REKLAMA

FRST.txt

Strona Ask.com nie daje się usunąć, prośba o sprawdzenie logów

Witam, proszę o sprawdzenie logów. Strona ask.com nie chce się usunąć mimo iż użyłem program ADW Cleaner.


Pobierz plik - link do postu

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-07-2014 01
Ran by Administrator (administrator) on 491-0375 on 17-07-2014 15:41:07
Running from C:\Documents and Settings\Administrator\Pulpit\adwcleaner
Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) D:\jho\hamachi-2-ui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(LogMeIn, Inc.) D:\jho\LMIGuardianSvc.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(LogMeIn Inc.) D:\jho\hamachi-2.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(LogMeIn, Inc.) D:\jho\LMIGuardianSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Opera Software) C:\Program Files\Opera\opera.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SoundMAXPnP] = & gt; C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2004-10-14] (Analog Devices, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] = & gt; C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-06-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] = & gt; C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [976832 2010-06-09] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] = & gt; C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-02-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [igfxhkcmd] = & gt; C:\WINDOWS\system32\hkcmd.exe [77824 2005-10-14] (Intel Corporation)
HKLM\...\Run: [igfxpers] = & gt; C:\WINDOWS\system32\igfxpers.exe [114688 2005-10-14] (Intel Corporation)
HKLM\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [MP10_EnsureFileVer] = & gt; C:\WINDOWS\inf\unregmp2.exe [208896 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [LogMeIn Hamachi Ui] = & gt; D:\jho\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
HKLM\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-17] (AVAST Software)
HKU\.DEFAULT\...\RunOnce: [TSClientMSIUninstaller] - cmd.exe /C " cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs "
HKU\.DEFAULT\...\RunOnce: [TSClientAXDisabler] - cmd.exe /C " %systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat "
HKU\S-1-5-21-2318674147-844534908-136940625-500\...\Run: [Akamai NetSession Interface] = & gt; C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2318674147-844534908-136940625-500\...\Run: [Pando Media Booster] = & gt; C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-09] ()
HKU\S-1-5-21-2318674147-844534908-136940625-500\...\MountPoints2: {99d64292-8f5a-11e3-abf5-00188b132c24} - G:\Startme.exe
HKU\S-1-5-21-2318674147-844534908-136940625-500\...\MountPoints2: {dd6b19ae-a7de-11e1-a545-00188b132c24} - G:\autorun.exe
Lsa: [Authentication Packages] msv1_0 TivoliAP
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk - & gt; C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
ShellIconOverlayIdentifiers: 00avast - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb & gct=ds & appid=115 & systemid=473 & v=a12627-339 & apn_uid=1574776136674117 & apn_dtid=BND101 & o=APN10640 & apn_ptnrs=AG1 & q={searchTerms}
SearchScopes: HKCU - {4E0BD24D-1259-4029-B8EA-B11107A90B86} URL = http://mystart.incredibar.com/mb165/?search={searchTerms} & loc=IB_DS & a=6R8wzJu9NU & i=26
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb & gct=ds & appid=115 & systemid=473 & v=a12627-339 & apn_uid=1574776136674117 & apn_dtid=BND101 & o=APN10640 & apn_ptnrs=AG1 & q={searchTerms}
BHO: Adobe PDF Link Helper - & gt; {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - & gt; C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {c75a2d66-6d1d-4735-8f63-9d85dcc026a6} - No File
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{6A076732-DB5A-488E-993B-486D091EFFEF}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\qcqz3xph.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame - C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Extension: Ask New Tabs - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\qcqz3xph.default\Extensions\{8F68E371-97C9-171A-D485-8F734FED269C} [2014-05-16]
FF Extension: DownloadHelper - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\qcqz3xph.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Movies Toolbar (Dist. by Somoto Ltd.) - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\qcqz3xph.default\Extensions\{c75a2d66-6d1d-4735-8f63-9d85dcc026a6} [2014-05-06]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-07]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-12]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-06-25]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Docs) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-28]
CHR Extension: (Dysk Google) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-28]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-28]
CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-28]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-28]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-17]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-17] (AVAST Software)
R2 Hamachi2Svc; D:\jho\hamachi-2.exe [1889616 2014-06-23] (LogMeIn Inc.)
S3 HP Port Resolver; C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO.EXE [81920 2005-05-20] (Hewlett-Packard Company)
S3 HP Status Server; C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID.EXE [73728 2004-10-16] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation)
S4 lcfd; C:\Program Files\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe [122880 2002-10-04] () [File not signed]
S3 npggsvc; C:\WINDOWS\system32\GameMon.des [4066168 2011-04-25] (INCA Internet Co., Ltd.) [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]

==================== Drivers (Whitelisted) ====================

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
S3 akshasp; C:\WINDOWS\System32\DRIVERS\akshasp.sys [327168 2006-11-22] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\WINDOWS\System32\DRIVERS\aksusb.sys [100096 2006-11-22] (Aladdin Knowledge Systems Ltd.)
S3 Andbus; C:\WINDOWS\System32\DRIVERS\lgandbus.sys [14336 2010-03-30] (LG Electronics Inc.)
S3 AndDiag; C:\WINDOWS\System32\DRIVERS\lganddiag.sys [20864 2010-03-30] (LG Electronics Inc.)
S3 AndGps; C:\WINDOWS\System32\DRIVERS\lgandgps.sys [19968 2010-03-30] (LG Electronics Inc.)
S3 ANDModem; C:\WINDOWS\System32\DRIVERS\lgandmodem.sys [24960 2010-03-30] (LG Electronics Inc.)
S3 apf005; C:\WINDOWS\system32\apf005.sys [14160 2014-05-28] ()
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-17] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-17] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-17] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-17] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-17] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-17] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-17] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-17] ()
R3 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2012-06-01] (DT Soft Ltd)
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
R2 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2008-04-03] (Aladdin Knowledge Systems) [File not signed]
R2 Kmm4xNT; C:\WINDOWS\system32\Drivers\Kmm4xNT.sys [95484 2001-07-09] (DATOM Dariusz Cielebąk) [File not signed]
R3 LgBttPort; C:\WINDOWS\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\WINDOWS\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\WINDOWS\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
R1 prodrv06; C:\WINDOWS\System32\drivers\prodrv06.sys [51744 2003-09-06] (Protection Technology) [File not signed]
R0 prohlp02; C:\WINDOWS\System32\drivers\prohlp02.sys [62656 2003-09-06] (Protection Technology) [File not signed]
R0 prosync1; C:\WINDOWS\System32\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
R0 sfhlp01; C:\WINDOWS\System32\drivers\sfhlp01.sys [4832 2003-09-06] (Protection Technology) [File not signed]
S3 EagleNT; No ImagePath
S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-17 15:41 - 2014-07-17 15:41 - 00000000 ____D () C:\FRST
2014-07-17 15:36 - 2014-07-17 15:36 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-07-17 15:35 - 2014-07-17 15:35 - 00000380 _____ () C:\WINDOWS\wmsetup.log
2014-07-17 15:35 - 2014-07-17 15:35 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\AVAST Software
2014-07-17 15:28 - 2014-07-17 15:28 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-17 15:28 - 2014-07-17 15:28 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-17 15:23 - 2014-07-17 15:41 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit\adwcleaner
2014-06-27 16:53 - 2014-06-27 16:53 - 00001451 _____ () C:\Documents and Settings\All Users\Pulpit\Metin2.lnk
2014-06-27 16:53 - 2014-06-27 16:53 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Metin2
2014-06-26 10:55 - 2014-06-26 10:55 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
2014-06-24 20:41 - 2014-06-24 20:41 - 00063992 _____ () C:\Documents and Settings\Administrator\.recently-used.xbel
2014-06-23 18:51 - 2014-06-23 18:52 - 00000000 ____D () C:\Program Files\pokerstars
2014-06-23 16:35 - 2014-07-13 19:00 - 00000000 ____D () C:\metin

==================== One Month Modified Files and Folders =======

2014-07-17 15:42 - 2013-02-09 16:26 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PMB Files
2014-07-17 15:41 - 2014-07-17 15:41 - 00000000 ____D () C:\FRST
2014-07-17 15:41 - 2014-07-17 15:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit\adwcleaner
2014-07-17 15:41 - 2013-07-02 13:38 - 02163472 _____ () C:\WINDOWS\pfirewall.log
2014-07-17 15:41 - 2004-09-20 11:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp
2014-07-17 15:40 - 2013-04-12 22:42 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-17 15:40 - 2013-04-12 22:41 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-07-17 15:39 - 2004-09-20 11:12 - 01130370 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-17 15:39 - 2004-09-20 11:06 - 00505230 _____ () C:\WINDOWS\system32\perfh015.dat
2014-07-17 15:39 - 2004-09-20 11:06 - 00091048 _____ () C:\WINDOWS\system32\perfc015.dat
2014-07-17 15:37 - 2012-06-02 15:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
2014-07-17 15:37 - 2012-03-27 16:33 - 00000000 ____D () C:\Program Files\GIMP-2.0
2014-07-17 15:37 - 2004-09-20 11:12 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-07-17 15:36 - 2014-07-17 15:36 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-07-17 15:36 - 2012-06-02 15:25 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
2014-07-17 15:36 - 2004-09-20 11:18 - 01354305 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-17 15:35 - 2014-07-17 15:35 - 00000380 _____ () C:\WINDOWS\wmsetup.log
2014-07-17 15:35 - 2014-07-17 15:35 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\AVAST Software
2014-07-17 15:35 - 2011-06-27 09:10 - 09934026 _____ () C:\XrxUsd.log
2014-07-17 15:35 - 2011-05-27 08:56 - 00000260 _____ () C:\WINDOWS\Tasks\WGASetup.job
2014-07-17 15:35 - 2004-09-20 11:25 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-17 15:35 - 2004-09-20 11:25 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji
2014-07-17 15:35 - 2004-09-20 11:15 - 00000471 _____ () C:\WINDOWS\wiadebug.log
2014-07-17 15:35 - 2004-09-20 11:15 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-07-17 15:34 - 2014-06-10 17:36 - 00000000 ____D () C:\AdwCleaner
2014-07-17 15:34 - 2004-09-20 11:25 - 00032542 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-17 15:34 - 2004-09-20 11:25 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-07-17 15:28 - 2014-07-17 15:28 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-17 15:28 - 2014-07-17 15:28 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-17 15:28 - 2013-04-12 22:42 - 00414392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1405604404187
2014-07-17 15:28 - 2013-04-12 22:42 - 00001733 _____ () C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
2014-07-17 15:28 - 2013-04-12 22:41 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-17 15:28 - 2013-04-12 22:41 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-17 15:28 - 2013-04-12 22:41 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-17 15:28 - 2013-04-12 22:41 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-17 15:28 - 2013-04-12 22:41 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-07-17 15:28 - 2013-04-12 22:41 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-07-17 15:28 - 2013-04-12 22:41 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-17 15:23 - 2011-05-25 18:39 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
2014-07-17 15:23 - 2004-09-20 11:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit
2014-07-17 15:22 - 2004-09-20 11:19 - 00002657 ____C () C:\WINDOWS\system32\config.nt
2014-07-17 15:19 - 2011-08-07 18:13 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\TS3Client
2014-07-17 15:19 - 2011-06-29 17:36 - 00000000 ____D () C:\Program Files\Winamp
2014-07-17 15:18 - 2004-09-20 11:25 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-07-17 11:14 - 2012-05-11 14:50 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-16 22:31 - 2013-02-11 21:31 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Last.fm
2014-07-16 18:00 - 2012-03-27 16:34 - 00000000 ____D () C:\Documents and Settings\Administrator\.gimp-2.6
2014-07-16 17:58 - 2011-06-08 20:59 - 00014336 ___HC () C:\Documents and Settings\Administrator\Pulpit\photothumb.db
2014-07-15 23:24 - 2013-02-09 16:26 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
2014-07-14 21:08 - 2008-09-02 09:22 - 00000000 ____D () C:\temp
2014-07-13 19:00 - 2014-06-23 16:35 - 00000000 ____D () C:\metin
2014-07-12 20:54 - 2013-07-02 13:38 - 04043759 _____ () C:\WINDOWS\pfirewall.log.old
2014-07-12 12:15 - 2012-05-11 14:50 - 00699056 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-12 12:15 - 2011-05-27 09:11 - 00071344 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-12 12:08 - 2013-12-22 14:43 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Gameforge Live
2014-07-12 11:45 - 2004-09-20 11:05 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-06-29 11:57 - 2011-06-29 17:35 - 00010240 ____C () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-27 16:53 - 2014-06-27 16:53 - 00001451 _____ () C:\Documents and Settings\All Users\Pulpit\Metin2.lnk
2014-06-27 16:53 - 2014-06-27 16:53 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Metin2
2014-06-27 16:53 - 2004-09-20 11:12 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-06-26 17:35 - 2011-07-11 15:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
2014-06-26 12:29 - 2006-10-25 08:52 - 00000000 __SHD () C:\WINDOWS\CSC
2014-06-26 10:55 - 2014-06-26 10:55 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
2014-06-26 10:55 - 2012-06-02 15:25 - 00000331 _____ () C:\Documents and Settings\All Users\Pulpit\LogMeIn Hamachi.lnk
2014-06-24 20:41 - 2014-06-24 20:41 - 00063992 _____ () C:\Documents and Settings\Administrator\.recently-used.xbel
2014-06-23 18:55 - 2004-09-20 11:25 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy
2014-06-23 18:52 - 2014-06-23 18:51 - 00000000 ____D () C:\Program Files\pokerstars

Files to move or delete:
====================
C:\Documents and Settings\Administrator\TempWmicBatchFile.bat


Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe = & gt; File is digitally signed
C:\WINDOWS\system32\winlogon.exe = & gt; File is digitally signed
C:\WINDOWS\system32\svchost.exe = & gt; File is digitally signed
C:\WINDOWS\system32\services.exe = & gt; File is digitally signed
C:\WINDOWS\system32\User32.dll = & gt; File is digitally signed
C:\WINDOWS\system32\userinit.exe = & gt; File is digitally signed
C:\WINDOWS\system32\rpcss.dll = & gt; File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys = & gt; File is digitally signed

==================== End Of Log ============================