Anonim / 3 lata, 2 miesiące temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-02-2015 02
Ran by Użytkownik (administrator) on LENOVO on 11-02-2015 21:50:20
Running from C:\Users\Użytkownik\Downloads
Loaded Profiles: Użytkownik (Available profiles: Użytkownik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9744800 2014-07-04] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5399456 2014-07-04] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3674576 2015-01-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2450902021-3794324418-2797355572-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2450902021-3794324418-2797355572-1000\...\MountPoints2: {753fba2d-4706-11e4-9cfb-dc0ea1e5f20e} - F:\Startme.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2450902021-3794324418-2797355572-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{03AECA8C-6BAF-47B8-AF88-B912155CFCBC}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Użytkownik\AppData\Roaming\Mozilla\Firefox\Profiles\2heac1ua.default
FF Homepage: hxxp://www.wp.pl/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-12-14] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3440080 2015-01-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-01-06] (AVG Technologies CZ, s.r.o.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 21:50 - 2015-02-11 21:51 - 00008638 _____ () C:\Users\Użytkownik\Downloads\FRST.txt
2015-02-11 21:49 - 2015-02-11 21:50 - 00000000 ____D () C:\FRST
2015-02-11 21:49 - 2015-02-11 21:49 - 02134016 _____ (Farbar) C:\Users\Użytkownik\Downloads\FRST64.exe
2015-02-11 21:47 - 2015-02-11 21:48 - 01125376 _____ (Farbar) C:\Users\Użytkownik\Downloads\FRST.exe
2015-02-08 17:07 - 2015-02-08 17:07 - 00002782 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-02-08 17:07 - 2015-02-08 17:07 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-08 17:07 - 2015-02-08 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-08 17:07 - 2015-02-08 17:07 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-08 17:06 - 2015-02-08 17:06 - 05325208 _____ (Piriform Ltd) C:\Users\Użytkownik\Downloads\ccsetup502.exe
2015-02-08 16:58 - 2015-02-08 17:25 - 00000000 ____D () C:\AdwCleaner
2015-02-08 16:57 - 2015-02-08 16:57 - 02112512 _____ () C:\Users\Użytkownik\Downloads\AdwCleaner.exe
2015-02-01 12:22 - 2015-02-01 12:30 - 1997934325 _____ () C:\Users\Użytkownik\Documents\Miasto.44.2014.PAL.DVDR9-KRUK.part3.rar
2015-02-01 12:04 - 2015-02-01 12:22 - 3221225472 _____ () C:\Users\Użytkownik\Documents\Miasto.44.2014.PAL.DVDR9-KRUK.part2.rar
2015-02-01 11:44 - 2015-02-01 12:03 - 3221225472 _____ () C:\Users\Użytkownik\Documents\Miasto.44.2014.PAL.DVDR9-KRUK.part1.rar
2015-01-30 10:15 - 2015-01-30 10:15 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2015-01-30 10:09 - 2015-01-30 10:15 - 00000000 ____D () C:\ProgramData\AVG
2015-01-29 19:37 - 2015-01-29 19:37 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-29 19:37 - 2015-01-29 19:37 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-29 19:37 - 2015-01-29 19:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-29 18:49 - 2015-01-29 18:49 - 00000000 ____D () C:\Users\Użytkownik\AppData\Roaming\AVG2015
2015-01-29 18:48 - 2015-01-31 09:53 - 00000995 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-29 18:48 - 2015-01-31 09:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-29 18:45 - 2015-01-29 18:48 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-29 18:45 - 2015-01-29 18:45 - 00000000 ___HD () C:\$AVG
2015-01-29 18:41 - 2015-01-30 09:23 - 00000000 ____D () C:\Users\Użytkownik\AppData\Local\Avg2015
2015-01-27 08:56 - 2015-01-29 19:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 20:58 - 2015-01-26 20:58 - 00000901 _____ () C:\Users\Użytkownik\Desktop\M4UDownloader.lnk
2015-01-25 18:30 - 2015-01-25 18:30 - 00003176 _____ () C:\Windows\System32\Tasks\{9D288EF5-8AB5-46DA-85C2-F5EC8CC0BDDC}
2015-01-25 18:23 - 2015-01-25 14:26 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-25 18:23 - 2015-01-25 14:26 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-25 18:23 - 2015-01-25 14:26 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-25 17:40 - 2015-02-08 18:15 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 17:40 - 2015-01-25 17:40 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-25 17:40 - 2015-01-25 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-25 17:40 - 2015-01-25 17:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-25 17:40 - 2015-01-25 17:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-25 17:40 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-25 17:40 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-25 17:40 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-21 18:19 - 2015-01-25 17:14 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-01-18 21:35 - 2015-01-18 21:35 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\sysfilter
2015-01-18 21:08 - 2015-01-18 21:15 - 00000000 ____D () C:\Users\Użytkownik\AppData\Local\Visikid
2015-01-16 16:22 - 2015-01-16 16:22 - 00000136 _____ () C:\Users\Użytkownik\Desktop\Purble Place  skrót.lnk
2015-01-14 12:22 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 12:22 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 12:22 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 12:22 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 12:22 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 12:22 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 12:21 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 12:21 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 12:21 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 12:21 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 12:21 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 12:21 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 12:21 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 21:29 - 2014-07-04 15:28 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-11 14:20 - 2014-07-04 15:32 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-08 18:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-08 17:25 - 2009-07-14 05:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-08 17:25 - 2009-07-14 05:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-08 17:19 - 2014-08-15 19:12 - 00000000 ____D () C:\Users\Użytkownik\AppData\Roaming\Skype
2015-02-08 17:12 - 2014-10-09 18:43 - 00000000 ____D () C:\Users\Użytkownik\AppData\Roaming\DVDVideoSoft
2015-02-08 17:10 - 2014-11-28 21:26 - 00000000 ____D () C:\Users\Użytkownik\AppData\Roaming\uTorrent
2015-02-08 17:09 - 2014-07-04 14:19 - 00000000 ____D () C:\Windows\Panther
2015-02-05 10:31 - 2014-07-04 15:28 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 10:30 - 2014-07-04 15:28 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 10:30 - 2014-07-04 15:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-02 12:33 - 2014-07-20 15:32 - 00000000 ____D () C:\Users\Użytkownik\M4UDownloader
2015-02-01 17:42 - 2011-02-04 18:20 - 00739932 _____ () C:\Windows\system32\perfh015.dat
2015-02-01 17:42 - 2011-02-04 18:20 - 00155474 _____ () C:\Windows\system32\perfc015.dat
2015-02-01 17:42 - 2009-07-14 06:13 - 01668226 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-01 17:32 - 2014-07-04 15:38 - 00000000 ____D () C:\ProgramData\ALLPlayer
2015-01-31 21:58 - 2014-07-10 20:25 - 00000000 ____D () C:\Users\Użytkownik\Documents\Youcam
2015-01-29 18:44 - 2014-07-04 15:34 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-29 18:34 - 2014-11-30 16:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-25 18:23 - 2014-07-04 15:31 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-25 17:09 - 2014-07-04 13:27 - 00000000 ____D () C:\Users\Użytkownik
2015-01-25 17:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-25 14:26 - 2015-01-10 13:06 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-24 03:29 - 2015-01-03 17:56 - 00000087 _____ () C:\Users\Użytkownik\AppData\Roaming\WB.CFG
2015-01-21 18:25 - 2014-08-29 17:36 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-01-21 00:44 - 2009-07-14 03:34 - 00000601 _____ () C:\Windows\win.ini
2015-01-17 13:30 - 2014-11-30 11:40 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-17 13:15 - 2014-11-30 11:39 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-01-03 17:56 - 2015-01-24 03:29 - 0000087 _____ () C:\Users\Użytkownik\AppData\Roaming\WB.CFG

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 10:57

==================== End Of Log ============================