Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014 Ran by HP (administrator) on HP-LAPTOP on 11-09-2014 21:35:30 Running from C:\Users\HP\Desktop\wirus Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc2.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (AMD) C:\Windows\System32\atieclxx.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeTray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE () C:\Program Files (x86)\iSafe\ipcdl.exe (Microsoft Corporation) C:\Windows\System32\WerFault.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe () C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Redefine Sp z o.o.) C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.) C:\Program Files (x86)\ipla\iplabrowser.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803496 2011-06-24] (Synaptics Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-27] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation) HKLM-x32\...\Run: [AutoEJCD_0ACE20FF] => C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE [40960 2012-02-25] () HKLM-x32\...\Run: [NSU_agent] => C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] () HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1167360 2009-08-03] (Brother Industries, Ltd.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-10] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-544182260-2193072089-3567993724-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-09-01] (Glarysoft Ltd) ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: Uchwyt nakładania ikony podpisu cyfrowego -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) BootExecute: autocheck autochk * BootDefrag.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {640A5880-642C-41FC-8281-073BE9650C9D} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN20725252785441155&UM=1 SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: Advertising Cookie Opt-out -> {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} -> C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll (Google Inc) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Advertising Cookie Opt-out -> {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} -> C:\Program Files (x86)\Google\Advertising Cookie Opt-out\opt_out.dll (Google Inc) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Tcpip\Parameters: [DhcpNameServer] 62.179.1.60 62.179.1.61 Tcpip\..\Interfaces\{3EA57523-5837-4257-A1B3-426BE9AEAEBC}: [NameServer] 89.108.202.21 89.108.195.21 Tcpip\..\Interfaces\{40694A35-C76E-4099-BD54-F708922C3017}: [NameServer] 89.108.202.20 89.108.195.20 Tcpip\..\Interfaces\{89FBDE0A-8B2D-42AC-A61D-A101AAA14C0C}: [NameServer] 89.108.195.20 89.108.202.20 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Users\HP\Desktop\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-08] Chrome: ======= CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (No Name) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-09] CHR Extension: (No Name) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-26] CHR Extension: (No Name) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26] CHR HKLM-x32\...\Chrome\Extension: [ajbfjlbjonnckokbmkeiammcgkdciial] - C:\Users\HP\AppData\Local\Temp\tbch.crx [] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-08] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17] CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\HP\AppData\Local\Temp\ccex.crx [2012-01-17] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [File not signed] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-08] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-09-08] (AVAST Software) S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2012-12-27] (Dassault Systèmes) [File not signed] R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [118048 2014-08-08] (Elex do Brasil Participações Ltda) R2 MSSQL$INSERTGT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation) S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2012-09-20] () S4 SQLAgent$INSERTGT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation) R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-08] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-09-08] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-08] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-09-08] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-08] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-08] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-08] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-10] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-08] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-08] () S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1065984 2008-04-19] (Atheros Communications, Inc.) S0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-09-01] (Glarysoft Ltd) R3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-09-07] (Glarysoft Ltd) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [229376 2012-09-20] (Huawei Technologies Co., Ltd.) R1 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [247488 2014-08-08] (Elex do Brasil Participações Ltda) S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45248 2014-08-08] (Elex do Brasil Participações Ltda) R1 iSafeKrnlKit; C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys [78016 2014-08-08] (Elex do Brasil Participações Ltda) R1 iSafeKrnlR3; C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys [65216 2014-08-08] (Elex do Brasil Participações Ltda) R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [49320 2014-08-06] (Elex do Brasil Participações Ltda) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1863680 2012-03-30] (Sonix Co. Ltd.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-07-07] (Duplex Secure Ltd.) U3 aw48spld; C:\Windows\System32\Drivers\aw48spld.sys [0 ] (Advanced Micro Devices) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X] S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-11 11:04 - 2014-09-11 11:04 - 00428124 _____ () C:\Users\HP\Desktop\Nowy dokument tekstowy.txt 2014-09-11 09:16 - 2014-09-11 09:16 - 00000000 ____D () C:\Users\HP\AppData\Roaming\eCyber 2014-09-10 23:43 - 2014-09-11 21:35 - 00000000 ____D () C:\Users\HP\Desktop\wirus 2014-09-10 23:27 - 2014-09-10 23:18 - 05185536 _____ (AVAST Software) C:\Users\HP\Desktop\aswmbr.exe 2014-09-10 23:15 - 2014-09-10 23:15 - 00000000 ____D () C:\Users\HP\AppData\Local\{6BA97C3E-D1C4-4565-B275-033D061310C7} 2014-09-10 23:05 - 2014-09-10 23:04 - 00247468 _____ () C:\Users\HP\Desktop\skaaaaan.jpeg 2014-09-10 22:54 - 2014-09-11 04:33 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-10 22:54 - 2014-09-10 23:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-09-10 22:54 - 2014-09-10 22:54 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-10 22:54 - 2014-09-10 22:54 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-10 22:43 - 2014-09-10 22:42 - 00342582 _____ () C:\Users\HP\Desktop\skan1.jpeg 2014-09-10 22:43 - 2014-09-10 22:41 - 00249490 _____ () C:\Users\HP\Desktop\skan3.jpeg 2014-09-10 22:43 - 2014-09-10 22:41 - 00122290 _____ () C:\Users\HP\Desktop\skan2.jpeg 2014-09-10 19:28 - 2014-09-10 19:28 - 14349744 _____ (Malwarebytes Corp.) C:\Users\HP\Desktop\mbar-1.07.0.1012.exe 2014-09-10 18:30 - 2014-09-11 21:35 - 00000000 ____D () C:\FRST 2014-09-10 18:28 - 2014-09-11 21:33 - 00000000 ____D () C:\Users\HP\Desktop\raporty 2014-09-10 18:05 - 2014-09-10 18:05 - 00854417 _____ () C:\Users\HP\Desktop\SecurityCheck.exe 2014-09-10 18:04 - 2014-09-10 18:04 - 00380416 _____ () C:\Users\HP\Desktop\nkegnm4e.exe 2014-09-10 03:07 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-10 03:07 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-10 03:07 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-10 03:07 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-10 03:07 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-10 03:07 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-10 03:07 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-10 03:07 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-10 03:07 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-10 03:07 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-10 03:07 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-10 03:07 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-10 03:07 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-10 03:07 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-10 03:07 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-10 03:07 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-10 03:07 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-10 03:07 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-10 03:07 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-10 03:07 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-10 03:07 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-10 03:07 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-10 03:07 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-10 03:07 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-10 03:07 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-10 03:07 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-10 03:07 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-10 03:06 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-10 03:06 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-10 03:06 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-10 03:06 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-10 03:06 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-10 03:06 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-10 03:06 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-10 03:06 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-10 03:06 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-10 03:06 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-10 03:06 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-10 03:06 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-10 03:06 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-10 03:06 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-10 03:06 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-10 03:06 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-10 03:06 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-10 03:06 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-10 03:06 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-10 03:06 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-10 03:06 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-10 03:06 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-10 03:06 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-10 03:06 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-10 03:06 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-10 03:06 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-10 03:06 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-10 03:06 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-10 03:06 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-10 03:01 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-10 03:01 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-10 01:11 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-10 01:11 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-10 01:10 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-10 01:10 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-10 01:10 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-10 01:10 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-10 01:10 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-10 01:10 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-10 01:10 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-10 01:10 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-10 01:10 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-09 20:35 - 2014-08-10 19:21 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\HP\Desktop\spybot-2.4.exe 2014-09-09 20:30 - 2014-09-09 20:30 - 00000000 ____D () C:\ProgramData\Sophos 2014-09-09 20:29 - 2014-09-09 20:29 - 00003191 _____ () C:\Users\HP\Desktop\Sophos Virus Removal Tool.lnk 2014-09-09 20:29 - 2014-09-09 20:29 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos 2014-09-09 20:29 - 2014-09-09 20:29 - 00000000 ____D () C:\Program Files (x86)\Sophos 2014-09-09 20:26 - 2014-09-09 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC 2014-09-09 20:16 - 2014-09-11 21:08 - 00000000 ____D () C:\Program Files (x86)\iSafe 2014-09-09 20:16 - 2014-09-09 20:26 - 00001780 _____ () C:\Users\Public\Desktop\YAC.lnk 2014-09-09 20:16 - 2014-09-09 20:16 - 00000000 ____D () C:\Windows\system32\log 2014-09-09 20:16 - 2014-08-08 08:24 - 00045248 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys 2014-09-09 20:15 - 2014-09-11 09:16 - 00000000 ____D () C:\Users\HP\AppData\Roaming\iSafe 2014-09-09 20:05 - 2014-09-09 20:09 - 00000000 ____D () C:\AdwCleaner 2014-09-09 19:35 - 2014-09-09 19:35 - 00001186 _____ () C:\Users\HP\Desktop\CrystalDiskInfo.lnk 2014-09-09 19:35 - 2014-09-09 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2014-09-09 19:35 - 2014-09-09 19:35 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo 2014-09-09 19:35 - 2014-08-10 19:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\HP\Desktop\HijackThis_2.0.4.exe 2014-09-09 16:25 - 2014-09-09 16:25 - 00000000 ____D () C:\Users\HP\AppData\Roaming\AVAST Software 2014-09-09 16:20 - 2014-09-09 16:20 - 00002032 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk 2014-09-09 16:20 - 2014-09-09 16:20 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk 2014-09-09 16:20 - 2014-09-09 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-09-09 16:19 - 2014-09-11 20:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-09-09 16:19 - 2014-09-10 04:19 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-09-09 16:19 - 2014-09-08 23:40 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-09-09 16:19 - 2014-09-08 23:40 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-09-09 16:19 - 2014-09-08 23:40 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-09-09 16:19 - 2014-09-08 23:40 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-09-09 16:19 - 2014-09-08 23:40 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-09-09 16:19 - 2014-09-08 23:40 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-09-09 16:19 - 2014-09-08 23:40 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-09-09 16:19 - 2014-09-08 23:40 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-09-08 23:41 - 2014-09-10 03:31 - 00002426 _____ () C:\Windows\PFRO.log 2014-09-08 23:40 - 2014-09-08 23:40 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2014-09-08 23:40 - 2014-09-08 23:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-09-07 20:57 - 2014-09-11 15:10 - 00001008 _____ () C:\Windows\setupact.log 2014-09-07 20:57 - 2014-09-07 20:57 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-07 20:56 - 2014-09-11 15:09 - 1289065146 _____ () C:\Windows\MEMORY.DMP 2014-09-07 20:30 - 2014-09-07 20:30 - 00028567 _____ () C:\ComboFix.txt 2014-09-07 19:49 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-09-07 19:49 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-09-07 19:49 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-09-07 19:49 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-09-07 19:49 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-09-07 19:49 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-09-07 19:49 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-09-07 19:49 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-09-07 19:37 - 2014-09-07 20:30 - 00000000 ____D () C:\Qoobox 2014-09-07 19:36 - 2014-09-07 20:02 - 00000000 ____D () C:\Windows\erdnt 2014-09-07 17:56 - 2014-09-07 17:56 - 00000000 ____D () C:\Users\HP\AppData\Roaming\DiskDefrag 2014-09-07 17:42 - 2014-09-07 17:43 - 00000000 ____D () C:\Users\HP\AppData\Local\{8F55C491-C893-4ECD-80CE-14ED81B0B2D9} 2014-09-07 17:28 - 2014-09-11 15:12 - 00000324 _____ () C:\Windows\Tasks\GlaryInitialize 5.job 2014-09-07 17:28 - 2014-09-07 17:28 - 00020672 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys 2014-09-07 17:28 - 2014-09-07 17:28 - 00002968 _____ () C:\Windows\System32\Tasks\GU5SkipUAC 2014-09-07 17:28 - 2014-09-07 17:28 - 00002616 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5 2014-09-07 17:28 - 2014-09-01 08:14 - 00118048 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe 2014-09-07 17:28 - 2014-09-01 08:10 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys 2014-09-07 17:26 - 2014-09-07 17:52 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5 2014-09-07 17:26 - 2014-09-07 17:26 - 00001105 _____ () C:\Users\HP\Desktop\Czyszczenie Rejestru.lnk 2014-09-07 17:26 - 2014-09-07 17:26 - 00001100 _____ () C:\Users\HP\Desktop\Autostart.lnk 2014-09-07 17:26 - 2014-09-07 17:26 - 00001080 _____ () C:\Users\HP\Desktop\Glary Utilities.lnk 2014-09-07 17:26 - 2014-09-07 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 2014-09-05 20:32 - 2014-09-05 20:32 - 00000000 ____D () C:\Users\HP\AppData\Local\{FEA35E47-1B87-4466-B125-D5BBAF97CDB0} 2014-09-04 20:59 - 2014-09-04 20:59 - 00000000 ____D () C:\Users\HP\AppData\Local\{DF3B373E-4FFB-4AF4-AD05-DA018A88BA3B} 2014-09-03 20:58 - 2014-09-03 20:59 - 00000000 ____D () C:\Users\HP\AppData\Local\{ED980169-F893-4997-9853-BE229845BA5B} 2014-09-02 18:57 - 2014-09-02 18:57 - 00000000 ____D () C:\Users\HP\AppData\Local\{14F5F1C5-9193-457F-A6CD-4B7370755E5B} 2014-09-02 06:57 - 2014-09-02 06:57 - 00000000 ____D () C:\Users\HP\AppData\Local\{09E4634A-26F9-41BC-9064-B1D06ABB3A78} 2014-09-01 14:47 - 2014-09-01 14:47 - 00000000 ____D () C:\Users\HP\AppData\Local\{CFAD275C-9A1D-4DDA-8304-3C4A4C0C7B56} 2014-08-31 21:15 - 2014-08-31 21:15 - 00000000 ____D () C:\Users\HP\AppData\Local\{6DE24241-A7D9-493C-8E5D-92B429018B0D} 2014-08-29 13:36 - 2014-08-29 13:36 - 00000000 ____D () C:\Users\HP\AppData\Local\{CB80ED2F-BB53-4AF7-9616-D4B8D9A7B7CB} 2014-08-29 00:49 - 2014-08-29 00:49 - 00000000 ____D () C:\Users\HP\AppData\Local\{15FE1B17-2A42-41D5-B7EB-0954413F7CBE} 2014-08-28 12:48 - 2014-08-28 12:48 - 00000000 ____D () C:\Users\HP\AppData\Local\{329FDC17-1D11-4DB2-AE96-E998D6297D0A} 2014-08-28 10:58 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 10:58 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 10:58 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-28 00:47 - 2014-08-28 00:48 - 00000000 ____D () C:\Users\HP\AppData\Local\{A61CD63A-8C48-4047-98B2-1D04F9B4E13C} 2014-08-27 12:46 - 2014-08-27 12:46 - 00000000 ____D () C:\Users\HP\AppData\Local\{9C9D2CF4-418E-4D52-AFDA-0224310502DD} 2014-08-26 22:38 - 2014-08-26 22:38 - 00000000 ____D () C:\Users\HP\AppData\Local\{C58961D2-4A6F-4388-8450-8DD0F5027537} 2014-08-26 10:37 - 2014-08-26 10:37 - 00000000 ____D () C:\Users\HP\AppData\Local\{30A74E94-9A5E-48FA-8541-65AD6EF3C2DB} 2014-08-25 21:35 - 2014-08-25 21:35 - 00000000 ____D () C:\Users\HP\AppData\Local\{AC74D1A6-35CE-499A-9DDA-B7B7C2B3F662} 2014-08-24 22:09 - 2014-08-24 22:09 - 00000000 ____D () C:\Users\HP\AppData\Local\{2E810782-FB84-4F4E-912B-CE800D418F1A} 2014-08-24 18:29 - 2014-08-24 18:29 - 00014073 _____ () C:\Users\HP\Desktop\kamienie.txt.srt 2014-08-21 23:14 - 2014-08-21 23:15 - 00000000 ____D () C:\Users\HP\Desktop\f 2014-08-21 22:33 - 2014-08-21 22:33 - 00000000 ____D () C:\Users\HP\AppData\Local\{1E158413-0403-41EE-8684-80684845F70E} 2014-08-20 20:14 - 2014-08-20 20:14 - 00000000 ____D () C:\Users\HP\AppData\Local\{030A64E9-16CA-4BF9-8F91-33DE00823BDC} 2014-08-20 00:11 - 2014-08-20 00:12 - 00000000 ____D () C:\Users\HP\AppData\Local\{603BFB69-4719-438F-916E-3AD0404E24C3} 2014-08-19 12:10 - 2014-08-19 12:11 - 00000000 ____D () C:\Users\HP\AppData\Local\{3968D098-6973-46F0-B030-A0154BAF559B} 2014-08-19 00:09 - 2014-08-19 00:09 - 00000000 ____D () C:\Users\HP\AppData\Local\{BD0F7015-A850-4285-BDA6-4A623E403A24} 2014-08-18 12:09 - 2014-08-18 12:09 - 00000000 ____D () C:\Users\HP\AppData\Local\{9BE1BFFE-F730-4643-87EE-7D6A0F8C53BC} 2014-08-17 09:06 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-17 09:06 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-17 09:06 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-17 09:06 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-17 09:06 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-17 09:06 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-17 09:05 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-17 09:05 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-14 13:21 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-14 13:21 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-14 13:21 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-14 13:21 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-14 13:21 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-14 13:21 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-14 13:21 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-14 13:21 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-14 13:21 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-14 13:20 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-14 13:20 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-14 13:20 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-14 13:18 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-14 13:18 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-11 21:35 - 2014-09-10 23:43 - 00000000 ____D () C:\Users\HP\Desktop\wirus 2014-09-11 21:35 - 2014-09-10 18:30 - 00000000 ____D () C:\FRST 2014-09-11 21:33 - 2014-09-10 18:28 - 00000000 ____D () C:\Users\HP\Desktop\raporty 2014-09-11 21:30 - 2011-10-04 12:26 - 01939187 _____ () C:\Windows\WindowsUpdate.log 2014-09-11 21:29 - 2012-03-04 23:47 - 00001040 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-11 21:24 - 2014-07-24 13:43 - 00000000 ____D () C:\ProgramData\ipla 2014-09-11 21:08 - 2014-09-09 20:16 - 00000000 ____D () C:\Program Files (x86)\iSafe 2014-09-11 21:01 - 2012-05-26 23:44 - 00000000 ____D () C:\Users\HP\AppData\Roaming\ipla 2014-09-11 20:55 - 2014-06-04 12:53 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-11 20:55 - 2014-06-04 12:53 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-11 20:55 - 2012-08-11 18:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-11 20:55 - 2011-10-06 19:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-11 20:54 - 2014-09-09 16:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-09-11 20:54 - 2011-10-04 13:42 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini 2014-09-11 15:20 - 2012-06-13 14:40 - 00000000 ____D () C:\Windows\Minidump 2014-09-11 15:19 - 2009-07-14 06:45 - 00027216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-11 15:19 - 2009-07-14 06:45 - 00027216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-11 15:12 - 2014-09-07 17:28 - 00000324 _____ () C:\Windows\Tasks\GlaryInitialize 5.job 2014-09-11 15:11 - 2012-03-04 23:47 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-11 15:10 - 2014-09-07 20:57 - 00001008 _____ () C:\Windows\setupact.log 2014-09-11 15:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-11 15:09 - 2014-09-07 20:56 - 1289065146 _____ () C:\Windows\MEMORY.DMP 2014-09-11 11:04 - 2014-09-11 11:04 - 00428124 _____ () C:\Users\HP\Desktop\Nowy dokument tekstowy.txt 2014-09-11 09:16 - 2014-09-11 09:16 - 00000000 ____D () C:\Users\HP\AppData\Roaming\eCyber 2014-09-11 09:16 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\HP\AppData\Roaming\iSafe 2014-09-11 04:33 - 2014-09-10 22:54 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-11 04:32 - 2011-10-21 20:18 - 00000000 ____D () C:\Users\HP\AppData\Local\CrashDumps 2014-09-11 02:00 - 2011-10-06 19:39 - 00000000 ____D () C:\Users\HP\AppData\Local\Adobe 2014-09-10 23:28 - 2009-07-14 19:55 - 00806860 _____ () C:\Windows\system32\perfh015.dat 2014-09-10 23:28 - 2009-07-14 19:55 - 00181332 _____ () C:\Windows\system32\perfc015.dat 2014-09-10 23:28 - 2009-07-14 07:13 - 01856988 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-10 23:26 - 2014-09-10 22:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-09-10 23:18 - 2014-09-10 23:27 - 05185536 _____ (AVAST Software) C:\Users\HP\Desktop\aswmbr.exe 2014-09-10 23:15 - 2014-09-10 23:15 - 00000000 ____D () C:\Users\HP\AppData\Local\{6BA97C3E-D1C4-4565-B275-033D061310C7} 2014-09-10 23:14 - 2012-09-20 22:24 - 06179328 ___SH () C:\Users\HP\Desktop\Thumbs.db 2014-09-10 23:04 - 2014-09-10 23:05 - 00247468 _____ () C:\Users\HP\Desktop\skaaaaan.jpeg 2014-09-10 22:55 - 2013-10-14 16:33 - 00003976 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3E5D4A2B-0C15-44C9-A90F-B91B3F0F16A2} 2014-09-10 22:54 - 2014-09-10 22:54 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-10 22:54 - 2014-09-10 22:54 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-10 22:42 - 2014-09-10 22:43 - 00342582 _____ () C:\Users\HP\Desktop\skan1.jpeg 2014-09-10 22:41 - 2014-09-10 22:43 - 00249490 _____ () C:\Users\HP\Desktop\skan3.jpeg 2014-09-10 22:41 - 2014-09-10 22:43 - 00122290 _____ () C:\Users\HP\Desktop\skan2.jpeg 2014-09-10 19:28 - 2014-09-10 19:28 - 14349744 _____ (Malwarebytes Corp.) C:\Users\HP\Desktop\mbar-1.07.0.1012.exe 2014-09-10 18:05 - 2014-09-10 18:05 - 00854417 _____ () C:\Users\HP\Desktop\SecurityCheck.exe 2014-09-10 18:04 - 2014-09-10 18:04 - 00380416 _____ () C:\Users\HP\Desktop\nkegnm4e.exe 2014-09-10 09:46 - 2014-02-09 23:20 - 00000000 ____D () C:\Users\HP\Desktop\aga 2014-09-10 04:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-09-10 04:19 - 2014-09-09 16:19 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-09-10 03:31 - 2014-09-08 23:41 - 00002426 _____ () C:\Windows\PFRO.log 2014-09-10 03:04 - 2014-01-01 18:17 - 01829594 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-10 03:01 - 2014-05-08 07:28 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-09-10 00:13 - 2013-02-05 11:10 - 00000000 ____D () C:\Users\HP\Desktop\Google.Sketchup.Pro.v8.0.3117.Incl.Keygen-MESMERiZE 2014-09-09 20:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-09-09 20:30 - 2014-09-09 20:30 - 00000000 ____D () C:\ProgramData\Sophos 2014-09-09 20:29 - 2014-09-09 20:29 - 00003191 _____ () C:\Users\HP\Desktop\Sophos Virus Removal Tool.lnk 2014-09-09 20:29 - 2014-09-09 20:29 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos 2014-09-09 20:29 - 2014-09-09 20:29 - 00000000 ____D () C:\Program Files (x86)\Sophos 2014-09-09 20:26 - 2014-09-09 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC 2014-09-09 20:26 - 2014-09-09 20:16 - 00001780 _____ () C:\Users\Public\Desktop\YAC.lnk 2014-09-09 20:16 - 2014-09-09 20:16 - 00000000 ____D () C:\Windows\system32\log 2014-09-09 20:09 - 2014-09-09 20:05 - 00000000 ____D () C:\AdwCleaner 2014-09-09 20:09 - 2011-11-25 15:10 - 00000000 ____D () C:\Program Files (x86)\Google 2014-09-09 20:09 - 2011-10-04 12:26 - 00000000 ____D () C:\Users\HP 2014-09-09 19:58 - 2011-10-04 12:26 - 00000000 ____D () C:\Users\HP\AppData\Local\VirtualStore 2014-09-09 19:35 - 2014-09-09 19:35 - 00001186 _____ () C:\Users\HP\Desktop\CrystalDiskInfo.lnk 2014-09-09 19:35 - 2014-09-09 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2014-09-09 19:35 - 2014-09-09 19:35 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo 2014-09-09 16:25 - 2014-09-09 16:25 - 00000000 ____D () C:\Users\HP\AppData\Roaming\AVAST Software 2014-09-09 16:20 - 2014-09-09 16:20 - 00002032 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk 2014-09-09 16:20 - 2014-09-09 16:20 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk 2014-09-09 16:20 - 2014-09-09 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-09-09 16:19 - 2011-10-09 14:34 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-09-08 23:40 - 2014-09-09 16:19 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-09-08 23:40 - 2014-09-09 16:19 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-09-08 23:40 - 2014-09-09 16:19 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-09-08 23:40 - 2014-09-09 16:19 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-09-08 23:40 - 2014-09-09 16:19 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-09-08 23:40 - 2014-09-09 16:19 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-09-08 23:40 - 2014-09-09 16:19 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-09-08 23:40 - 2014-09-09 16:19 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-09-08 23:40 - 2014-09-08 23:40 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2014-09-08 23:40 - 2014-09-08 23:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-09-08 23:39 - 2011-10-09 14:33 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-09-07 20:57 - 2014-09-07 20:57 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-07 20:30 - 2014-09-07 20:30 - 00028567 _____ () C:\ComboFix.txt 2014-09-07 20:30 - 2014-09-07 19:37 - 00000000 ____D () C:\Qoobox 2014-09-07 20:26 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-09-07 20:06 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-09-07 20:02 - 2014-09-07 19:36 - 00000000 ____D () C:\Windows\erdnt 2014-09-07 19:48 - 2013-10-28 19:27 - 00000000 ____D () C:\ProgramData\F-Secure 2014-09-07 17:56 - 2014-09-07 17:56 - 00000000 ____D () C:\Users\HP\AppData\Roaming\DiskDefrag 2014-09-07 17:54 - 2011-11-19 19:41 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-07 17:54 - 2011-10-04 12:27 - 00001421 _____ () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-09-07 17:52 - 2014-09-07 17:26 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5 2014-09-07 17:43 - 2014-09-07 17:42 - 00000000 ____D () C:\Users\HP\AppData\Local\{8F55C491-C893-4ECD-80CE-14ED81B0B2D9} 2014-09-07 17:28 - 2014-09-07 17:28 - 00020672 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys 2014-09-07 17:28 - 2014-09-07 17:28 - 00002968 _____ () C:\Windows\System32\Tasks\GU5SkipUAC 2014-09-07 17:28 - 2014-09-07 17:28 - 00002616 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5 2014-09-07 17:28 - 2014-05-27 22:50 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Spotify 2014-09-07 17:26 - 2014-09-07 17:26 - 00001105 _____ () C:\Users\HP\Desktop\Czyszczenie Rejestru.lnk 2014-09-07 17:26 - 2014-09-07 17:26 - 00001100 _____ () C:\Users\HP\Desktop\Autostart.lnk 2014-09-07 17:26 - 2014-09-07 17:26 - 00001080 _____ () C:\Users\HP\Desktop\Glary Utilities.lnk 2014-09-07 17:26 - 2014-09-07 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 2014-09-07 17:23 - 2014-05-07 18:14 - 00000000 ____D () C:\Users\HP\.gstreamer-0.10 2014-09-07 15:16 - 2014-07-24 13:43 - 00000951 _____ () C:\Users\Public\Desktop\ipla.lnk 2014-09-07 15:16 - 2012-05-26 23:44 - 00000000 ____D () C:\Program Files (x86)\ipla 2014-09-07 14:29 - 2014-05-27 23:12 - 00000000 ____D () C:\Users\HP\AppData\Local\Spotify 2014-09-05 20:32 - 2014-09-05 20:32 - 00000000 ____D () C:\Users\HP\AppData\Local\{FEA35E47-1B87-4466-B125-D5BBAF97CDB0} 2014-09-05 04:10 - 2014-09-10 01:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-05 04:05 - 2014-09-10 01:10 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-04 20:59 - 2014-09-04 20:59 - 00000000 ____D () C:\Users\HP\AppData\Local\{DF3B373E-4FFB-4AF4-AD05-DA018A88BA3B} 2014-09-03 20:59 - 2014-09-03 20:58 - 00000000 ____D () C:\Users\HP\AppData\Local\{ED980169-F893-4997-9853-BE229845BA5B} 2014-09-03 00:18 - 2014-06-07 12:23 - 00003876 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1381005593 2014-09-02 21:35 - 2014-05-30 22:07 - 00000000 ____D () C:\Users\HP\Desktop\POBRANE 2014-09-02 18:57 - 2014-09-02 18:57 - 00000000 ____D () C:\Users\HP\AppData\Local\{14F5F1C5-9193-457F-A6CD-4B7370755E5B} 2014-09-02 06:57 - 2014-09-02 06:57 - 00000000 ____D () C:\Users\HP\AppData\Local\{09E4634A-26F9-41BC-9064-B1D06ABB3A78} 2014-09-01 14:47 - 2014-09-01 14:47 - 00000000 ____D () C:\Users\HP\AppData\Local\{CFAD275C-9A1D-4DDA-8304-3C4A4C0C7B56} 2014-09-01 08:14 - 2014-09-07 17:28 - 00118048 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe 2014-09-01 08:10 - 2014-09-07 17:28 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys 2014-08-31 21:15 - 2014-08-31 21:15 - 00000000 ____D () C:\Users\HP\AppData\Local\{6DE24241-A7D9-493C-8E5D-92B429018B0D} 2014-08-29 13:36 - 2014-08-29 13:36 - 00000000 ____D () C:\Users\HP\AppData\Local\{CB80ED2F-BB53-4AF7-9616-D4B8D9A7B7CB} 2014-08-29 09:51 - 2009-07-14 06:45 - 05106256 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-29 00:49 - 2014-08-29 00:49 - 00000000 ____D () C:\Users\HP\AppData\Local\{15FE1B17-2A42-41D5-B7EB-0954413F7CBE} 2014-08-28 12:48 - 2014-08-28 12:48 - 00000000 ____D () C:\Users\HP\AppData\Local\{329FDC17-1D11-4DB2-AE96-E998D6297D0A} 2014-08-28 00:48 - 2014-08-28 00:47 - 00000000 ____D () C:\Users\HP\AppData\Local\{A61CD63A-8C48-4047-98B2-1D04F9B4E13C} 2014-08-27 12:46 - 2014-08-27 12:46 - 00000000 ____D () C:\Users\HP\AppData\Local\{9C9D2CF4-418E-4D52-AFDA-0224310502DD} 2014-08-26 22:38 - 2014-08-26 22:38 - 00000000 ____D () C:\Users\HP\AppData\Local\{C58961D2-4A6F-4388-8450-8DD0F5027537} 2014-08-26 10:37 - 2014-08-26 10:37 - 00000000 ____D () C:\Users\HP\AppData\Local\{30A74E94-9A5E-48FA-8541-65AD6EF3C2DB} 2014-08-25 21:35 - 2014-08-25 21:35 - 00000000 ____D () C:\Users\HP\AppData\Local\{AC74D1A6-35CE-499A-9DDA-B7B7C2B3F662} 2014-08-25 06:53 - 2011-10-09 13:47 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-08-24 22:09 - 2014-08-24 22:09 - 00000000 ____D () C:\Users\HP\AppData\Local\{2E810782-FB84-4F4E-912B-CE800D418F1A} 2014-08-24 18:29 - 2014-08-24 18:29 - 00014073 _____ () C:\Users\HP\Desktop\kamienie.txt.srt 2014-08-23 04:07 - 2014-08-28 10:58 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-28 10:58 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-28 10:58 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-21 23:15 - 2014-08-21 23:14 - 00000000 ____D () C:\Users\HP\Desktop\f 2014-08-21 22:33 - 2014-08-21 22:33 - 00000000 ____D () C:\Users\HP\AppData\Local\{1E158413-0403-41EE-8684-80684845F70E} 2014-08-20 20:14 - 2014-08-20 20:14 - 00000000 ____D () C:\Users\HP\AppData\Local\{030A64E9-16CA-4BF9-8F91-33DE00823BDC} 2014-08-20 00:12 - 2014-08-20 00:11 - 00000000 ____D () C:\Users\HP\AppData\Local\{603BFB69-4719-438F-916E-3AD0404E24C3} 2014-08-19 20:05 - 2014-09-10 03:06 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-19 19:39 - 2014-09-10 03:06 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-19 12:11 - 2014-08-19 12:10 - 00000000 ____D () C:\Users\HP\AppData\Local\{3968D098-6973-46F0-B030-A0154BAF559B} 2014-08-19 01:01 - 2014-09-10 03:06 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-19 00:29 - 2014-09-10 03:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-19 00:29 - 2014-09-10 03:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-19 00:26 - 2014-09-10 03:06 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-19 00:20 - 2014-09-10 03:06 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-19 00:19 - 2014-09-10 03:06 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-19 00:15 - 2014-09-10 03:07 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-19 00:15 - 2014-09-10 03:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-19 00:14 - 2014-09-10 03:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-19 00:14 - 2014-09-10 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-19 00:09 - 2014-08-19 00:09 - 00000000 ____D () C:\Users\HP\AppData\Local\{BD0F7015-A850-4285-BDA6-4A623E403A24} 2014-08-19 00:08 - 2014-09-10 03:07 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-19 00:08 - 2014-09-10 03:07 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-19 00:08 - 2014-09-10 03:06 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-19 00:05 - 2014-09-10 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-19 00:03 - 2014-09-10 03:07 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-19 00:03 - 2014-09-10 03:07 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-19 00:03 - 2014-09-10 03:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-18 23:57 - 2014-09-10 03:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-18 23:56 - 2014-09-10 03:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-18 23:51 - 2014-09-10 03:07 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-18 23:46 - 2014-09-10 03:07 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-18 23:45 - 2014-09-10 03:07 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-18 23:45 - 2014-09-10 03:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-18 23:44 - 2014-09-10 03:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-18 23:44 - 2014-09-10 03:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-18 23:42 - 2014-09-10 03:06 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-18 23:40 - 2014-09-10 03:07 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-18 23:39 - 2014-09-10 03:07 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-18 23:39 - 2014-09-10 03:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-18 23:39 - 2014-09-10 03:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-18 23:38 - 2014-09-10 03:07 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-18 23:37 - 2014-09-10 03:07 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-18 23:36 - 2014-09-10 03:07 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-18 23:35 - 2014-09-10 03:06 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-18 23:27 - 2014-09-10 03:07 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-18 23:25 - 2014-09-10 03:07 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-18 23:25 - 2014-09-10 03:06 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-18 23:23 - 2014-09-10 03:06 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-18 23:23 - 2014-09-10 03:06 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-18 23:22 - 2014-09-10 03:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-18 23:19 - 2014-09-10 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-18 23:17 - 2014-09-10 03:07 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-18 23:17 - 2014-09-10 03:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-18 23:16 - 2014-09-10 03:06 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-18 23:15 - 2014-09-10 03:06 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-18 23:15 - 2014-09-10 03:06 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-18 23:09 - 2014-09-10 03:07 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-18 23:08 - 2014-09-10 03:06 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-18 23:07 - 2014-09-10 03:06 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-18 22:55 - 2014-09-10 03:06 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-18 22:46 - 2014-09-10 03:06 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-18 22:38 - 2014-09-10 03:06 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-18 22:38 - 2014-09-10 03:06 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-18 22:36 - 2014-09-10 03:06 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-18 12:09 - 2014-08-18 12:09 - 00000000 ____D () C:\Users\HP\AppData\Local\{9BE1BFFE-F730-4643-87EE-7D6A0F8C53BC} 2014-08-17 09:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-13 12:07 - 2013-03-17 11:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-08-13 12:07 - 2013-03-17 11:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight Some content of TEMP: ==================== C:\Users\HP\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-08 10:59 ==================== End Of Log ============================