Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013 Ran by ingridka6 (administrator) on INGRIDKA66 on 24-09-2013 14:25:54 Running from C:\Users\ingridka6\Desktop Windows 7 Home Premium (X64) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (H+H Software GmbH) C:\Program Files (x86)\Virtual CD v9\System\vc9secs.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Huawei Technologies Co., Ltd.) C:\Users\ingridka6\AppData\Roaming\blueconnect\ouc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe (Huawei Technologies Co., Ltd.) C:\Program Files (x86)\blueconnect\DataCardMonitor.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated) HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [HW_OPENEYE_OUC_blueconnect] - C:\Program Files (x86)\blueconnect\UpdateDog\ouc.exe [110592 2009-06-23] (Huawei Technologies Co., Ltd.) MountPoints2: E - E:\autorun.exe MountPoints2: F - F:\S3\Autorun.exe MountPoints2: H - H:\AutoRun.exe MountPoints2: I - I:\AutoRun.exe MountPoints2: J - J:\AutoRun.exe MountPoints2: {1f5c7eb2-e12f-11df-9159-88ae1da36215} - H:\AutoRun.exe MountPoints2: {283023a4-bde3-11e0-a1e5-88ae1da36215} - H:\AutoRun.exe MountPoints2: {28302447-bde3-11e0-a1e5-88ae1da36215} - H:\AutoRun.exe MountPoints2: {28302464-bde3-11e0-a1e5-88ae1da36215} - H:\AutoRun.exe MountPoints2: {2830246e-bde3-11e0-a1e5-88ae1da36215} - H:\AutoRun.exe MountPoints2: {493de9f2-ab5b-11e2-bb77-88ae1da36215} - H:\AutoRun.exe MountPoints2: {52b442d9-c91b-11e0-9033-001e101fe5e1} - H:\AutoRun.exe MountPoints2: {5a9c2f00-d84b-11e2-8828-88ae1da36215} - H:\AutoRun.exe MountPoints2: {5a9c2f10-d84b-11e2-8828-88ae1da36215} - I:\AutoRun.exe MountPoints2: {5a9c31d6-d84b-11e2-8828-88ae1da36215} - I:\AutoRun.exe MountPoints2: {62e4f64e-856c-11e1-9178-88ae1da36215} - J:\DTLplus_Launcher.exe MountPoints2: {6676f1ac-b01c-11e2-beb2-88ae1da36215} - H:\AutoRun.exe MountPoints2: {6676f1d4-b01c-11e2-beb2-88ae1da36215} - H:\AutoRun.exe MountPoints2: {83d52aa9-b19c-11e2-a8b6-88ae1da36215} - H:\AutoRun.exe MountPoints2: {83d52ac0-b19c-11e2-a8b6-88ae1da36215} - H:\AutoRun.exe MountPoints2: {84ad198a-b8bb-11e2-8424-88ae1da36215} - H:\AutoRun.exe MountPoints2: {876bd63f-e69f-11df-b7fa-88ae1da36215} - H:\AutoRun.exe MountPoints2: {8b492689-a475-11e2-a6e4-88ae1da36215} - H:\AutoRun.exe MountPoints2: {8b49269d-a475-11e2-a6e4-88ae1da36215} - H:\AutoRun.exe MountPoints2: {8b4926aa-a475-11e2-a6e4-88ae1da36215} - H:\AutoRun.exe MountPoints2: {8b4926b8-a475-11e2-a6e4-88ae1da36215} - I:\AutoRun.exe MountPoints2: {97326c8c-a9d0-11e2-b71c-88ae1da36215} - H:\AutoRun.exe MountPoints2: {a524112c-b0df-11e2-a4c2-88ae1da36215} - H:\AutoRun.exe MountPoints2: {a5241138-b0df-11e2-a4c2-88ae1da36215} - H:\AutoRun.exe MountPoints2: {a5241146-b0df-11e2-a4c2-88ae1da36215} - H:\AutoRun.exe MountPoints2: {a5241159-b0df-11e2-a4c2-88ae1da36215} - H:\AutoRun.exe MountPoints2: {b8e69cda-d882-11e0-a16a-18f46a0c91bb} - H:\AutoRun.exe MountPoints2: {b919257e-d86b-11e0-ab5c-88ae1da36215} - H:\AutoRun.exe MountPoints2: {be9e038b-d886-11df-b41d-18f46a0c91bb} - E:\AutoRun.exe MountPoints2: {be9e03bc-d886-11df-b41d-88ae1da36215} - H:\AutoRun.exe MountPoints2: {c4d7f94a-d892-11e0-bc41-18f46a0c91bb} - H:\AutoRun.exe MountPoints2: {c75b232e-b885-11e2-b9e2-88ae1da36215} - H:\AutoRun.exe MountPoints2: {d0e91864-e74a-11e0-bc0a-18f46a0c91bb} - H:\AutoRun.exe MountPoints2: {e61ac3c6-b0e1-11e2-bec5-88ae1da36215} - H:\AutoRun.exe MountPoints2: {ea77eb75-a41b-11e2-bac0-806e6f6e6963} - H:\AutoRun.exe MountPoints2: {ea77ebc5-a41b-11e2-bac0-88ae1da36215} - H:\AutoRun.exe MountPoints2: {f3935570-df9f-11e0-b433-88ae1da36215} - H:\AutoRun.exe MountPoints2: {ff2142b7-db3a-11e2-9069-88ae1da36215} - I:\AutoRun.exe HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation) HKLM-x32\...\Run: [DataCardMonitor] - C:\Program Files (x86)\blueconnect\DataCardMonitor.exe [253952 2013-06-18] (Huawei Technologies Co., Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default HKU\Gość\...\Run: [HW_OPENEYE_OUC_blueconnect] - C:\Program Files (x86)\blueconnect\UpdateDog\ouc.exe [110592 2009-06-23] (Huawei Technologies Co., Ltd.) HKU\Gość\...\Run: [ALLUpdate] - "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" HKU\Gość\...\Run: [Facebook Update] - "C:\Users\ingridka6\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=443618F46A0C91BB&affID=121284&tsp=4987 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&m=aspire_5742z&r=27361010x155l0494z1l5v47k21509 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&m=aspire_5742z&r=27361010x155l0494z1l5v47k21509 URLSearchHook: (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File URLSearchHook: (No Name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=443618F46A0C91BB&affID=121284&tsp=4987 SearchScopes: HKCU - {E97F0687-35E0-48F3-80F9-D0ABD1993AF7} URL = http://us.yhs4.search.yahoo.com/yhs/search?hsimp=yhs-affiliate_a&hspart=greentree&type=616163_yhs2tst&p={searchTerms} BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No File Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File Toolbar: HKCU - No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\Parameters: [DhcpNameServer] 194.204.159.1 194.204.152.34 Chrome: ======= CHR HomePage: hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=443618F46A0C91BB&affID=121284&tsp=4987 CHR RestoreOnStartup: "hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=443618F46A0C91BB&affID=121284&tsp=4987" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll () CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) CHR Extension: (AdBlock) - C:\Users\INGRID~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0 CHR Extension: () - C:\Users\INGRID~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjajpkikblccgefaibcafkfbanllpefi\1.0.0.2 CHR HKLM-x32\...\Chrome\Extension: [gjajpkikblccgefaibcafkfbanllpefi] - C:\Users\ingridka6\AppData\Roaming\7go\7go.crx ==================== Services (Whitelisted) ================= R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2028864 2012-03-29] (TuneUp Software) R2 VC9SecS; C:\Program Files (x86)\Virtual CD v9\System\vc9secs.exe [132416 2007-12-03] (H+H Software GmbH) ==================== Drivers (Whitelisted) ==================== R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.) S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-22] (Huawei Technologies Co., Ltd.) S3 HH9Help.sys; C:\Windows\system32\drivers\HH9Help.sys [24344 2007-01-23] (H+H Software GmbH) S3 HH9Help.sys; C:\Windows\system32\drivers\HH9Help.sys [24344 2007-01-23] (H+H Software GmbH) S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.) R1 networx; C:\Windows\System32\drivers\networx.sys [58360 2013-01-25] (NetFilterSDK.com) R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [11856 2012-02-13] (TuneUp Software) R3 vcd9bus; C:\Windows\System32\DRIVERS\vcd9bus.sys [40216 2007-01-23] (H+H Software GmbH) R1 vdrv9000; C:\Windows\System32\DRIVERS\vdrv9000.sys [128528 2007-11-14] (H+H Software GmbH) U3 DfSdkS; S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x] S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-24 14:25 - 2013-09-24 14:25 - 00000000 ____D C:\FRST 2013-09-24 14:23 - 2013-09-24 14:23 - 01955802 _____ (Farbar) C:\Users\ingridka6\Desktop\FRST64.exe 2013-09-18 21:02 - 2013-09-18 21:02 - 00000690 _____ C:\Users\ingridka6\Desktop\gitaRRRRa — skrót.lnk 2013-09-18 17:55 - 2013-09-18 18:08 - 00000812 _____ C:\Users\ingridka6\Desktop\ZLECENIE.txt 2013-09-12 22:40 - 2013-09-15 21:10 - 00009887 _____ C:\Users\ingridka6\Desktop\Zeszyt1.xlsx 2013-09-09 13:41 - 2013-09-09 13:41 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011 2013-09-08 15:27 - 2013-09-24 13:26 - 00002184 _____ C:\Windows\setupact.log 2013-09-08 15:27 - 2013-09-18 19:51 - 00001170 _____ C:\Windows\PFRO.log 2013-09-08 15:00 - 2013-09-08 15:11 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2011 2013-09-08 15:00 - 2013-09-08 15:00 - 00002223 _____ C:\Users\ingridka6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk 2013-09-08 15:00 - 2013-09-08 15:00 - 00002203 _____ C:\Users\ingridka6\Desktop\TuneUp Konserwacja 1 kliknięciem.lnk 2013-09-08 15:00 - 2013-09-08 15:00 - 00002193 _____ C:\Users\ingridka6\Desktop\TuneUp Utilities 2011.lnk 2013-09-08 15:00 - 2013-09-08 15:00 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011 2013-09-08 15:00 - 2012-03-29 15:50 - 00034624 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe 2013-09-08 15:00 - 2012-03-29 15:40 - 00036160 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll 2013-09-08 15:00 - 2012-03-29 15:40 - 00029504 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll 2013-09-08 15:00 - 2012-03-29 15:40 - 00025920 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll 2013-09-08 15:00 - 2012-03-29 15:40 - 00021312 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll 2013-09-08 14:58 - 2013-09-08 15:01 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-09-08 14:57 - 2013-09-08 14:57 - 00000000 __SHD C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} 2013-09-08 10:14 - 2013-09-08 10:14 - 00000630 _____ C:\Users\ingridka6\Desktop\mp3.lnk 2013-09-08 09:47 - 2013-09-08 09:47 - 00000000 ____D C:\Users\ingridka6\AppData\Local\Ashampoo 2013-09-05 01:43 - 2013-09-05 01:43 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys 2013-08-27 23:30 - 2013-09-08 16:21 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\BabSolution 2013-08-27 23:30 - 2013-08-28 01:55 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\PerformerSoft 2013-08-27 23:30 - 2013-08-27 23:31 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\7go 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\SpeedAnalysis2 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\SeeSimilar02 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\File Scout 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\Babylon 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\ProgramData\IBUpdaterService 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\ProgramData\Babylon 2013-08-27 23:30 - 2013-06-19 14:58 - 00019456 _____ (PerformerSoft LLC) C:\Windows\system32\roboot64.exe 2013-08-27 10:44 - 2013-09-21 17:38 - 00000000 ____D C:\Users\ingridka6\Desktop\nowe 2013-08-26 19:12 - 2013-07-12 11:29 - 00688636 _____ C:\Users\ingridka6\Desktop\Mc_SP_1.6.exe 2013-08-26 19:03 - 2013-08-26 19:03 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin 2013-08-25 11:50 - 2013-08-25 11:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi ==================== One Month Modified Files and Folders ======= 2013-09-24 14:25 - 2013-09-24 14:25 - 00000000 ____D C:\FRST 2013-09-24 14:23 - 2013-09-24 14:23 - 01955802 _____ (Farbar) C:\Users\ingridka6\Desktop\FRST64.exe 2013-09-24 14:01 - 2012-05-03 15:02 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-24 13:52 - 2010-10-15 21:37 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-24 13:34 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-24 13:34 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-24 13:30 - 2010-09-24 23:38 - 02004508 _____ C:\Windows\WindowsUpdate.log 2013-09-24 13:27 - 2012-11-03 21:47 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2013-09-24 13:27 - 2010-10-15 21:37 - 00001050 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-24 13:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-24 13:26 - 2013-09-08 15:27 - 00002184 _____ C:\Windows\setupact.log 2013-09-24 12:50 - 2012-01-24 14:21 - 00000000 ____D C:\Users\ingridka6\Desktop\baleriny 2013-09-24 12:17 - 2011-01-03 19:02 - 00000000 ____D C:\ProgramData\MFAData 2013-09-24 08:45 - 2010-10-16 11:31 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{89B06E43-AB3B-44D0-A291-2D08C6B55C46} 2013-09-24 08:22 - 2010-09-25 00:31 - 00743280 _____ C:\Windows\system32\perfh015.dat 2013-09-24 08:22 - 2010-09-25 00:31 - 00156730 _____ C:\Windows\system32\perfc015.dat 2013-09-24 08:22 - 2009-07-14 07:13 - 01676974 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-21 20:08 - 2011-08-01 10:34 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\.minecraft 2013-09-21 19:14 - 2010-11-11 14:51 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-21 17:38 - 2013-08-27 10:44 - 00000000 ____D C:\Users\ingridka6\Desktop\nowe 2013-09-18 23:42 - 2010-10-15 21:34 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\Skype 2013-09-18 23:41 - 2011-01-07 19:47 - 00000000 ____D C:\Users\ingridka6\Documents\FotoMix Projects 2013-09-18 21:54 - 2010-10-16 21:31 - 00000000 ___RD C:\Users\ingridka6\Desktop\Widget 2013-09-18 21:02 - 2013-09-18 21:02 - 00000690 _____ C:\Users\ingridka6\Desktop\gitaRRRRa — skrót.lnk 2013-09-18 20:51 - 2013-06-21 11:22 - 00000000 ____D C:\ProgramData\Corel 2013-09-18 19:51 - 2013-09-08 15:27 - 00001170 _____ C:\Windows\PFRO.log 2013-09-18 18:08 - 2013-09-18 17:55 - 00000812 _____ C:\Users\ingridka6\Desktop\ZLECENIE.txt 2013-09-17 22:58 - 2011-09-18 21:39 - 00000000 ____D C:\Users\Gość 2013-09-17 22:16 - 2013-01-29 20:11 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\Dev-Cpp 2013-09-15 21:10 - 2013-09-12 22:40 - 00009887 _____ C:\Users\ingridka6\Desktop\Zeszyt1.xlsx 2013-09-09 13:41 - 2013-09-09 13:41 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011 2013-09-08 21:21 - 2013-07-20 19:31 - 00000000 ____D C:\Users\ingridka6\Desktop\Majcuś 2013-09-08 21:21 - 2010-10-15 21:51 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\FileZilla 2013-09-08 17:22 - 2012-11-03 21:38 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\TuneUp Software 2013-09-08 16:21 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\BabSolution 2013-09-08 15:11 - 2013-09-08 15:00 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2011 2013-09-08 15:01 - 2013-09-08 14:58 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-09-08 15:00 - 2013-09-08 15:00 - 00002223 _____ C:\Users\ingridka6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk 2013-09-08 15:00 - 2013-09-08 15:00 - 00002203 _____ C:\Users\ingridka6\Desktop\TuneUp Konserwacja 1 kliknięciem.lnk 2013-09-08 15:00 - 2013-09-08 15:00 - 00002193 _____ C:\Users\ingridka6\Desktop\TuneUp Utilities 2011.lnk 2013-09-08 15:00 - 2013-09-08 15:00 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011 2013-09-08 14:57 - 2013-09-08 14:57 - 00000000 __SHD C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} 2013-09-08 10:14 - 2013-09-08 10:14 - 00000630 _____ C:\Users\ingridka6\Desktop\mp3.lnk 2013-09-08 09:47 - 2013-09-08 09:47 - 00000000 ____D C:\Users\ingridka6\AppData\Local\Ashampoo 2013-09-08 09:38 - 2013-06-21 11:27 - 00000000 ____D C:\ProgramData\Protexis 2013-09-05 20:05 - 2009-07-14 07:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-09-05 13:52 - 2013-06-21 08:36 - 00000000 ____D C:\Users\ingridka6\Desktop\napr 2013-09-05 01:43 - 2013-09-05 01:43 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys 2013-09-04 20:18 - 2013-02-25 23:16 - 00000000 ____D C:\Users\ingridka6\AppData\Local\LogMeIn Hamachi 2013-08-28 01:55 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\PerformerSoft 2013-08-27 23:31 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\7go 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\SpeedAnalysis2 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\SeeSimilar02 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\File Scout 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\Babylon 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\ProgramData\IBUpdaterService 2013-08-27 23:30 - 2013-08-27 23:30 - 00000000 ____D C:\ProgramData\Babylon 2013-08-27 23:30 - 2011-06-23 11:59 - 00000000 ____D C:\Users\ingridka6\AppData\Roaming\Mozilla 2013-08-26 19:03 - 2013-08-26 19:03 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin 2013-08-25 11:50 - 2013-08-25 11:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi Some content of TEMP: ==================== C:\Users\ingridka6\AppData\Local\Temp\nowegg.upgr.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-22 23:23 ==================== End Of Log ============================