Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02 Ran by Vip (administrator) on VIP-KOMPUTER on 29-06-2014 11:24:34 Running from C:\Users\Vip\Downloads Platform: Windows 7 Ultimate (X64) OS Language: Polski (Polska) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.) C:\Users\Vip\AppData\Roaming\PLAY ONLINE\ouc.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\Greener Web\bin\utilGreenerWeb.exe () C:\Program Files (x86)\Greener Web\bin\GreenerWeb.BrowserAdapter.exe () C:\Program Files (x86)\Greener Web\bin\GreenerWeb.PurBrowse64.exe () C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-06] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-278523930-4177261717-2794273813-1000\...\Run: [HW_OPENEYE_OUC_PLAY ONLINE] => C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [110592 2009-04-14] (Huawei Technologies Co., Ltd.) HKU\S-1-5-21-278523930-4177261717-2794273813-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-278523930-4177261717-2794273813-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-278523930-4177261717-2794273813-1000\...\MountPoints2: {34cc18ea-4b7e-11e3-a9e6-001c7b2c81c7} - F:\AutoRun.exe HKU\S-1-5-21-278523930-4177261717-2794273813-1000\...\MountPoints2: {34cc18fa-4b7e-11e3-a9e6-001c7b2c81c7} - F:\AutoRun.exe HKU\S-1-5-21-278523930-4177261717-2794273813-1000\...\MountPoints2: {fc4cb898-7b85-11e3-9c9b-001c7b2c81c7} - F:\AutoRun.exe HKU\S-1-5-21-278523930-4177261717-2794273813-1000\...\MountPoints2: {fc4cb8a5-7b85-11e3-9c9b-001c7b2c81c7} - F:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=180&d=20140621 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=180&d=20140621 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=180&d=20140621 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" No File BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Greener Web - {1973d53b-7311-45d7-8270-f44571c041a0} - C:\Program Files (x86)\Greener Web\GreenerWebbho.dll (Greener Web) BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" No File Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {FC11A119-C2F7-46F4-9E32-937ABA26816E} file:///E:/CDVIEWER/CdViewer.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{2C66C418-7107-411C-A6AD-CBC79E4BEEAC}: [NameServer]208.67.222.222,208.67.220.220 Tcpip\..\Interfaces\{83E573B3-C2BB-47CB-B21D-E8625C3A8614}: [NameServer]89.108.202.20 89.108.195.20 FireFox: ======== FF ProfilePath: C:\Users\Vip\AppData\Roaming\Mozilla\Firefox\Profiles\nfp7mmdz.default FF Homepage: hxxp://www.gazeta.pl/0,0.html?p=180&d=20140621 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: ======= CHR HomePage: hxxp://www.google.pl/ CHR Extension: (Dokumenty Google) - C:\Users\Vip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-09] CHR Extension: (Dysk Google) - C:\Users\Vip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-09] CHR Extension: (YouTube) - C:\Users\Vip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-09] CHR Extension: (Szukaj w Google) - C:\Users\Vip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-09] CHR Extension: (AdBlock) - C:\Users\Vip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-04] CHR Extension: (Google Wallet) - C:\Users\Vip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-09] CHR Extension: (Gmail) - C:\Users\Vip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-09] CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2013-11-09] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-06] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-06] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-06-06] (Avira Operations GmbH & Co. KG) R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) R2 Update Greener Web; C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe [318752 2014-06-29] () R2 Util Greener Web; C:\Program Files (x86)\Greener Web\bin\utilGreenerWeb.exe [318752 2014-06-29] () ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-06] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-06] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-18] (Avira Operations GmbH & Co. KG) S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.) R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [61120 2014-06-20] (StdLib) S3 massfilter; system32\DRIVERS\massfilter.sys [X] S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-29 11:24 - 2014-06-29 11:24 - 00011199 _____ () C:\Users\Vip\Downloads\FRST.txt 2014-06-29 11:24 - 2014-06-29 11:24 - 00000000 ____D () C:\FRST 2014-06-29 11:23 - 2014-06-29 11:24 - 02083328 _____ (Farbar) C:\Users\Vip\Downloads\FRST64.exe 2014-06-29 11:18 - 2014-06-29 11:18 - 01073664 _____ (Farbar) C:\Users\Vip\Downloads\FRST.exe 2014-06-27 20:33 - 2014-06-27 20:38 - 00000000 ____D () C:\ProgramData\Package Cache 2014-06-27 20:32 - 2014-06-27 20:32 - 00922057 _____ (Brice Lambson) C:\Users\Vip\Downloads\ImageResizerSetup.exe 2014-06-24 22:08 - 2014-06-24 23:06 - 1467967488 _____ () C:\Users\Vip\Downloads\Nieustraszeni pogromcy wampirów.avi 2014-06-23 00:06 - 2014-06-23 00:06 - 00037713 _____ () C:\Users\Vip\Desktop\przytulone-sen-psiaki.jpeg 2014-06-22 22:50 - 2014-06-23 16:40 - 00000000 ____D () C:\Users\Vip\Desktop\buciki 2014-06-22 22:46 - 2014-06-20 15:28 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys 2014-06-21 20:20 - 2014-06-21 20:20 - 00003362 _____ () C:\Windows\System32\Tasks\Odkurzacz 2014-06-21 20:20 - 2014-06-21 20:20 - 00001059 _____ () C:\Users\Vip\Desktop\Odkurzacz.lnk 2014-06-21 20:20 - 2014-06-21 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz 2014-06-21 20:20 - 2014-06-21 20:20 - 00000000 ____D () C:\Program Files (x86)\Odkurzacz 2014-06-21 20:19 - 2014-06-21 20:19 - 03841551 _____ (FranmoSoftware ) C:\Users\Vip\Downloads\odk13.4.0.1685setup.exe 2014-06-21 20:18 - 2014-06-21 20:18 - 00000000 ____D () C:\Users\Vip\AppData\Roaming\Oracle 2014-06-21 19:43 - 2014-06-22 22:44 - 00000000 ____D () C:\Program Files (x86)\Greener Web 2014-06-21 19:43 - 2014-06-21 19:42 - 04748896 _____ (Piriform Ltd) C:\Users\Vip\Downloads\ccsetup414.exe 2014-06-21 19:42 - 2014-06-21 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-21 19:42 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-21 19:42 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-06-21 19:42 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-06-21 19:42 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-06-21 19:41 - 2014-06-21 19:42 - 00004430 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log 2014-06-21 19:41 - 2014-06-21 19:41 - 00702504 _____ () C:\Users\Vip\Downloads\CCleaner(13061).exe 2014-06-14 11:26 - 2014-06-14 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-06-14 11:25 - 2014-06-14 11:25 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-06-12 20:22 - 2014-06-12 20:22 - 00000000 ____D () C:\Users\Vip\Desktop\ewelinka 2014-06-10 21:20 - 2014-06-10 21:21 - 00000000 ____D () C:\Users\Vip\Desktop\dziadek DO 2014-06-04 17:23 - 2014-06-22 18:45 - 00000000 ____D () C:\Users\Vip\Desktop\oskar ==================== One Month Modified Files and Folders ======= 2014-06-29 11:24 - 2014-06-29 11:24 - 00011199 _____ () C:\Users\Vip\Downloads\FRST.txt 2014-06-29 11:24 - 2014-06-29 11:24 - 00000000 ____D () C:\FRST 2014-06-29 11:24 - 2014-06-29 11:23 - 02083328 _____ (Farbar) C:\Users\Vip\Downloads\FRST64.exe 2014-06-29 11:18 - 2014-06-29 11:18 - 01073664 _____ (Farbar) C:\Users\Vip\Downloads\FRST.exe 2014-06-29 11:16 - 2009-07-14 06:45 - 00010208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-29 11:16 - 2009-07-14 06:45 - 00010208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-29 11:10 - 2013-11-12 15:32 - 00000000 ____D () C:\Users\Vip\AppData\Roaming\Skype 2014-06-29 11:07 - 2009-07-14 19:55 - 00687828 _____ () C:\Windows\system32\perfh015.dat 2014-06-29 11:07 - 2009-07-14 19:55 - 00131382 _____ () C:\Windows\system32\perfc015.dat 2014-06-29 11:07 - 2009-07-14 07:13 - 01523412 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-29 11:07 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini 2014-06-29 11:06 - 2013-11-09 12:49 - 00513060 _____ () C:\Windows\WindowsUpdate.log 2014-06-29 11:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-29 11:03 - 2009-07-14 06:51 - 00038514 _____ () C:\Windows\setupact.log 2014-06-27 20:38 - 2014-06-27 20:33 - 00000000 ____D () C:\ProgramData\Package Cache 2014-06-27 20:32 - 2014-06-27 20:32 - 00922057 _____ (Brice Lambson) C:\Users\Vip\Downloads\ImageResizerSetup.exe 2014-06-26 10:31 - 2013-11-13 04:00 - 00000000 ____D () C:\Windows\Minidump 2014-06-26 10:28 - 2013-11-13 04:00 - 218242883 _____ () C:\Windows\MEMORY.DMP 2014-06-24 23:06 - 2014-06-24 22:08 - 1467967488 _____ () C:\Users\Vip\Downloads\Nieustraszeni pogromcy wampirów.avi 2014-06-23 16:40 - 2014-06-22 22:50 - 00000000 ____D () C:\Users\Vip\Desktop\buciki 2014-06-23 00:06 - 2014-06-23 00:06 - 00037713 _____ () C:\Users\Vip\Desktop\przytulone-sen-psiaki.jpeg 2014-06-22 22:44 - 2014-06-21 19:43 - 00000000 ____D () C:\Program Files (x86)\Greener Web 2014-06-22 18:45 - 2014-06-04 17:23 - 00000000 ____D () C:\Users\Vip\Desktop\oskar 2014-06-21 20:42 - 2013-11-12 15:38 - 00000912 _____ () C:\Users\Vip\Desktop\GG dysk.lnk 2014-06-21 20:42 - 2013-11-12 15:37 - 00000000 ____D () C:\Users\Vip\AppData\Local\GG 2014-06-21 20:41 - 2013-11-12 15:37 - 00000000 ____D () C:\Users\Vip\AppData\Roaming\GG 2014-06-21 20:36 - 2013-11-09 13:06 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-21 20:36 - 2013-11-09 13:06 - 00001038 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-21 20:26 - 2013-11-09 13:06 - 00004050 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-21 20:26 - 2013-11-09 13:06 - 00003798 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-21 20:22 - 2013-11-12 15:32 - 00000000 ____D () C:\ProgramData\Skype 2014-06-21 20:22 - 2013-11-09 13:36 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork 2014-06-21 20:20 - 2014-06-21 20:20 - 00003362 _____ () C:\Windows\System32\Tasks\Odkurzacz 2014-06-21 20:20 - 2014-06-21 20:20 - 00001059 _____ () C:\Users\Vip\Desktop\Odkurzacz.lnk 2014-06-21 20:20 - 2014-06-21 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz 2014-06-21 20:20 - 2014-06-21 20:20 - 00000000 ____D () C:\Program Files (x86)\Odkurzacz 2014-06-21 20:19 - 2014-06-21 20:19 - 03841551 _____ (FranmoSoftware ) C:\Users\Vip\Downloads\odk13.4.0.1685setup.exe 2014-06-21 20:18 - 2014-06-21 20:18 - 00000000 ____D () C:\Users\Vip\AppData\Roaming\Oracle 2014-06-21 20:17 - 2013-11-13 22:03 - 00000000 ____D () C:\ProgramData\Oracle 2014-06-21 19:42 - 2014-06-21 19:43 - 04748896 _____ (Piriform Ltd) C:\Users\Vip\Downloads\ccsetup414.exe 2014-06-21 19:42 - 2014-06-21 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-21 19:42 - 2014-06-21 19:41 - 00004430 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log 2014-06-21 19:42 - 2014-01-20 01:47 - 00000000 ____D () C:\Program Files (x86)\Java 2014-06-21 19:41 - 2014-06-21 19:41 - 00702504 _____ () C:\Users\Vip\Downloads\CCleaner(13061).exe 2014-06-20 15:28 - 2014-06-22 22:46 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys 2014-06-14 20:26 - 2013-11-09 13:06 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-14 11:26 - 2014-06-14 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-06-14 11:26 - 2014-01-20 12:16 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-06-14 11:26 - 2014-01-20 12:16 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-06-14 11:25 - 2014-06-14 11:25 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-06-12 20:22 - 2014-06-12 20:22 - 00000000 ____D () C:\Users\Vip\Desktop\ewelinka 2014-06-10 21:21 - 2014-06-10 21:20 - 00000000 ____D () C:\Users\Vip\Desktop\dziadek DO 2014-06-06 21:46 - 2013-11-09 13:35 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-06-06 21:46 - 2013-11-09 13:35 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-04 17:31 - 2014-01-20 11:53 - 00000000 ____D () C:\Users\Vip\Desktop\moje zdjecia 2014-06-04 17:24 - 2014-01-20 11:54 - 00000000 ____D () C:\Users\Vip\Desktop\rozne zdjecia Some content of TEMP: ==================== C:\Users\Vip\AppData\Local\Temp\avgnt.exe C:\Users\Vip\AppData\Local\Temp\odk_setup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-28 09:45 ==================== End Of Log ============================