ADVERTISEMENT

FRST.txt

Jak usunąć z komputera Dynamo Combo Ads? Logi z FRST.

Mogę liczyć na czyjąś pomoc w usunięciu Dynamo Combo Ads? Z góry dziękuję :)


Download file - link to post

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Home (administrator) on HOME-KOMPUTER on 28-01-2015 18:29:56
Running from C:\Users\Home\Downloads
Loaded Profiles: Home (Available profiles: Home)
Platform: Windows 7 Home Premium (X64) OS Language: Polski (Polska)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
() C:\Users\Home\Downloads\adwcleaner_4.109.exe
(OldTimer Tools) C:\Users\Home\Downloads\OTL.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] = & gt; C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [899680 2013-02-04] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] = & gt; C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2013-03-05] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] = & gt; C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2014-09-24] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] = & gt; C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6199128 2014-09-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtsFT] = & gt; C:\Windows\RTFTrack.exe [6346464 2013-01-04] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] = & gt; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3041520 2013-03-08] (Synaptics Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] = & gt; C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] = & gt; C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508144 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [StartCCC] = & gt; C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] = & gt; C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] = & gt; [X]
HKLM-x32\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKU\S-1-5-21-1356068347-1751564828-2505477817-1000\...\Run: [AppEx Accelerator UI] = & gt; C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [429792 2013-02-08] ()
HKU\S-1-5-21-1356068347-1751564828-2505477817-1000\...\Run: [CCleaner Monitoring] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1356068347-1751564828-2505477817-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-1356068347-1751564828-2505477817-1000\...\MountPoints2: {3a8be05d-83eb-11e4-83bd-a4db3017bba1} - F:\Startme.exe
HKU\S-1-5-21-1356068347-1751564828-2505477817-1000\...\MountPoints2: {3e2ac765-4cd7-11e4-96f0-a4db3017bba1} - F:\AutoRun.exe
HKU\S-1-5-21-1356068347-1751564828-2505477817-1000\...\MountPoints2: {78632518-9d52-11e4-9868-a4db3017bba1} - F:\LGAutoRun.exe
HKU\S-1-5-21-1356068347-1751564828-2505477817-1000\...\MountPoints2: {da799696-4425-11e4-ba51-a4db3017bba1} - F:\AutoRun.exe
HKU\S-1-5-21-1356068347-1751564828-2505477817-1000\...\MountPoints2: {da7998e9-4425-11e4-ba51-a4db3017bba1} - F:\AutoRun.exe
HKU\S-1-5-21-1356068347-1751564828-2505477817-1000\...\MountPoints2: {e796a8ba-4694-11e4-a42c-a4db3017bba1} - F:\AutoRun.exe
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 2510 series.lnk
ShortcutTarget: Powiadomienia monitorowania tuszu - HP Deskjet 2510 series.lnk - & gt; C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected & lt; ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction & lt; ======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-1356068347-1751564828-2505477817-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
SearchScopes: HKU\.DEFAULT - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SteadyVideoBHO Class - & gt; {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - & gt; C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class - & gt; {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - & gt; C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 217.113.224.35 217.113.224.135
Tcpip\..\Interfaces\{1FF27601-3BC8-497C-90E5-136AB710AE64}: [NameServer] 213.158.199.1 213.158.199.5
Tcpip\..\Interfaces\{4FA15014-1C1D-472E-AA3D-AFB88AC98F69}: [NameServer] 213.158.199.1 213.158.199.5
Tcpip\..\Interfaces\{B6DFFBA6-BE9D-40E8-AA3C-55FA2DD59444}: [NameServer] 213.158.199.1 213.158.199.5

FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\jpllov0i.default
FF Homepage: hxxp://www.google.pl/
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - & gt; C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - & gt; C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: DownloadHelper - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\jpllov0i.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-11-03]
FF Extension: Dynamo Combo 1.0.1 - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\jpllov0i.default\Extensions\{641e52b1-3179-43ed-8bcb-f688871e52b0}.xpi [2015-01-21]
FF Extension: Adblock Plus - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\jpllov0i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-23]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-15]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-22] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-15] (AVAST Software)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2014-09-25] ()
R2 MSSQL$ELISOFT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2015-01-28] (Enigma Software Group USA, LLC.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [37472 2013-02-14] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [217824 2013-03-21] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-15] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2014-09-25] (Bytemobile, Inc.) [File not signed]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-01-28] ()
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [212992 2014-09-25] (Huawei Technologies Co., Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [117912 2012-11-19] (Qualcomm Atheros Co., Ltd.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8239456 2013-01-04] (Realtek Semiconductor Corp.)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2014-09-25] (Bytemobile, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 18:29 - 2015-01-28 18:31 - 00015114 _____ () C:\Users\Home\Downloads\FRST.txt
2015-01-28 18:29 - 2015-01-28 18:30 - 00000000 ____D () C:\FRST
2015-01-28 18:28 - 2015-01-28 18:29 - 02130432 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe
2015-01-28 18:28 - 2015-01-28 18:28 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-28 18:28 - 2015-01-28 18:28 - 00000000 _____ () C:\Windows\setupact.log
2015-01-28 18:20 - 2015-01-28 18:21 - 00602112 _____ (OldTimer Tools) C:\Users\Home\Downloads\OTL.exe
2015-01-28 12:50 - 2015-01-28 12:50 - 00000000 _____ () C:\autoexec.bat
2015-01-28 12:49 - 2015-01-28 12:49 - 00003332 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2015-01-28 12:49 - 2015-01-28 12:49 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Enigma Software Group
2015-01-28 12:47 - 2015-01-28 12:48 - 00000000 ____D () C:\sh4ldr
2015-01-28 12:43 - 2015-01-28 12:43 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-01-28 12:42 - 2015-01-28 12:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-28 11:41 - 2015-01-28 11:46 - 00000000 ____D () C:\Users\Home\AppData\Roaming\ELISOFT
2015-01-28 11:41 - 2015-01-28 11:41 - 00000000 ____D () C:\ProgramData\ELISOFT
2015-01-28 11:37 - 2015-01-28 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
2015-01-28 11:34 - 2015-01-28 11:35 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-01-28 11:33 - 2015-01-28 11:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-01-28 11:33 - 2015-01-28 11:33 - 00001213 _____ () C:\Users\Public\Desktop\ELISOFT Faktury i Magazyn 2014.lnk
2015-01-28 11:33 - 2015-01-28 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ELISOFT Faktury i Magazyn 2014
2015-01-28 11:33 - 2015-01-28 11:33 - 00000000 ____D () C:\Program Files (x86)\ELISOFT
2015-01-28 11:32 - 2015-01-28 11:32 - 00003870 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1422441113
2015-01-28 11:32 - 2015-01-28 11:32 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Opera Software
2015-01-28 11:32 - 2015-01-28 11:32 - 00000000 ____D () C:\Users\Home\AppData\Local\Opera Software
2015-01-28 11:32 - 2015-01-28 11:31 - 00001099 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-01-28 11:32 - 2015-01-28 11:31 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-01-28 11:31 - 2015-01-28 16:17 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-28 11:30 - 2015-01-28 11:30 - 213096096 _____ () C:\Users\Home\Downloads\FakturyMagazynFull.exe
2015-01-28 11:25 - 2015-01-28 11:26 - 00730528 _____ ( ) C:\Users\Home\Downloads\ELISOFT-Faktury-i-Magazyn(51611)-dp.exe
2015-01-28 01:38 - 2015-01-28 01:38 - 00006404 _____ () C:\Users\Home\Documents\inwentaryzacja grudzień 2014.fp3
2015-01-28 01:37 - 2015-01-28 01:37 - 00309529 _____ () C:\Users\Home\Documents\Paragony grudzień 2014.csv
2015-01-28 01:07 - 2015-01-28 01:07 - 00086200 _____ () C:\Users\Home\Documents\Paragony 27.01.2015.txt
2015-01-28 00:18 - 2015-01-28 00:18 - 00002212 _____ () C:\Users\Public\Desktop\HP Deskjet 2510 series.lnk
2015-01-28 00:18 - 2015-01-28 00:18 - 00001159 _____ () C:\Users\Public\Desktop\Zakup materiałów eksploatacyjnych - HP Deskjet 2510 series.lnk
2015-01-28 00:17 - 2015-01-28 00:17 - 00000000 ____D () C:\Program Files\HP
2015-01-28 00:15 - 2015-01-28 00:17 - 24059496 _____ () C:\Users\Home\Downloads\DJ2510_Basicx64_1313(1).exe
2015-01-27 22:37 - 2015-01-27 22:38 - 24059496 _____ () C:\Users\Home\Downloads\DJ2510_Basicx64_1313.exe
2015-01-27 22:02 - 2015-01-27 22:02 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-01-27 21:51 - 2015-01-27 21:56 - 58632240 _____ () C:\Users\Home\Downloads\DJ2510_1313-1(1).exe
2015-01-27 03:19 - 2015-01-27 03:19 - 02981504 _____ () C:\Users\Home\Downloads\Setup_FileViewPro_[2015](1).exe
2015-01-27 02:03 - 2015-01-27 02:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-27 00:31 - 2015-01-27 00:31 - 00000000 ____D () C:\Users\Home\AppData\Local\FileViewPro
2015-01-27 00:30 - 2015-01-27 00:30 - 00000000 ____D () C:\Users\Home\AppData\Roaming\IsolatedStorage
2015-01-27 00:30 - 2015-01-27 00:30 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2015-01-27 00:27 - 2015-01-27 17:26 - 00000000 ____D () C:\Program Files\FileViewPro
2015-01-27 00:24 - 2015-01-27 00:24 - 00000000 ____D () C:\Spacekace
2015-01-27 00:23 - 2015-01-27 00:24 - 02981504 _____ () C:\Users\Home\Downloads\Setup_FileViewPro_[2015].exe
2015-01-27 00:03 - 2015-01-27 00:03 - 11887199 _____ () C:\Users\Home\Documents\PARAGONY PICIE 2015.01.fp3
2015-01-26 23:20 - 2015-01-27 16:57 - 00046250 _____ () C:\Users\Home\Documents\Raporty Tivioli od teraz.txt
2015-01-26 22:40 - 2015-01-22 12:51 - 08717824 _____ () C:\Users\Home\Desktop\nearch.exe
2015-01-26 22:04 - 2015-01-26 22:05 - 08662443 _____ () C:\Users\Home\Downloads\dualcomdriver_usb_2.08.30(3).zip
2015-01-26 21:15 - 2015-01-26 21:15 - 02194432 _____ () C:\Users\Home\Downloads\adwcleaner_4.109.exe
2015-01-26 20:12 - 2015-01-26 20:13 - 08662443 _____ () C:\Users\Home\Downloads\dualcomdriver_usb_2.08.30(2).zip
2015-01-26 19:40 - 2015-01-26 19:41 - 08662443 _____ () C:\Users\Home\Downloads\dualcomdriver_usb_2.08.30(1).zip
2015-01-26 19:35 - 2015-01-26 19:36 - 01100479 _____ () C:\Users\Home\Downloads\vcp2_novitus_20130419d12.zip
2015-01-25 22:19 - 2015-01-24 15:00 - 00025406 _____ () C:\Users\Home\Documents\Katolickie%20Radio%20Diecezji%20Płockiej%20powstało%2023%20czerwca%202014%20roku%20z%20połączenia%20dwóch%20innych%20stacji.docx_0.odt
2015-01-25 19:17 - 2015-01-25 19:24 - 00000000 ____D () C:\Users\Home\AppData\Local\Microsoft Games
2015-01-23 20:13 - 2015-01-28 18:23 - 00000000 ____D () C:\AdwCleaner
2015-01-23 18:01 - 2015-01-23 18:02 - 00000000 ____D () C:\Users\Home\Desktop\bLANECZKA
2015-01-23 18:00 - 2015-01-26 21:53 - 00000000 ____D () C:\Users\Home\Desktop\WAŻNE PIZZERIA
2015-01-23 17:49 - 2015-01-27 23:06 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-23 17:49 - 2015-01-23 17:49 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-01-23 17:49 - 2015-01-23 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-23 17:49 - 2015-01-23 17:49 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-23 17:48 - 2015-01-23 17:48 - 05317104 _____ (Piriform Ltd) C:\Users\Home\Downloads\ccsetup501.exe
2015-01-23 17:47 - 2015-01-23 17:47 - 00730528 _____ ( ) C:\Users\Home\Downloads\CCleaner(13061)-dp(2).exe
2015-01-23 17:31 - 2015-01-23 17:31 - 00730528 _____ ( ) C:\Users\Home\Downloads\CCleaner(13061)-dp(1).exe
2015-01-23 15:51 - 2015-01-23 15:51 - 00003152 _____ () C:\Windows\System32\Tasks\{4F787716-F1D0-428C-9842-7B910D40B659}
2015-01-22 12:51 - 2015-01-22 12:51 - 08717824 _____ () C:\Users\Home\Downloads\nearch.exe
2015-01-22 09:50 - 2015-01-22 09:50 - 00000266 __RSH () C:\ProgramData\ntuser.pol
2015-01-22 06:07 - 2015-01-22 06:07 - 00000853 _____ () C:\Windows\SysWOW64\debug.log
2015-01-22 03:27 - 2015-01-22 03:27 - 00006332 _____ () C:\Users\Home\Documents\LIsta towarów Tivioli.fp3
2015-01-22 03:01 - 2015-01-22 03:01 - 00451428 _____ () C:\Users\Home\Documents\Paragony Tivioli.txt
2015-01-22 01:59 - 2015-01-22 02:00 - 08662443 _____ () C:\Users\Home\Downloads\dualcomdriver_usb_2.08.30.zip
2015-01-22 01:51 - 2015-01-22 01:51 - 00801084 _____ () C:\Users\Home\Downloads\sterownik_usb_2.08.12.zip
2015-01-21 23:38 - 2015-01-21 23:38 - 00000000 ____D () C:\Users\Home\AppData\Local\Comp_SA
2015-01-21 23:37 - 2015-01-21 23:37 - 00000000 ____D () C:\Users\Home\Documents\NSerwis bazy
2015-01-21 23:35 - 2015-01-21 23:35 - 02306535 _____ () C:\Users\Home\Downloads\nserwiskasy_setup.zip
2015-01-21 23:35 - 2015-01-21 23:35 - 00000000 ____D () C:\Users\Home\Downloads\nserwiskasy_setup
2015-01-21 23:21 - 2015-01-26 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Novitus
2015-01-21 23:21 - 2015-01-26 21:50 - 00000000 ____D () C:\Program Files (x86)\Novitus
2015-01-21 21:54 - 2015-01-28 01:42 - 00000000 ____D () C:\Users\Public\Documents\Novitus
2015-01-21 20:57 - 2015-01-21 20:57 - 00000000 ____D () C:\Program Files (x86)\ClickCaption_1.10.0.6
2015-01-21 20:54 - 2015-01-23 20:20 - 00000000 ____D () C:\Program Files (x86)\Dynamo Combo
2015-01-21 20:31 - 2015-01-21 20:31 - 00682248 _____ (komputerswiat.pl) C:\Users\Home\Downloads\Ewa - fakturowanie i magazyn 4.1.43.1.EXE
2015-01-20 20:13 - 2015-01-20 20:13 - 03405878 _____ () C:\Users\Home\Downloads\2_mp3_files (online-audio-converter.com).zip
2015-01-16 20:39 - 2015-01-16 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2015-01-16 20:38 - 2015-01-16 20:39 - 00000000 ____D () C:\Program Files (x86)\Windows Phone
2015-01-16 20:37 - 2015-01-16 20:37 - 00000000 ____D () C:\ProgramData\Applications
2015-01-16 20:34 - 2015-01-16 20:34 - 06745792 _____ (Microsoft Corporation) C:\Users\Home\Downloads\WindowsPhone.exe
2015-01-16 20:23 - 2015-01-16 20:26 - 96032277 _____ () C:\Users\Home\Downloads\stosunki Chiny.rar
2015-01-16 18:04 - 2015-01-16 18:04 - 17685199 _____ () C:\Users\Home\Downloads\media.io.109462818.zip
2015-01-16 17:02 - 2015-01-16 17:02 - 00000000 ____D () C:\Users\Home\Downloads\wstepniak
2015-01-16 16:58 - 2015-01-16 16:59 - 26192991 _____ () C:\Users\Home\Downloads\wstepniak.zip
2015-01-16 09:02 - 2015-01-16 09:02 - 00000000 _____ () C:\Users\Home\Downloads\CCleaner(13061)-dp.exe
2015-01-15 19:05 - 2015-01-15 19:05 - 00000000 ____D () C:\Users\Home\AppData\Roaming\AVAST Software
2015-01-15 19:04 - 2015-01-17 12:30 - 00002008 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-15 19:03 - 2015-01-15 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-15 19:02 - 2015-01-23 19:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-15 19:02 - 2015-01-15 19:03 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-15 19:02 - 2015-01-15 19:03 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-01-15 19:02 - 2015-01-15 19:01 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-01-15 19:02 - 2015-01-15 19:01 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-15 19:02 - 2015-01-15 19:01 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-15 19:02 - 2015-01-15 19:01 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-15 19:02 - 2015-01-15 19:01 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-15 19:02 - 2015-01-15 19:01 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-15 19:02 - 2015-01-15 19:01 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-15 19:01 - 2015-01-15 19:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-15 18:57 - 2015-01-15 18:57 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-15 18:55 - 2015-01-15 18:57 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-15 18:53 - 2015-01-15 18:53 - 05006864 _____ (AVAST Software) C:\Users\Home\Downloads\avast_free_antivirus_setup_online.exe
2015-01-07 20:06 - 2015-01-20 07:25 - 00000097 _____ () C:\Users\Home\AppData\Roaming\WB.CFG
2015-01-07 19:06 - 2015-01-25 20:44 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Audacity
2015-01-07 19:06 - 2015-01-07 19:06 - 00000983 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-01-07 19:06 - 2015-01-07 19:06 - 00000971 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-01-07 19:06 - 2015-01-07 19:06 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-01-07 19:02 - 2015-01-07 19:02 - 22892794 _____ (Audacity Team ) C:\Users\Home\Downloads\audacity-win-2.0.6.exe
2015-01-07 19:01 - 2015-01-07 19:01 - 00730528 _____ ( ) C:\Users\Home\Downloads\Audacity(11826)-dp.exe.part
2015-01-07 19:01 - 2015-01-07 19:01 - 00730528 _____ ( ) C:\Users\Home\Downloads\Audacity(11826)-dp(1).exe
2015-01-07 19:01 - 2015-01-07 19:01 - 00000000 _____ () C:\Users\Home\Downloads\Audacity(11826)-dp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 18:15 - 2009-07-14 05:45 - 00009776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-28 18:15 - 2009-07-14 05:45 - 00009776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-28 18:01 - 2014-09-24 14:34 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-28 17:54 - 2014-09-24 14:21 - 00460094 _____ () C:\Windows\WindowsUpdate.log
2015-01-28 17:02 - 2014-09-24 16:30 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-01-28 16:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-28 16:11 - 2014-09-24 16:34 - 10943244 _____ () C:\Users\Public\CAFADEBUG.log
2015-01-28 12:49 - 2014-09-24 14:27 - 00000000 ____D () C:\Users\Home
2015-01-28 11:37 - 2014-09-24 16:44 - 01687214 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-28 11:37 - 2009-07-14 18:55 - 00784188 _____ () C:\Windows\system32\perfh015.dat
2015-01-28 11:37 - 2009-07-14 18:55 - 00171598 _____ () C:\Windows\system32\perfc015.dat
2015-01-28 11:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Registration
2015-01-28 11:20 - 2014-09-24 14:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-28 00:18 - 2014-10-05 22:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-01-28 00:17 - 2014-10-05 22:49 - 00000000 ____D () C:\Program Files (x86)\HP
2015-01-27 23:23 - 2009-07-14 06:13 - 01661232 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-26 19:36 - 2014-09-24 16:10 - 00000000 ____D () C:\Program Files\DIFX
2015-01-25 20:39 - 2014-12-21 21:21 - 00000000 ____D () C:\Users\Home\AppData\Local\PokerStars.EU
2015-01-25 20:39 - 2014-12-21 21:19 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2015-01-25 19:01 - 2014-09-24 14:34 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 19:01 - 2014-09-24 14:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 19:01 - 2014-09-24 14:34 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 19:49 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini
2015-01-23 17:50 - 2014-12-28 09:51 - 00000000 ____D () C:\Windows\Minidump
2015-01-23 17:50 - 2014-09-24 15:17 - 00000000 ____D () C:\Windows\Panther
2015-01-23 15:52 - 2014-09-24 14:36 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-23 15:52 - 2014-09-24 14:36 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-23 15:52 - 2014-09-24 14:29 - 00001433 _____ () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-01-23 15:52 - 2014-09-24 14:28 - 00001455 _____ () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-22 06:07 - 2014-09-25 10:15 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Adobe
2015-01-22 05:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-21 20:49 - 2014-09-24 17:31 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-21 20:49 - 2014-09-24 14:45 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-21 20:48 - 2014-09-24 16:37 - 00000000 ____D () C:\Users\Home\AppData\Local\Avg2015
2015-01-21 20:40 - 2014-09-24 17:31 - 00000000 ___HD () C:\$AVG
2015-01-12 10:49 - 2014-10-01 13:28 - 00000000 ____D () C:\Users\Home\AppData\Local\Adobe

==================== Files in the root of some directories =======

2014-09-24 14:36 - 2014-09-24 14:36 - 0000067 _____ () C:\Users\Home\AppData\Roaming\burnaware.ini
2015-01-07 20:06 - 2015-01-20 07:25 - 0000097 _____ () C:\Users\Home\AppData\Roaming\WB.CFG
2014-10-05 22:49 - 2014-10-05 22:49 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-09-24 15:35 - 2014-09-24 15:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Home\AppData\Local\Temp\Quarantine.exe
C:\Users\Home\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe = & gt; File is digitally signed
C:\Windows\System32\wininit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\wininit.exe = & gt; File is digitally signed
C:\Windows\explorer.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\explorer.exe = & gt; File is digitally signed
C:\Windows\System32\svchost.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\svchost.exe = & gt; File is digitally signed
C:\Windows\System32\services.exe = & gt; File is digitally signed
C:\Windows\System32\User32.dll = & gt; MD5 is legit
C:\Windows\SysWOW64\User32.dll = & gt; MD5 is legit
C:\Windows\System32\userinit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\userinit.exe = & gt; File is digitally signed
C:\Windows\System32\rpcss.dll = & gt; File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys = & gt; File is digitally signed


LastRegBack: 2015-01-24 04:07

==================== End Of Log ============================