Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2015 Ran by Dom (administrator) on MAGDA on 07-02-2015 16:17:44 Running from C:\Users\Dom\Desktop\ddd Loaded Profiles: Dom (Available profiles: Dom) Platform: Microsoft Windows 7 Home Premium (X86) OS Language: Polski (Polska) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe ( ) C:\Windows\System32\lxcccoms.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe () C:\Program Files\Lexmark 3300 Series\lxccmon.exe (Lexmark International Inc.) C:\Program Files\Lexmark 3300 Series\ezprint.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [1447168 2008-09-16] (ESET) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre7\bin\jusched.exe" HKLM\...\Run: [LXCCCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16 HKLM\...\Run: [lxccmon.exe] => C:\Program Files\Lexmark 3300 Series\lxccmon.exe [205744 2007-05-11] () HKLM\...\Run: [EzPrint] => C:\Program Files\Lexmark 3300 Series\ezprint.exe [103344 2007-05-11] (Lexmark International Inc.) HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe HKU\S-1-5-21-1454207623-1880706861-3650100424-1001\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [451872 2007-07-18] (Hewlett-Packard Company) HKU\S-1-5-21-1454207623-1880706861-3650100424-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-06-01] (Nero AG) HKU\S-1-5-21-1454207623-1880706861-3650100424-1001\...\Run: [ALLUpdate] => D:\Programy\ALLPlayer\ALLUpdate.exe [3510704 2014-04-17] (ALLPlayer Group Ltd.) HKU\S-1-5-21-1454207623-1880706861-3650100424-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Dom\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-1454207623-1880706861-3650100424-1001\...\Run: [Napisy24.pl] => "C:\Program Files\Napisy24\Napisy24.exe" AutoStart HKU\S-1-5-21-1454207623-1880706861-3650100424-1001\...\MountPoints2: {e927ef9c-3f68-11e0-8faa-00241d8d1e95} - K:\autorun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Pobieracz w tle.lnk ShortcutTarget: SolidWorks Pobieracz w tle.lnk -> C:\Program Files\Common Files\Menedżer instalacji SolidWorks\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.) Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OPTISetup.lnk ShortcutTarget: OPTISetup.lnk -> C:\ProgramData\{a50d5638-14b9-31da-a50d-d563814b58e0}\OPTISetup.exe (No File) Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers: [Uchwyt nakładania ikony podpisu cyfrowego] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1422643946&from=cor&uid=ST3500418AS_5VM2XLF3XXXX5VM2XLF3&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422644015&from=cor&uid=ST3500418AS_5VM2XLF3XXXX5VM2XLF3 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422643946&from=cor&uid=ST3500418AS_5VM2XLF3XXXX5VM2XLF3&q={searchTerms} HKU\S-1-5-21-1454207623-1880706861-3650100424-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422644015&from=cor&uid=ST3500418AS_5VM2XLF3XXXX5VM2XLF3&q={searchTerms} HKU\S-1-5-21-1454207623-1880706861-3650100424-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki HKU\S-1-5-21-1454207623-1880706861-3650100424-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422644015&from=cor&uid=ST3500418AS_5VM2XLF3XXXX5VM2XLF3 HKU\S-1-5-21-1454207623-1880706861-3650100424-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422644015&from=cor&uid=ST3500418AS_5VM2XLF3XXXX5VM2XLF3&q={searchTerms} SearchScopes: HKU\S-1-5-21-1454207623-1880706861-3650100424-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422644015&from=cor&uid=ST3500418AS_5VM2XLF3XXXX5VM2XLF3&q={searchTerms} SearchScopes: HKU\S-1-5-21-1454207623-1880706861-3650100424-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST3500418AS_5VM2XLF3XXXX5VM2XLF3&ts=1422644027&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1454207623-1880706861-3650100424-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST3500418AS_5VM2XLF3XXXX5VM2XLF3&ts=1422644027&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1454207623-1880706861-3650100424-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422644015&from=cor&uid=ST3500418AS_5VM2XLF3XXXX5VM2XLF3&q={searchTerms} SearchScopes: HKU\S-1-5-21-1454207623-1880706861-3650100424-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST3500418AS_5VM2XLF3XXXX5VM2XLF3&ts=1422644027&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1454207623-1880706861-3650100424-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST3500418AS_5VM2XLF3XXXX5VM2XLF3&ts=1422644027&type=default&q={searchTerms} BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: FG2CatchUrl -> {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} -> d:\Programy\FlashGet universal\ComDlls\bhoCATCH.dll No File BHO: Bruowse2saavee -> {2F287E2F-FDA1-86EC-E036-015F9D67CBE1} -> No File BHO: SeAraCCh-NewTab -> {5223838A-E03C-6745-6CB4-3835F3C5CB9E} -> No File BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> D:\Programy\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) Toolbar: HKU\.DEFAULT -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 FireFox: ======== FF ProfilePath: C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\duz912c6.default-1368449410798 FF DefaultSearchEngine: omiga-plus FF SelectedSearchEngine: omiga-plus FF Homepage: hxxp://www.interia.pl/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> d:\Programy\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> d:\Programy\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll (Dassault Systèmes SolidWorks Corp.) FF SearchPlugin: C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\duz912c6.default-1368449410798\searchplugins\omiga-plus.xml FF Extension: FF Toolbar - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\duz912c6.default-1368449410798\Extensions\fftoolbar2014@etech.com [2015-01-30] FF Extension: Site Matcher - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\duz912c6.default-1368449410798\Extensions\sitematcher_srcs@sitematcher_srcs.com [2014-08-01] FF Extension: TornPlusTV_version1.11 - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\duz912c6.default-1368449410798\Extensions\TFCHON21586705@RMYX65127936.com [2015-02-03] FF HKLM\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\duz912c6.default-1368449410798\extensions\fftoolbar2014@etech.com Chrome: ======= CHR Profile: C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (No Name) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felemgackjagfdpeagedojodccfdihib [2013-03-22] CHR Extension: (Bruowse2saavee) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hffollagacebjionkgaogdjcdnnbbcif [2013-03-22] CHR Extension: (No Name) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldhongheboglmgmmonlkeehjghbnphp [2013-03-22] CHR Extension: (SeAraCCh-NewTab) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\odkhcpefbkioepgaihmgcnlajdbcmgko [2013-03-22] CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\14.2.0.1\avg.crx [Not Found] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 CoordinatorServiceHost; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [89160 2011-09-27] (Dassault Systèmes SolidWorks Corp.) S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [19200 2008-08-18] (ESET) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [468224 2007-12-21] (ESET) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2013-12-23] (Flexera Software LLC) R2 HPSLPSVC; C:\Users\Dom\AppData\Local\Temp\7zS2DB2\hpslpsvc32.dll [701288 2012-11-14] (Hewlett-Packard Co.) R2 lxcc_device; C:\Windows\system32\lxcccoms.exe [537520 2007-03-26] ( ) S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation) S3 NBService; D:\Programy\Nero 7\Nero BackItUp\NBService.exe [792112 2007-04-13] (Nero AG) S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-09-12] (SolidWorks) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) S2 IHProtect Service; C:\Program Files\XTab\ProtectService.exe [X] S2 Update Solution Real; "C:\Program Files\Solution Real\updateSolutionReal.exe" [X] S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2014-01-24] () R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [33112 2013-02-19] (AVG Technologies) S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-14] (Microsoft Corporation) R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [39944 2008-08-18] (ESET) R1 easdrv; C:\Windows\System32\DRIVERS\easdrv.sys [53256 2008-08-18] (ESET) R1 epfwtdir; C:\Windows\System32\DRIVERS\epfwtdir.sys [34312 2008-08-18] () R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2014-01-24] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2011-02-23] () [File not signed] U3 autywahy; C:\Windows\system32\Drivers\autywahy.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder) S1 pfnfd_1_10_0_8; system32\drivers\pfnfd_1_10_0_8.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-07 16:17 - 2015-02-07 16:17 - 00000000 ____D () C:\Users\Dom\Desktop\ddd 2015-02-07 15:52 - 2015-02-07 15:52 - 00001336 _____ () C:\AdwCleaner[R5].txt 2015-02-07 15:52 - 2015-02-07 15:52 - 00001217 _____ () C:\AdwCleaner[R4].txt 2015-02-07 15:52 - 2015-02-07 15:52 - 00000238 _____ () C:\AdwCleaner[S4].txt 2015-02-07 15:49 - 2015-02-07 16:17 - 00000000 ____D () C:\FRST 2015-02-07 15:21 - 2015-02-07 15:21 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-07 15:21 - 2015-02-07 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-02-07 15:21 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-02-07 15:21 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-02-04 20:32 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-02-04 20:07 - 2015-02-04 20:07 - 00001520 _____ () C:\AdwCleaner[S3].txt 2015-02-04 20:06 - 2015-02-04 20:06 - 00001342 _____ () C:\AdwCleaner[R3].txt 2015-02-03 17:52 - 2015-02-03 17:52 - 00000000 ____D () C:\ProgramData\4980443400007310 2015-02-03 17:48 - 2015-02-03 18:16 - 00000000 ____D () C:\ProgramData\{a50d5638-14b9-31da-a50d-d563814b58e0} 2015-02-03 17:48 - 2015-02-03 17:48 - 00000000 ____D () C:\Users\Dom\Documents\Optimizer Pro 2015-02-03 17:46 - 2015-02-07 16:11 - 00001330 _____ () C:\Windows\Tasks\TKBXPO.job 2015-02-03 17:46 - 2015-02-07 16:11 - 00001324 _____ () C:\Windows\Tasks\FOG.job 2015-02-03 17:46 - 2015-02-03 17:51 - 00000000 ____D () C:\Program Files\globalUpdate 2015-02-03 17:46 - 2015-02-03 17:46 - 00000000 ____D () C:\Users\Dom\AppData\Local\globalUpdate 2015-01-31 11:11 - 2015-01-31 11:11 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\AC3Filter 2015-01-31 11:03 - 2015-01-31 11:05 - 00000000 ____D () C:\Users\Dom\AppData\Local\Gameo 2015-01-31 11:03 - 2015-01-31 11:03 - 00000169 _____ () C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url 2015-01-31 11:03 - 2015-01-31 11:03 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\Opera Software 2015-01-31 11:03 - 2015-01-31 11:03 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\GoldenGate 2015-01-31 11:03 - 2015-01-31 11:03 - 00000000 ____D () C:\Users\Dom\AppData\Local\Opera Software 2015-01-31 11:02 - 2015-01-31 11:05 - 00000000 ____D () C:\Program Files\Opera 2015-01-30 19:53 - 2015-02-03 18:15 - 00000000 ____D () C:\Program Files\XTab 2015-01-30 19:53 - 2015-01-31 01:31 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2015-01-30 19:53 - 2015-01-30 19:53 - 00000000 ____D () C:\ProgramData\IHProtectUpDate 2015-01-30 19:52 - 2015-01-30 20:51 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\omiga-plus 2015-01-30 19:26 - 2015-02-07 13:11 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\vlc 2015-01-25 17:12 - 2015-01-25 17:12 - 00002086 _____ () C:\Users\Dom\AppData\Roaming\FOG 2015-01-25 17:12 - 2015-01-25 17:12 - 00001248 _____ () C:\Users\Dom\AppData\Roaming\TKBXPO 2015-01-25 12:12 - 2015-01-23 21:27 - 00075746 _____ () C:\Users\Dom\Desktop\mieszkanie.bak 2015-01-23 21:26 - 2015-01-25 12:12 - 00069725 _____ () C:\Users\Dom\Desktop\mieszkanie.dwg ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-07 16:16 - 2011-02-23 17:18 - 01552404 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-07 16:16 - 2009-07-19 13:08 - 00699280 _____ () C:\Windows\system32\perfh015.dat 2015-02-07 16:16 - 2009-07-19 13:08 - 00134984 _____ () C:\Windows\system32\perfc015.dat 2015-02-07 16:11 - 2011-03-12 18:54 - 00076394 _____ () C:\Windows\PFRO.log 2015-02-07 16:11 - 2011-02-23 17:15 - 01981183 _____ () C:\Windows\WindowsUpdate.log 2015-02-07 16:11 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-07 16:11 - 2009-07-14 05:39 - 00053864 _____ () C:\Windows\setupact.log 2015-02-07 15:21 - 2013-04-06 11:28 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\Malwarebytes 2015-02-07 15:21 - 2013-04-06 11:28 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-02-07 15:17 - 2011-02-23 17:28 - 00001889 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-02-07 15:15 - 2009-07-14 05:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-07 15:15 - 2009-07-14 05:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-07 13:11 - 2012-05-15 14:41 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\BitTorrent 2015-02-04 19:56 - 2011-02-23 17:14 - 00000000 ____D () C:\Users\Dom 2015-02-03 19:16 - 2014-11-22 17:36 - 00000000 ____D () C:\Users\Dom\Desktop\Książki 2015-01-31 11:14 - 2011-03-28 12:24 - 00025600 _____ () C:\Users\Dom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-31 11:05 - 2011-02-23 17:14 - 00001425 _____ () C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-01-30 20:52 - 2015-01-03 08:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-01-30 19:52 - 2014-06-13 17:36 - 01123840 _____ (Karol Winnicki) C:\Users\Dom\Desktop\BESTplayer.exe 2015-01-24 16:06 - 2011-06-15 20:38 - 00000126 _____ () C:\Users\Dom\AppData\default.pls 2015-01-20 05:25 - 2013-01-27 21:44 - 00000000 ____D () C:\Program Files\Lx_cats ==================== Files in the root of some directories ======= 2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Dom\AppData\Roaming\FOG 2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Dom\AppData\Roaming\TKBXPO 2011-03-28 12:24 - 2015-01-31 11:14 - 0025600 _____ () C:\Users\Dom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-08-04 16:39 - 2011-08-04 16:39 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempAp2052.html 2011-08-04 16:39 - 2011-08-04 16:39 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempbc2052.html 2011-03-12 18:55 - 2011-03-12 18:55 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempBf2068.html 2011-05-18 17:49 - 2011-05-18 17:49 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempbP1832.html 2012-08-21 11:54 - 2012-08-21 11:54 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempBV2344.html 2011-11-22 18:56 - 2011-11-24 17:29 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempcc1388.html 2012-07-20 23:32 - 2012-08-09 01:50 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempcd2880.html 2012-05-19 16:09 - 2012-05-19 16:09 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempCk2184.html 2011-07-26 22:03 - 2011-07-26 22:03 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempcM5388.html 2011-03-12 19:08 - 2011-03-12 19:08 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempcO2116.html 2012-09-23 14:23 - 2012-09-30 00:18 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempcx2440.html 2012-02-10 00:45 - 2012-02-14 18:49 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempcX4336.html 2012-03-21 21:56 - 2012-03-21 21:56 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempCZ4340.html 2012-03-07 22:28 - 2012-03-07 22:28 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempda5884.html 2011-11-30 02:27 - 2011-11-30 02:27 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempDE1104.html 2012-04-01 13:21 - 2012-04-01 13:21 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempDO1644.html 2012-07-20 23:32 - 2012-08-09 01:50 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempDP2880.html 2011-12-24 12:49 - 2011-12-24 12:49 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempDQ1632.html 2011-12-24 12:49 - 2011-12-24 12:49 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempDs1632.html 2011-09-02 11:42 - 2011-09-02 11:42 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempdu2188.html 2012-05-06 15:47 - 2012-05-06 15:47 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempEA1768.html 2012-10-30 13:10 - 2012-11-09 18:03 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempeE9828.html 2011-09-23 20:52 - 2011-09-24 14:28 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempEg7416.html 2013-03-05 02:00 - 2013-03-05 02:00 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempEW1104.html 2012-09-23 14:23 - 2012-09-30 00:18 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempEW2440.html 2011-12-23 20:05 - 2011-12-23 20:05 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempFA5456.html 2013-03-20 09:45 - 2013-04-04 10:06 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempfF2416.html 2011-08-25 14:24 - 2011-08-25 14:24 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempFJ2184.html 2012-03-21 21:56 - 2012-03-21 21:56 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempFO4340.html 2011-11-30 02:27 - 2011-11-30 02:27 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempFr1104.html 2013-06-08 01:42 - 2013-06-08 01:42 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempfX2700.html 2013-02-10 22:36 - 2013-02-10 22:36 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempgb2760.html 2013-02-05 16:40 - 2013-02-06 01:25 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempgC2352.html 2013-07-14 18:54 - 2013-07-14 18:54 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempgi2392.html 2013-02-13 09:17 - 2013-02-24 19:20 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempgj2572.html 2011-12-23 20:05 - 2011-12-23 20:05 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempgK5456.html 2012-09-04 17:17 - 2012-09-04 17:17 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempGw1688.html 2012-05-02 14:35 - 2012-05-02 14:35 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempgZ5692.html 2011-09-24 14:36 - 2011-09-24 14:36 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempHE2164.html 2011-05-18 17:49 - 2011-05-18 17:49 - 0002089 _____ () C:\Users\Dom\AppData\Local\Temphf1832.html 2013-06-16 16:42 - 2013-06-18 10:45 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempHF2588.html 2011-11-24 17:31 - 2011-11-24 17:31 - 0002089 _____ () C:\Users\Dom\AppData\Local\Temphh1780.html 2013-03-05 02:00 - 2013-03-05 02:00 - 0002432 _____ () C:\Users\Dom\AppData\Local\Temphj1104.html 2011-03-19 12:57 - 2011-03-19 12:57 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempho2140.html 2011-03-03 14:03 - 2011-03-03 14:03 - 0002432 _____ () C:\Users\Dom\AppData\Local\Temphv5472.html 2011-03-19 21:28 - 2011-03-23 23:04 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempib2192.html 2012-01-21 14:28 - 2012-01-21 14:28 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempic3836.html 2011-07-04 07:16 - 2011-07-04 07:16 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempii2064.html 2013-07-14 18:54 - 2013-07-14 18:54 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempiL2392.html 2013-06-28 18:43 - 2013-06-28 18:44 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempIL2472.html 2011-06-27 15:55 - 2011-06-27 15:55 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempIP2060.html 2011-07-05 15:05 - 2011-07-05 19:22 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempiV2108.html 2012-03-30 18:42 - 2012-03-30 18:42 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempIW1608.html 2013-08-01 09:56 - 2013-08-01 09:56 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempIw2656.html 2013-01-27 20:27 - 2013-02-04 16:55 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempj12812.html 2012-01-21 14:28 - 2012-01-21 14:28 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempjf3836.html 2013-06-25 09:41 - 2013-06-25 09:42 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempJG2512.html 2013-06-25 09:41 - 2013-06-25 09:42 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempJh2512.html 2012-07-20 14:37 - 2012-07-20 14:37 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempjP1704.html 2011-07-04 15:56 - 2011-07-05 14:21 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempJZ2072.html 2012-08-21 12:15 - 2012-08-21 12:15 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempKd2516.html 2011-09-23 20:52 - 2011-09-24 14:28 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempKf7416.html 2012-08-21 12:15 - 2012-08-21 12:15 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempKg2516.html 2013-03-05 02:49 - 2013-03-06 01:34 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempKg2664.html 2012-05-20 09:25 - 2012-05-20 09:25 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempKK2360.html 2012-03-30 18:42 - 2012-03-30 18:42 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempkl1608.html 2011-07-05 15:05 - 2011-07-05 19:22 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempKS2108.html 2011-03-19 12:57 - 2011-03-19 12:57 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempKs2140.html 2011-07-26 22:03 - 2011-07-26 22:03 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempkX5388.html 2012-03-07 22:28 - 2012-03-07 22:28 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempLC5884.html 2011-11-24 17:31 - 2011-11-24 17:31 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempLo1780.html 2011-08-25 14:24 - 2011-08-25 14:24 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempLq2184.html 2012-05-20 09:25 - 2012-05-20 09:25 - 0002432 _____ () C:\Users\Dom\AppData\Local\TemplX2360.html 2011-07-01 19:36 - 2011-07-01 19:36 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempMJ3516.html 2012-07-20 14:37 - 2012-07-20 14:37 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempMw1704.html 2013-06-28 18:43 - 2013-06-28 18:44 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempNH2472.html 2011-03-12 18:55 - 2011-03-12 18:55 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempNj2068.html 2012-06-02 21:08 - 2012-06-02 21:08 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempnO4612.html 2012-09-19 16:56 - 2012-09-22 10:07 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempOc3800.html 2012-05-06 15:47 - 2012-05-06 15:47 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempOD1768.html 2013-03-06 15:03 - 2013-03-12 15:24 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempOM2804.html 2012-07-06 17:17 - 2012-07-06 17:17 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempOo1280.html 2011-03-12 19:08 - 2011-03-12 19:08 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempOp2116.html 2011-06-14 16:52 - 2011-06-27 07:21 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempOq5812.html 2012-02-10 00:45 - 2012-02-14 18:49 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempOU4336.html 2013-05-13 14:36 - 2013-05-13 14:36 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempoy2560.html 2013-04-06 13:22 - 2013-04-06 13:22 - 0002432 _____ () C:\Users\Dom\AppData\Local\TemppA4084.html 2011-07-04 15:56 - 2011-07-05 14:21 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempPO2072.html 2012-06-21 16:56 - 2012-06-21 16:56 - 0002089 _____ () C:\Users\Dom\AppData\Local\TemppT2336.html 2012-11-25 13:06 - 2012-12-02 00:42 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempqR2116.html 2012-09-04 17:17 - 2012-09-04 17:17 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempQT1688.html 2013-01-27 20:27 - 2013-02-04 16:55 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempr12812.html 2012-06-21 16:56 - 2012-06-21 16:56 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempra2336.html 2012-07-06 17:19 - 2012-07-06 17:21 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempRaL552.html 2011-07-15 15:26 - 2011-07-17 10:44 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempRi1172.html 2013-04-06 13:22 - 2013-04-06 13:22 - 0002089 _____ () C:\Users\Dom\AppData\Local\Temprk4084.html 2011-11-22 18:56 - 2011-11-24 17:29 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempRO1388.html 2011-11-15 17:30 - 2011-11-22 18:54 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempRqw148.html 2012-08-21 11:54 - 2012-08-21 11:54 - 0002089 _____ () C:\Users\Dom\AppData\Local\TemprW2344.html 2011-09-24 14:36 - 2011-09-24 14:36 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempSm2164.html 2011-11-15 17:30 - 2011-11-22 18:54 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempsmm148.html 2012-07-06 17:17 - 2012-07-06 17:17 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempsq1280.html 2011-03-19 21:28 - 2011-03-23 23:04 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempSr2192.html 2013-06-16 16:42 - 2013-06-18 10:45 - 0002089 _____ () C:\Users\Dom\AppData\Local\TemptE2588.html 2011-08-31 14:09 - 2011-08-31 22:42 - 0002432 _____ () C:\Users\Dom\AppData\Local\TemptU2060.html 2011-07-15 15:26 - 2011-07-17 10:44 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempTW1172.html 2013-07-18 09:49 - 2013-07-18 09:50 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempUG2864.html 2011-09-02 11:42 - 2011-09-02 11:42 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempuY2188.html 2011-07-01 19:36 - 2011-07-01 19:36 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempvC3516.html 2013-06-08 01:42 - 2013-06-08 01:42 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempVs2700.html 2013-02-05 16:40 - 2013-02-06 01:25 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempvW2352.html 2011-08-31 22:43 - 2011-08-31 22:43 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempWD1580.html 2013-08-01 09:56 - 2013-08-01 09:56 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempWd2656.html 2011-06-14 16:52 - 2011-06-27 07:21 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempWd5812.html 2011-08-31 22:43 - 2011-08-31 22:43 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempWK1580.html 2013-06-12 10:42 - 2013-06-12 23:59 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempwL2800.html 2012-05-02 14:35 - 2012-05-02 14:35 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempwq5692.html 2012-08-14 16:25 - 2012-08-14 16:25 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempwV2240.html 2012-04-01 13:21 - 2012-04-01 13:21 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempWy1644.html 2012-06-02 21:08 - 2012-06-02 21:08 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempXd4612.html 2013-02-10 22:36 - 2013-02-10 22:36 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempXF2760.html 2011-08-31 14:09 - 2011-08-31 22:42 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempXh2060.html 2012-11-25 13:06 - 2012-12-02 00:42 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempxh2116.html 2012-08-14 16:25 - 2012-08-14 16:25 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempxn2240.html 2013-03-20 09:45 - 2013-04-04 10:06 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempXw2416.html 2012-05-14 06:55 - 2012-05-19 16:07 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempya1308.html 2013-06-12 10:42 - 2013-06-12 23:59 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempYb2800.html 2012-09-19 16:56 - 2012-09-22 10:07 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempyp3800.html 2012-10-30 13:10 - 2012-11-09 18:03 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempYp9828.html 2013-02-13 09:17 - 2013-02-24 19:20 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempys2572.html 2013-07-18 09:49 - 2013-07-18 09:50 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempyT2864.html 2013-03-06 15:03 - 2013-03-12 15:24 - 0002432 _____ () C:\Users\Dom\AppData\Local\Tempyw2804.html 2011-06-27 15:55 - 2011-06-27 15:55 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempzA2060.html 2011-03-03 14:03 - 2011-03-03 14:03 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempzc5472.html 2013-06-12 09:43 - 2013-06-12 09:43 - 0002089 _____ () C:\Users\Dom\AppData\Local\Tempze2412.html 2013-05-13 14:36 - 2013-05-13 14:36 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempzE2560.html 2012-05-19 16:09 - 2012-05-19 16:09 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempzF2184.html 2012-05-14 06:55 - 2012-05-19 16:07 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempZh1308.html 2011-07-04 07:16 - 2011-07-04 07:16 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempZj2064.html 2013-03-05 02:49 - 2013-03-06 01:34 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempzO2664.html 2013-06-12 09:43 - 2013-06-12 09:43 - 0002432 _____ () C:\Users\Dom\AppData\Local\TempZr2412.html 2012-07-06 17:19 - 2012-07-06 17:21 - 0002089 _____ () C:\Users\Dom\AppData\Local\TempZtq552.html ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-03 22:15 ==================== End Of Log ============================