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) S2 Update WebConnect; C:\Program Files\WebConnect\updateWebConnect.exe [206632 2013-08-27] (WebConnect) S3 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2001-11-12] (X10) S2 Winmgmt; C:\PROGRA~2\dfgujiynkowgcsquunu.bfg [x] ==================== Drivers (Whitelisted) ==================== S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software) R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software) S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software) S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] () S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-27] (AVAST Software) S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-27] (AVAST Software) S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software) S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-27] () R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-10-12] (Samsung Electronics Co., Ltd.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-06-11] (DT Soft Ltd) S3 PYCH_CoreDriver; C:\Windows\System32\drivers\PYCH_CoreDriver.sys [200072 2012-06-05] (Jungo) S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation) S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation) S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation) S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation) S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation) S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation) S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-08-02] (Duplex Secure Ltd.) S2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-10-12] (Samsung Electronics) R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation) R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [7040 2005-11-28] (X10 Wireless Technology, Inc.) S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [17792 2005-05-19] (X10 Wireless Technology, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-29 22:51 - 2013-08-29 22:51 - 00000000 ____D C:\Users\WILO\AppData\Roaming\Delta 2013-08-29 22:51 - 2013-08-29 22:51 - 00000000 ____D C:\Users\WILO\AppData\Roaming\BabSolution 2013-08-29 22:51 - 2013-08-29 22:51 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-08-29 22:51 - 2013-08-29 22:51 - 00000000 ____D C:\Program Files\Delta 2013-08-29 22:51 - 2013-08-29 22:51 - 00000000 ____D C:\FRST 2013-08-29 22:50 - 2013-08-29 22:50 - 01072975 _____ (Farbar) C:\Users\WILO\Downloads\FRST.exe 2013-08-29 22:49 - 2013-08-29 22:49 - 00358571 _____ (Farbar) C:\Users\WILO\Downloads\FSS (1).exe 2013-08-29 22:48 - 2013-08-29 22:49 - 00000000 ____D C:\Program Files\WebConnect 2013-08-29 22:48 - 2013-08-29 22:48 - 00000957 _____ C:\Users\WILO\Desktop\MiPony.lnk 2013-08-29 22:48 - 2013-08-29 22:48 - 00000000 ____D C:\Users\WILO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony 2013-08-29 22:48 - 2013-08-29 22:48 - 00000000 ____D C:\Users\WILO\AppData\Roaming\DSite 2013-08-29 22:48 - 2013-08-29 22:48 - 00000000 ____D C:\Users\WILO\AppData\Roaming\Babylon 2013-08-29 22:48 - 2013-08-29 22:48 - 00000000 ____D C:\ProgramData\Babylon 2013-08-29 22:48 - 2013-08-29 22:48 - 00000000 ____D C:\Program Files\MiPony 2013-08-29 22:47 - 2013-08-29 22:47 - 00669928 _____ C:\Users\WILO\Downloads\DownloadManagerSetup.exe 2013-08-29 22:43 - 2013-08-29 22:43 - 00076508 _____ C:\Users\WILO\Downloads\Extras.Txt 2013-08-29 22:41 - 2013-08-29 22:43 - 00065840 _____ C:\Users\WILO\Downloads\OTL.Txt 2013-08-29 22:33 - 2013-08-29 22:33 - 00602112 _____ (OldTimer Tools) C:\Users\WILO\Downloads\OTL.exe 2013-08-29 18:32 - 2013-08-29 18:33 - 00000000 ____D C:\Users\WILO\Desktop\wlodek 2013-08-15 10:56 - 2013-08-15 11:00 - 00000000 ____D C:\Windows\system32\MRT 2013-08-15 10:48 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-15 10:48 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-15 10:48 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-15 10:48 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-15 10:48 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-15 10:48 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-15 10:48 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-15 10:48 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-15 10:48 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-08-15 10:48 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-15 10:48 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-15 10:48 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-15 10:48 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-15 10:48 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-15 10:48 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-15 10:48 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-15 09:18 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-15 09:17 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-15 09:17 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-15 09:17 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2013-08-15 09:17 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-08-15 09:17 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-08-15 09:17 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-15 09:17 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-15 09:17 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-15 09:17 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-15 09:17 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-15 09:17 - 2013-06-15 05:40 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2013-08-15 09:17 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-08-10 17:01 - 2013-08-10 18:07 - 00000000 ____D C:\Users\WILO\Desktop\do wywołania 10082013 2013-08-01 13:51 - 2013-08-01 13:52 - 00001639 _____ C:\Users\WILO\Downloads\License.avastlic ==================== One Month Modified Files and Folders ======= 2013-08-29 22:51 - 2013-08-29 22:51 - 00000000 ____D C:\Users\WILO\AppData\Roaming\Delta 2013-08-29 22:51 - 2013-08-29 22:51 - 00000000 ____D C:\Users\WILO\AppData\Roaming\BabSolution 2013-08-29 22:51 - 2013-08-29 22:51 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-08-29 22:51 - 2013-08-29 22:51 - 00000000 ____D C:\Program Files\Delta 2013-08-29 22:51 - 2013-08-29 22:51 - 00000000 ____D C:\FRST 2013-08-29 22:50 - 2013-08-29 22:50 - 01072975 _____ (Farbar) C:\Users\WILO\Downloads\FRST.exe 2013-08-29 22:49 - 2013-08-29 22:49 - 00358571 _____ (Farbar) C:\Users\WILO\Downloads\FSS (1).exe 2013-08-29 22:49 - 2013-08-29 22:48 - 00000000 ____D C:\Program Files\WebConnect 2013-08-29 22:48 - 2013-08-29 22:48 - 00000957 _____ C:\Users\WILO\Desktop\MiPony.lnk 2013-08-29 22:48 - 2013-08-29 22:48 - 00000000 ____D C:\Users\WILO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony 2013-08-29 22:48 - 2013-08-29 22:48 - 00000000 ____D C:\Users\WILO\AppData\Roaming\DSite 2013-08-29 22:48 - 2013-08-29 22:48 - 00000000 ____D C:\Users\WILO\AppData\Roaming\Babylon 2013-08-29 22:48 - 2013-08-29 22:48 - 00000000 ____D C:\ProgramData\Babylon 2013-08-29 22:48 - 2013-08-29 22:48 - 00000000 ____D C:\Program Files\MiPony 2013-08-29 22:47 - 2013-08-29 22:47 - 00669928 _____ C:\Users\WILO\Downloads\DownloadManagerSetup.exe 2013-08-29 22:43 - 2013-08-29 22:43 - 00076508 _____ C:\Users\WILO\Downloads\Extras.Txt 2013-08-29 22:43 - 2013-08-29 22:41 - 00065840 _____ C:\Users\WILO\Downloads\OTL.Txt 2013-08-29 22:33 - 2013-08-29 22:33 - 00602112 _____ (OldTimer Tools) C:\Users\WILO\Downloads\OTL.exe 2013-08-29 22:23 - 2010-12-26 21:33 - 00001028 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-29 22:23 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-29 22:23 - 2009-07-14 06:39 - 00176638 _____ C:\Windows\setupact.log 2013-08-29 22:22 - 2010-07-30 18:46 - 01977682 _____ C:\Windows\WindowsUpdate.log 2013-08-29 21:50 - 2010-12-26 21:33 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-29 21:48 - 2012-03-31 11:29 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-29 21:19 - 2013-05-21 17:50 - 00000000 ____D C:\Users\WILO\AppData\Roaming\vlc 2013-08-29 18:33 - 2013-08-29 18:32 - 00000000 ____D C:\Users\WILO\Desktop\wlodek 2013-08-29 17:03 - 2009-07-14 06:34 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-29 17:03 - 2009-07-14 06:34 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-25 22:02 - 2010-08-01 21:38 - 00000000 ____D C:\Users\WILO\AppData\Roaming\uTorrent 2013-08-25 00:02 - 2010-08-01 21:39 - 00000000 ____D C:\INTERNET 2013-08-23 16:29 - 2010-07-30 18:59 - 01671240 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-23 16:29 - 2009-07-14 10:07 - 00741328 _____ C:\Windows\system32\perfh015.dat 2013-08-23 16:29 - 2009-07-14 10:07 - 00155892 _____ C:\Windows\system32\perfc015.dat 2013-08-20 17:55 - 2012-03-31 11:29 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-08-20 17:55 - 2011-05-16 16:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-08-15 23:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache 2013-08-15 20:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-08-15 18:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL 2013-08-15 11:00 - 2013-08-15 10:56 - 00000000 ____D C:\Windows\system32\MRT 2013-08-15 10:56 - 2010-08-15 19:33 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-08-15 10:55 - 2010-08-01 20:59 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-08-10 18:07 - 2013-08-10 17:01 - 00000000 ____D C:\Users\WILO\Desktop\do wywołania 10082013 2013-08-10 16:39 - 2013-04-21 17:02 - 00000000 ____D C:\WIkTORIA 2013-08-10 16:32 - 2013-06-29 12:03 - 00000000 ____D C:\Users\WILO\Desktop\CHrzest wiki2013 2013-08-10 16:23 - 2013-04-28 09:23 - 00000000 ____D C:\Users\WILO\Desktop\WILO RÓZNE 2013-08-04 09:09 - 2010-07-30 20:02 - 00024922 _____ C:\Windows\PFRO.log 2013-08-03 11:12 - 2010-12-17 18:23 - 00000000 ____D C:\Program Files\Sony Ericsson 2013-08-01 13:52 - 2013-08-01 13:51 - 00001639 _____ C:\Users\WILO\Downloads\License.avastlic Files to move or delete: ==================== C:\Windows\System32\mctadmin.exe C:\Users\WILO\5736661.exe C:\Users\WILO\6677748.exe C:\Users\WILO\AppData\Local\Temp\RtkBtMnt.exe C:\Users\WILO\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.165_NetStorage.exe C:\Users\WILO\AppData\Local\Temp\nst9CBD.tmp\Time.dll C:\Users\WILO\AppData\Local\Temp\nst9CBC.tmp\Time.dll C:\Users\WILO\AppData\Local\Temp\nse9BC3.tmp\Time.dll C:\Users\WILO\AppData\Local\Temp\is357113909\DeltaTB.exe C:\Users\WILO\AppData\Local\Temp\is357113909\DownloadManagerV2.exe C:\Users\WILO\AppData\Local\Temp\is357113909\uninstaller.exe C:\Users\WILO\AppData\Local\Temp\is357113909\WebConnect.exe C:\Users\WILO\AppData\Local\Temp\G\LGAutoRun.exe C:\Users\WILO\AppData\Local\Temp\G\P5_LGPsLvDlChk.dll C:\Users\WILO\AppData\Local\Temp\G\SendScsiCmd.dll C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\BabMaint.exe C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\BExternal.dll C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\BUSolForMontiera.dll C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\BUSolution.dll C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\ccp.exe C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\ChromeToolbarSetup.dll C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\CrxInstaller.dll C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\enhancedNT.dll C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\GUninstaller.exe C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\IEHelper.dll C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\MntrDLLInstall.dll C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\MyDeltaTB.exe C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\Setup.exe C:\Users\WILO\AppData\Local\Temp\F85C766F-BAB0-7891-9A4C-C46932654638\Latest\sqlite3.dll C:\Users\WILO\AppData\Local\Temp\ckz_H77L\mp_app_setup.exe C:\Users\WILO\AppData\Local\Temp\ckz_H77L\_ISource40.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-22 18:08 ==================== End Of Log ============================