Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-07-2013
Ran by antenka (administrator) on 23-07-2013 17:12:20
Running from D:\Bezpieczeństwo\X\FRST
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [AVP] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe [206448 2013-06-28] (Kaspersky Lab ZAO)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1464536 2013-07-08] (COMODO)
Winlogon\Notify\klogon: C:\Windows\system32\klogon.dll (Kaspersky Lab ZAO)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox]  ATTENTION! ====> ZeroAccess?
HKCU\...\Run: [Google Update] - C:\Users\antenka\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-17] (Google Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\antenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - %programfiles%\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~1\ALLYOU~1\ALLYOU~1.DLL (ALLCinema Ltd.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1

Chrome: 
=======
CHR DefaultSearchURL: (Delta Search) - http://www.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=103f5ce300000000000000241d122ea2
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\antenka\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\antenka\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\antenka\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\antenka\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Kaspersky URL Advisor) - C:\Users\antenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0
CHR Extension: (Virtual Keyboard) - C:\Users\antenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0
CHR Extension: (Anti-Banner) - C:\Users\antenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\urladvisor.crx
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\virtkbd.crx
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\ab.crx

========================== Services (Whitelisted) =================

R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe [206448 2013-06-28] (Kaspersky Lab ZAO)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4801304 2013-07-08] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [127192 2013-06-18] (COMODO)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] ()

==================== Drivers (Whitelisted) ====================

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2013-06-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [582936 2013-07-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43728 2013-06-18] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-07-22] (Disc Soft Ltd)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [85464 2013-06-18] (COMODO)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [133208 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11352 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [586072 2013-06-28] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [23856 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [19984 2009-11-02] (Kaspersky Lab)
S1 jtgsqryi; \??\C:\Windows\system32\drivers\jtgsqryi.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-23 17:11 - 2013-07-23 17:11 - 00000000 ____D C:\FRST
2013-07-23 08:17 - 2013-07-23 16:40 - 00000112 _____ C:\Windows\setupact.log
2013-07-23 08:17 - 2013-07-23 08:17 - 00000000 _____ C:\Windows\setuperr.log
2013-07-23 08:16 - 2013-07-23 08:16 - 00413432 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-22 20:14 - 2013-07-22 20:14 - 00001896 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-07-22 20:13 - 2013-07-22 20:13 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-07-22 20:13 - 2013-07-22 20:13 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-07-22 20:09 - 2013-07-22 20:09 - 00000965 _____ C:\Users\antenka\Desktop\CCleaner.lnk
2013-07-22 20:09 - 2013-07-22 20:09 - 00000000 ____D C:\Users\antenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2013-07-22 20:09 - 2013-07-22 20:09 - 00000000 ____D C:\Program Files\CCleaner
2013-07-22 20:08 - 2013-07-22 20:08 - 04396440 _____ (Piriform Ltd) C:\Users\antenka\Downloads\ccsetup403.exe
2013-07-22 19:45 - 2013-07-22 19:46 - 13867192 _____ (Disc Soft Ltd) C:\Users\antenka\Downloads\DTLite4471-0335(dobreprogramy.pl).exe
2013-07-22 19:43 - 2013-07-22 19:43 - 00000000 _____ C:\Users\antenka\defogger_reenable
2013-07-13 23:23 - 2013-07-13 23:23 - 00017681 _____ C:\Users\antenka\Desktop\user_image.jpeg
2013-07-13 11:07 - 2013-07-13 11:08 - 00000640 __RSH C:\Users\antenka\ntuser.pol
2013-07-09 06:59 - 2013-07-09 06:59 - 00000000 ____D C:\Users\antenka\Documents\Notesy programu OneNote
2013-06-28 20:32 - 2013-07-21 20:59 - 00001947 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2013-06-28 20:32 - 2013-06-28 20:32 - 00000593 _____ C:\Users\Public\Desktop\Współdzielona przestrzeń.lnk
2013-06-28 20:30 - 2013-06-28 20:32 - 00000000 ___SD C:\ProgramData\Shared Space
2013-06-28 20:30 - 2013-06-28 20:32 - 00000000 ____D C:\ProgramData\Comodo
2013-06-28 20:30 - 2013-06-28 20:30 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-06-28 20:30 - 2013-06-28 20:30 - 00000000 ____D C:\Program Files\COMODO
2013-06-28 20:29 - 2013-06-28 20:29 - 00000000 ____D C:\WINSSLog
2013-06-28 18:14 - 2013-06-28 18:14 - 00000000 ____D C:\Users\antenka\AppData\Roaming\Malwarebytes
2013-06-28 18:13 - 2013-06-28 18:13 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-28 18:13 - 2013-06-28 18:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-28 18:13 - 2013-06-28 18:13 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-28 18:13 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-06-28 00:01 - 2013-06-28 00:01 - 00017408 _____ C:\Users\antenka\AppData\Local\WebpageIcons.db
2013-06-27 23:59 - 2013-06-28 17:45 - 00116189 _____ C:\Windows\system32\Drivers\klin.dat
2013-06-27 23:59 - 2013-06-28 17:45 - 00098168 _____ C:\Windows\system32\Drivers\klick.dat
2013-06-27 23:58 - 2013-07-23 16:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-06-27 23:58 - 2013-06-28 17:45 - 00586072 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2013-06-27 23:58 - 2013-06-27 23:58 - 00000000 ____D C:\Program Files\Kaspersky Lab
2013-06-27 23:50 - 2013-07-21 20:18 - 00000000 ____D C:\Program Files\SpywareBlaster
2013-06-27 23:50 - 2013-06-27 23:50 - 00001037 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2013-06-27 23:50 - 2013-06-27 23:50 - 00000000 ____D C:\ProgramData\Licenses
2013-06-27 23:35 - 2013-06-27 23:35 - 00000000 ____D C:\ProgramData\Sun
2013-06-27 23:35 - 2013-06-27 23:35 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-27 23:35 - 2013-06-27 23:34 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-06-27 23:35 - 2013-06-27 23:34 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-06-27 23:35 - 2013-06-27 23:34 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-06-27 23:35 - 2013-06-27 23:34 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-06-27 23:35 - 2013-06-27 23:34 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-06-27 23:33 - 2013-06-27 23:33 - 00000000 ____D C:\Windows\system32\Adobe
2013-06-27 23:19 - 2013-06-27 23:19 - 00001863 _____ C:\Users\antenka\Desktop\xp-AntiSpy.lnk
2013-06-27 23:19 - 2013-06-27 23:19 - 00000000 ____D C:\Users\antenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy
2013-06-27 23:19 - 2013-06-27 23:19 - 00000000 ____D C:\Program Files\xp-AntiSpy
2013-06-26 22:59 - 2013-06-26 22:59 - 00000050 _____ C:\Users\antenka\Downloads\.directory
2013-06-26 22:59 - 2013-06-26 22:59 - 00000050 _____ C:\Users\antenka\.directory

==================== One Month Modified Files and Folders =======

2013-07-23 17:13 - 2013-02-17 23:46 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3568870015-572844307-238444036-1000UA.job
2013-07-23 17:11 - 2013-07-23 17:11 - 00000000 ____D C:\FRST
2013-07-23 16:55 - 2013-06-27 23:58 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-23 16:50 - 2013-02-11 15:37 - 01636056 _____ C:\Windows\WindowsUpdate.log
2013-07-23 16:47 - 2009-07-14 06:34 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-23 16:47 - 2009-07-14 06:34 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-23 16:40 - 2013-07-23 08:17 - 00000112 _____ C:\Windows\setupact.log
2013-07-23 16:40 - 2013-02-11 16:53 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-23 16:40 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-23 11:40 - 2013-02-11 15:52 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-23 11:12 - 2013-02-17 23:46 - 00001014 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3568870015-572844307-238444036-1000Core.job
2013-07-23 08:24 - 2011-04-12 07:08 - 00701022 _____ C:\Windows\system32\perfh015.dat
2013-07-23 08:24 - 2011-04-12 07:08 - 00136040 _____ C:\Windows\system32\perfc015.dat
2013-07-23 08:24 - 2010-11-20 23:01 - 01558380 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-23 08:17 - 2013-07-23 08:17 - 00000000 _____ C:\Windows\setuperr.log
2013-07-23 08:16 - 2013-07-23 08:16 - 00413432 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-22 20:15 - 2013-02-11 16:48 - 00000000 ____D C:\Users\antenka\AppData\Roaming\DAEMON Tools Lite
2013-07-22 20:14 - 2013-07-22 20:14 - 00001896 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-07-22 20:14 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-22 20:14 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\DriverStore
2013-07-22 20:13 - 2013-07-22 20:13 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-07-22 20:13 - 2013-07-22 20:13 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-07-22 20:09 - 2013-07-22 20:09 - 00000965 _____ C:\Users\antenka\Desktop\CCleaner.lnk
2013-07-22 20:09 - 2013-07-22 20:09 - 00000000 ____D C:\Users\antenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2013-07-22 20:09 - 2013-07-22 20:09 - 00000000 ____D C:\Program Files\CCleaner
2013-07-22 20:09 - 2013-02-11 15:47 - 00000000 ___RD C:\Users\antenka\Desktop
2013-07-22 20:08 - 2013-07-22 20:08 - 04396440 _____ (Piriform Ltd) C:\Users\antenka\Downloads\ccsetup403.exe
2013-07-22 19:46 - 2013-07-22 19:45 - 13867192 _____ (Disc Soft Ltd) C:\Users\antenka\Downloads\DTLite4471-0335(dobreprogramy.pl).exe
2013-07-22 19:43 - 2013-07-22 19:43 - 00000000 _____ C:\Users\antenka\defogger_reenable
2013-07-22 19:43 - 2013-02-11 15:47 - 00000000 ____D C:\Users\antenka
2013-07-21 21:00 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-07-21 20:59 - 2013-06-28 20:32 - 00001947 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2013-07-21 20:18 - 2013-06-27 23:50 - 00000000 ____D C:\Program Files\SpywareBlaster
2013-07-13 23:23 - 2013-07-13 23:23 - 00017681 _____ C:\Users\antenka\Desktop\user_image.jpeg
2013-07-13 18:16 - 2013-02-17 23:49 - 00002336 _____ C:\Users\antenka\Desktop\Google Chrome.lnk
2013-07-13 12:01 - 2013-02-17 23:49 - 00000000 ____D C:\Users\antenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-07-13 12:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp
2013-07-13 12:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2013-07-13 11:58 - 2013-02-11 17:39 - 00000000 ____D C:\Program Files\Opera
2013-07-13 11:08 - 2013-07-13 11:07 - 00000640 __RSH C:\Users\antenka\ntuser.pol
2013-07-13 11:07 - 2009-07-14 04:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-07-09 06:59 - 2013-07-09 06:59 - 00000000 ____D C:\Users\antenka\Documents\Notesy programu OneNote
2013-07-08 22:59 - 2013-06-18 16:16 - 00582936 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2013-06-29 22:32 - 2013-02-11 18:10 - 00000000 ____D C:\Users\antenka\AppData\Roaming\Winamp
2013-06-28 20:32 - 2013-06-28 20:32 - 00000593 _____ C:\Users\Public\Desktop\Współdzielona przestrzeń.lnk
2013-06-28 20:32 - 2013-06-28 20:30 - 00000000 ___SD C:\ProgramData\Shared Space
2013-06-28 20:32 - 2013-06-28 20:30 - 00000000 ____D C:\ProgramData\Comodo
2013-06-28 20:30 - 2013-06-28 20:30 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-06-28 20:30 - 2013-06-28 20:30 - 00000000 ____D C:\Program Files\COMODO
2013-06-28 20:29 - 2013-06-28 20:29 - 00000000 ____D C:\WINSSLog
2013-06-28 20:29 - 2013-02-11 18:11 - 00002115 _____ C:\Windows\epplauncher.mif
2013-06-28 20:26 - 2013-02-11 18:10 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-06-28 19:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-28 18:14 - 2013-06-28 18:14 - 00000000 ____D C:\Users\antenka\AppData\Roaming\Malwarebytes
2013-06-28 18:13 - 2013-06-28 18:13 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-28 18:13 - 2013-06-28 18:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-28 18:13 - 2013-06-28 18:13 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-28 17:45 - 2013-06-27 23:59 - 00116189 _____ C:\Windows\system32\Drivers\klin.dat
2013-06-28 17:45 - 2013-06-27 23:59 - 00098168 _____ C:\Windows\system32\Drivers\klick.dat
2013-06-28 17:45 - 2013-06-27 23:58 - 00586072 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2013-06-28 00:01 - 2013-06-28 00:01 - 00017408 _____ C:\Users\antenka\AppData\Local\WebpageIcons.db
2013-06-27 23:58 - 2013-06-27 23:58 - 00000000 ____D C:\Program Files\Kaspersky Lab
2013-06-27 23:50 - 2013-06-27 23:50 - 00001037 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2013-06-27 23:50 - 2013-06-27 23:50 - 00000000 ____D C:\ProgramData\Licenses
2013-06-27 23:48 - 2013-02-12 12:57 - 00000000 ____D C:\Windows\Minidump
2013-06-27 23:48 - 2013-02-11 15:52 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-06-27 23:48 - 2013-02-11 15:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-06-27 23:48 - 2013-02-11 15:33 - 00000000 ____D C:\Windows\Panther
2013-06-27 23:35 - 2013-06-27 23:35 - 00000000 ____D C:\ProgramData\Sun
2013-06-27 23:35 - 2013-06-27 23:35 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-27 23:34 - 2013-06-27 23:35 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-06-27 23:34 - 2013-06-27 23:35 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-06-27 23:34 - 2013-06-27 23:35 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-06-27 23:34 - 2013-06-27 23:35 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-06-27 23:34 - 2013-06-27 23:35 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-06-27 23:34 - 2013-02-11 18:10 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-06-27 23:34 - 2013-02-11 18:10 - 00000000 ____D C:\Program Files\Java
2013-06-27 23:33 - 2013-06-27 23:33 - 00000000 ____D C:\Windows\system32\Adobe
2013-06-27 23:19 - 2013-06-27 23:19 - 00001863 _____ C:\Users\antenka\Desktop\xp-AntiSpy.lnk
2013-06-27 23:19 - 2013-06-27 23:19 - 00000000 ____D C:\Users\antenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy
2013-06-27 23:19 - 2013-06-27 23:19 - 00000000 ____D C:\Program Files\xp-AntiSpy
2013-06-26 22:59 - 2013-06-26 22:59 - 00000050 _____ C:\Users\antenka\Downloads\.directory
2013-06-26 22:59 - 2013-06-26 22:59 - 00000050 _____ C:\Users\antenka\.directory

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3568870015-572844307-238444036-1000\$25e6fe6fb579b156243db9813a216d3e

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$25e6fe6fb579b156243db9813a216d3e

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
C:\Program Files\Microsoft Security Client\Backup => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client


LastRegBack: 2013-07-13 09:37

==================== End Of Log ============================