Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-01-2015 02 Ran by ANRZEJMAKNAB (administrator) on ANDRZEJMAKNAB on 13-01-2015 21:47:15 Running from C:\Documents and Settings\ANRZEJMAKNAB\Pulpit Loaded Profile: ANRZEJMAKNAB (Available profiles: ANRZEJMAKNAB) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\launcher_service.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe (DeviceVM, Inc.) C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (Wireless Service) C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (D-Link Corp.) C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe (BitTorrent Inc.) C:\Documents and Settings\ANRZEJMAKNAB\Dane aplikacji\uTorrent\uTorrent.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin () C:\WINDOWS\system32\ANIWConnService.exe (Wireless Service) C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (DeviceVM, Inc.) C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe (Comodo Security Solutions, Inc.) C:\Program Files\Comodo\Dragon\dragon_updater.exe () C:\Program Files\Gigabyte\EasySaver\essvr.exe (Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe (Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe () C:\Program Files\Opera\26.0.1656.60\opera_crashreporter.exe (Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe (Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe (Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe (Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe (Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe (Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe (Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1243352 2014-12-09] (COMODO) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18789920 2009-12-08] (Realtek Semiconductor Corp.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software) HKLM\...\Run: [tvncontrol] => C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-07-25] (Comodo Security Solutions, Inc.) HKLM\...\Run: [BCU] => C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [346320 2009-08-04] (DeviceVM, Inc.) HKLM\...\Run: [ANIWZCS2Service] => C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [98304 2009-08-21] (Wireless Service) HKLM\...\Run: [D-Link D-Link RangeBooster N DWA-140] => C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe [1708032 2009-09-18] (D-Link Corp.) HKU\S-1-5-21-583907252-1450960922-1801674531-1004\...\Run: [uTorrent] => C:\Documents and Settings\ANRZEJMAKNAB\Dane aplikacji\uTorrent\uTorrent.exe [1385808 2014-11-15] (BitTorrent Inc.) HKU\S-1-5-21-583907252-1450960922-1801674531-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2015-01-02] (Piriform Ltd) Startup: C:\Documents and Settings\ANRZEJMAKNAB\Menu Start\Programy\Autostart\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-583907252-1450960922-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.yahoo.com?fr=fp-comodo HKU\S-1-5-21-583907252-1450960922-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKU\S-1-5-21-583907252-1450960922-1801674531-1004 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) SearchScopes: HKU\S-1-5-21-583907252-1450960922-1801674531-1004 -> DefaultScope {1E05A2CA-2C74-45a7-839F-88A1198D6C81} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD SearchScopes: HKU\S-1-5-21-583907252-1450960922-1801674531-1004 -> {1E05A2CA-2C74-45a7-839F-88A1198D6C81} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD SearchScopes: HKU\S-1-5-21-583907252-1450960922-1801674531-1004 -> {7BFBA853-56F7-4671-AA5B-C817A6636FD0} URL = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pl&q={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll (AdTrustMedia) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-27] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-28] Chrome: ======= CHR HomePage: Default -> hxxp://www.mysearchresults.com/?c=3524&t=01 CHR Profile: C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-27] CHR Extension: (Dysk Google) - C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-27] CHR Extension: (YouTube) - C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-27] CHR Extension: (PrivDog) - C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja [2014-04-03] CHR Extension: (Szukaj w Google) - C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-27] CHR Extension: (Avast Online Security) - C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-28] CHR Extension: (Google Wallet) - C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-27] CHR Extension: (Gmail) - C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-27] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-26] CHR HKU\S-1-5-21-583907252-1450960922-1801674531-1004\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Dane aplikacji\AdTrustMedia\PrivDog\PrivDog_chrome.crx [2014-04-08] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ANIWConnService; C:\WINDOWS\system32\ANIWConnService.exe [151552 2009-07-07] () [File not signed] R2 ANIWZCSdService; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [102400 2009-08-21] (Wireless Service) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-26] (AVAST Software) R2 BCUService; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [219360 2009-08-04] (DeviceVM, Inc.) R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70864 2014-07-25] (Comodo Security Solutions, Inc.) R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5868440 2014-12-09] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664216 2014-12-09] (COMODO) R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.) R2 ES lite Service; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] () R2 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-07-25] (Comodo Security Solutions, Inc.) S3 COMSysApp; C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{403B8B93-B313-4708-BC83-D741EB834190} ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R2 ANIO; C:\WINDOWS\system32\ANIO.SYS [29411 2009-02-09] () [File not signed] R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-26] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-26] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-26] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-26] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-26] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-11-26] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-26] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-26] () R2 BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [19537 2000-07-24] (Brother Industries Ltd.) [File not signed] R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [36112 2014-06-26] (Windows (R) Win 7 DDK provider) R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15576 2014-12-09] (COMODO) R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [619992 2014-12-09] (COMODO) R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [29912 2014-12-09] (COMODO) R3 gdrv; C:\WINDOWS\gdrv.sys [17488 2015-01-13] (Windows (R) 2000 DDK provider) R1 HMD; C:\WINDOWS\System32\DRIVERS\hmd.sys [14272 2014-06-26] () S3 HWHandSet; C:\WINDOWS\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-24] (Huawei Technologies Co., Ltd.) R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [105560 2014-12-09] (COMODO) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 rt2870; C:\WINDOWS\System32\DRIVERS\Drt2870.sys [724736 2009-08-03] (Ralink Technology, Corp.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.) S0 hyyf; System32\drivers\scycprn.sys [X] S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath S3 yjgvityv; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-13 21:47 - 2015-01-13 21:48 - 00014451 _____ () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\FRST.txt 2015-01-13 21:38 - 2015-01-13 21:38 - 01115648 _____ (Farbar) C:\Documents and Settings\ANRZEJMAKNAB\Moje dokumenty\FRST (1).exe 2015-01-13 21:20 - 2015-01-13 21:48 - 00000000 ____D () C:\FRST 2015-01-13 21:19 - 2015-01-13 21:19 - 01115648 _____ (Farbar) C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\FRST.exe 2015-01-12 19:34 - 2015-01-12 19:34 - 00143955 _____ () C:\Documents and Settings\ANRZEJMAKNAB\Moje dokumenty\[kickass.so]girlsdoporn.e296.18.years.old.xxx.720p.mp4.ktr.rarbg.torrent 2015-01-08 16:09 - 2015-01-08 16:40 - 00011586 _____ () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\Człuchów.odt 2015-01-02 23:06 - 2015-01-02 23:07 - 00000000 ____D () C:\Program Files\Defraggler 2015-01-02 23:06 - 2015-01-02 23:06 - 00001580 _____ () C:\Documents and Settings\All Users\Pulpit\Defraggler.lnk 2015-01-02 23:06 - 2015-01-02 23:06 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Defraggler 2014-12-16 10:17 - 2014-12-16 10:17 - 00001731 _____ () C:\Documents and Settings\All Users\Pulpit\Avast Free Antivirus.lnk 2014-12-16 10:17 - 2014-11-26 09:03 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-13 21:48 - 2013-12-12 21:34 - 00000000 ____D () C:\Documents and Settings\ANRZEJMAKNAB\Dane aplikacji\uTorrent 2015-01-13 21:48 - 2013-11-25 21:31 - 00000000 ____D () C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Temp 2015-01-13 21:47 - 2013-11-25 21:31 - 00000000 ____D () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit 2015-01-13 21:42 - 2013-11-25 21:31 - 00000000 ___RD () C:\Documents and Settings\ANRZEJMAKNAB\Moje dokumenty 2015-01-13 21:41 - 2013-11-28 12:28 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-01-13 21:41 - 2013-11-27 16:29 - 00000000 ____D () C:\Documents and Settings\ANRZEJMAKNAB\Dane aplikacji\vlc 2015-01-13 21:37 - 2013-11-25 21:28 - 01247971 _____ () C:\WINDOWS\WindowsUpdate.log 2015-01-13 21:36 - 2014-09-18 09:57 - 00000440 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1411030668.job 2015-01-13 21:36 - 2014-04-03 10:25 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job 2015-01-13 21:36 - 2014-03-08 16:57 - 00000236 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-01-13 21:36 - 2013-11-28 11:02 - 00017488 _____ (Windows (R) 2000 DDK provider) C:\WINDOWS\gdrv.sys 2015-01-13 21:36 - 2013-11-27 19:51 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-13 21:36 - 2013-11-27 19:37 - 00000145 _____ () C:\service.log 2015-01-13 21:36 - 2013-11-27 16:00 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job 2015-01-13 21:36 - 2013-11-25 21:31 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-01-13 21:36 - 2013-11-25 19:23 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-01-13 21:36 - 2013-11-25 19:23 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-01-13 21:05 - 2013-11-27 19:51 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-13 20:59 - 2014-03-26 14:22 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-01-13 20:49 - 2014-09-15 11:03 - 00031247 _____ () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\Remanent LP przedjarmarkowe.odt 2015-01-13 20:26 - 2013-12-06 15:11 - 00040260 _____ () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\Moje LP.odt 2015-01-13 19:49 - 2014-09-16 08:52 - 00029411 _____ () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\Remanent LP pojarmarkowe.odt 2015-01-13 16:00 - 2013-11-25 21:31 - 00032578 _____ () C:\WINDOWS\SchedLgU.Txt 2015-01-13 12:38 - 2014-09-18 09:57 - 00000000 ____D () C:\Program Files\Opera 2015-01-13 01:23 - 2013-11-25 21:32 - 00000188 ___SH () C:\Documents and Settings\ANRZEJMAKNAB\ntuser.ini 2015-01-13 00:05 - 2013-11-25 21:31 - 00000000 ___HD () C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Dane aplikacji 2015-01-12 21:54 - 2013-11-25 19:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-01-12 21:53 - 2013-11-25 19:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start 2015-01-12 21:53 - 2013-11-25 19:20 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-01-12 21:52 - 2014-04-11 15:44 - 00000000 ____D () C:\Program Files\Microsoft Games 2015-01-12 21:50 - 2014-12-08 17:43 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat 2015-01-11 20:06 - 2008-04-15 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl 2015-01-09 14:55 - 2014-10-06 14:06 - 00000007 _____ () C:\WINDOWS\system32\ANIWZCSUSERNAME 2015-01-09 00:30 - 2013-12-13 01:03 - 00043008 _____ () C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-08 23:53 - 2014-10-20 12:31 - 00013303 _____ () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\NOWOŚCI LP GIEŁDY.odt 2015-01-08 16:40 - 2014-04-14 13:11 - 00000000 ____D () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\Batch conv. folder 2015-01-08 15:00 - 2014-03-08 16:57 - 00000230 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2015-01-07 01:10 - 2013-12-09 19:48 - 00133632 ___SH () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\Thumbs.db 2015-01-02 23:04 - 2014-04-23 08:19 - 00000000 ____D () C:\WINDOWS\Minidump 2015-01-02 23:04 - 2013-11-25 21:31 - 00000000 ____D () C:\Documents and Settings\ANRZEJMAKNAB 2015-01-02 23:03 - 2013-11-27 16:27 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2015-01-02 23:03 - 2013-11-27 16:27 - 00000000 ____D () C:\Program Files\CCleaner 2015-01-02 23:03 - 2013-11-27 16:27 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2014-12-31 13:15 - 2014-11-13 19:48 - 00019267 _____ () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\Ulotka dodawana dla kupujących.odt 2014-12-31 13:09 - 2014-09-12 22:36 - 00010873 _____ () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\Auto.odt 2014-12-29 19:53 - 2013-12-06 15:11 - 00020221 _____ () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\Moje CD.odt 2014-12-27 19:34 - 2014-09-18 13:27 - 00000000 ____D () C:\Documents and Settings\ANRZEJMAKNAB\Pulpit\Zdjęcia 2014-12-26 21:02 - 2014-09-12 21:07 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2014-12-26 20:19 - 2014-01-12 19:14 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-12-26 20:19 - 2014-01-12 19:14 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-12-18 17:52 - 2014-09-12 22:40 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-12-18 17:52 - 2014-09-12 22:40 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-12-18 17:52 - 2014-09-12 22:40 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware 2014-12-18 17:52 - 2013-11-28 12:50 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-12-18 17:52 - 2013-11-28 12:50 - 00000777 _____ () C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2014-12-16 10:17 - 2014-11-26 09:04 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\AVAST Software Some content of TEMP: ==================== C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Temp\drm_dialogs.dll C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Temp\drm_dyndata_7270014.dll C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsnubf7.dll C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Temp\EBUB.DLL C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Temp\Runner2.exe C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Temp\Runner4.exe C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Temp\ttv.exe C:\Documents and Settings\ANRZEJMAKNAB\Ustawienia lokalne\Temp\vlc-2.1.5-win32.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================