Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Yoursite 123 - FRST i jego logi.

Yarek1969 12 Gru 2015 19:15 693 2
  • #2 12 Gru 2015 19:36
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> Brak ścieżki do pliku
    CustomCLSID: HKU\S-1-5-21-22330260-176085029-1354153045-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> Brak ścieżki do pliku
    Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{8A54E087-AE30-46DA-9CF7-20E7FD4BFC5E}.exe <==== UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...HitachiXHTS543232L9A300_090123FB8403LPJVULSBX




    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&...XHTS543232L9A300_090123FB8403LPJVULSBX&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...HitachiXHTS543232L9A300_090123FB8403LPJVULSBX
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&...XHTS543232L9A300_090123FB8403LPJVULSBX&q={searchTerms}
    HKU\S-1-5-21-22330260-176085029-1354153045-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&...XHTS543232L9A300_090123FB8403LPJVULSBX&q={searchTerms}
    HKU\S-1-5-21-22330260-176085029-1354153045-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...HitachiXHTS543232L9A300_090123FB8403LPJVULSBX
    HKU\S-1-5-21-22330260-176085029-1354153045-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&...XHTS543232L9A300_090123FB8403LPJVULSBX&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...XHTS543232L9A300_090123FB8403LPJVULSBX&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-22330260-176085029-1354153045-1003 -> DefaultScope {84B09931-DAE2-4818-B5C2-7108140A58D0} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=^BBE^OSJ000^YY^PL&gct=&itbv=12.23.0.15&apn_uid=C9E9F5D5-06B8-48F0-8F2A-DE0C8BE37535&apn_ptnrs=BBE&apn_dtid=^OSJ000^YY^PL&apn_dbr=ie&doi=2015-01-27&trgb=IE&q={searchTerms}&psv=&pt=tb
    SearchScopes: HKU\S-1-5-21-22330260-176085029-1354153045-1003 -> {01DE1850-2730-4FB0-A81F-86497231A576} URL = hxxp://pl.wikipedia.org/w/index.php?title=Specjalna:Szukaj&search={searchTerms}
    BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll => Brak plik
    Toolbar: HKLM - Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files\Astroburn Toolbar\ABToolbar.dll [2011-05-23] ()
    Toolbar: HKU\S-1-5-21-22330260-176085029-1354153045-1003 -> Brak nazwy - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Brak pliku
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll Brak pliku
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
    FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.3\\npsitesafety.dll [Brak pliku]
    CHR HKLM\...\Chrome\Extension: [pbiamblgmkgbcgbcgejjgebalncpmhnp] - C:\Program Files\StartSearch plugin\vshareplg.crx <nie znaleziono>
    S2 APNMCP; "C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe" [X]
    S2 Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]
    U3 aqm8ly07; C:\Windows\system32\Drivers\aqm8ly07.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
    S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
    S3 VMC302; System32\Drivers\VMC302.sys [X]
    2015-12-11 04:00 - 2015-12-11 04:00 - 00000000 ____D C:\ProgramData\BWdMB
    C:\ProgramData\hpe42FA.dll
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    EmptyTemp:
    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 12 Gru 2015 19:42
    Kolobos
    Spec od komputerów

    Odinstaluj:
    Adobe Reader 8 - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
    Adobe Reader 8.1.2 Security Update 1 (KB403742) (HKLM\...\{AC76BA86-7AD7-1045-7B44-A81200000003}_Adobe Reader 8 - Polish) (Version: - )
    Settings Manager (HKU\S-1-5-21-22330260-176085029-1354153045-1003\...\Settings Manager) (Version: 21.4.0.1 - Spigot, Inc.) <==== UWAGA

    Zainstaluj http://ninite.com/foxit/

    Fixlist.txt dla FRST:
    Task: {091B3F30-67AF-4AD6-8D35-FEC37D6A30FF} - System32\Tasks\PCConfidential => C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
    Task: {1E2B7EA6-2782-46C5-A0A2-9496AF2D0765} - System32\Tasks\{B88B285B-2041-4E6D-B358-A64499880EDE} => Chrome.exe hxxp://ui.skype.com/ui/0/7.14.0.106/pl/abandoninstall?page=tsProgressBar
    Task: {2FDCC542-7D6E-4CDA-B1C9-7A0FAAD87C93} - System32\Tasks\{E5773E0C-C89C-4A1E-A70C-252104A3DAF3} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.124/en/abandon...cluded,google-chrome:notoffered;disabled
    Task: {47FD6A37-DD6E-4E61-BA3F-204A568E33AE} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{8A54E087-AE30-46DA-9CF7-20E7FD4BFC5E}.exe.)
    Task: {796DBFDA-4587-43E8-8299-731D33822089} - System32\Tasks\{02EC1A6C-C847-42D8-B714-B04FFF2DCE2E} => c:\program files\opera\launcher.exe
    Task: {B260CDED-41B9-4B16-8AE8-6F756AB0351F} - System32\Tasks\Opera N => C:\Program Files\Opera\launcher.exe
    Task: {F09A31D0-40A5-4E48-A778-D1C1EA5E1CA4} - System32\Tasks\{997C640D-770C-4EAE-93BF-DDC85D2AC808} => c:\program files\opera\launcher.exe
    Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{8A54E087-AE30-46DA-9CF7-20E7FD4BFC5E}.exe <==== UWAGA
    Task: C:\Windows\Tasks\PCConfidential.job => C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
    ShortcutWithArgument: C:\Users\Jarek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...HitachiXHTS543232L9A300_090123FB8403LPJVULSBX <==== UWAGA
    AlternateDataStreams: C:\Users\Jarek\Downloads\video-1448989509.mp4.mp4:TOC.WMV
    () C:\Windows\System32\Codecs\UpdateChecker.exe
    HKLM\...\Run: [Codec Settings UAC Manager] => C:\Windows\system32\Codecs\CodecUACManager.exe [60416 2015-06-10] ()
    HKLM\...\Run: [ApnTBMon] => "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
    HKU\S-1-5-21-22330260-176085029-1354153045-1003\...\Run: [Power2GoExpress] => NA
    HKU\S-1-5-21-22330260-176085029-1354153045-1003\...\Run: [Xvid] => C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
    HKU\S-1-5-21-22330260-176085029-1354153045-1003\...\Run: [Codec Pack Update Checker] => C:\Windows\system32\Codecs\UpdateChecker.exe [55992 2015-06-10] ()
    HKU\S-1-5-21-22330260-176085029-1354153045-1003\...\MountPoints2: {013a10c8-4e0d-11df-9bc9-001377e06c22} - G:\Startme.exe
    HKU\S-1-5-21-22330260-176085029-1354153045-1003\...\MountPoints2: {8c2c757f-37b5-11e5-870e-001377e06c22} - F:\SISetup.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2015-06-28]
    ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\System32\Codecs\TrayMenu.exe ()
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...HitachiXHTS543232L9A300_090123FB8403LPJVULSBX
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&...XHTS543232L9A300_090123FB8403LPJVULSBX&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...HitachiXHTS543232L9A300_090123FB8403LPJVULSBX
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&...XHTS543232L9A300_090123FB8403LPJVULSBX&q={searchTerms}
    HKU\S-1-5-21-22330260-176085029-1354153045-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&...XHTS543232L9A300_090123FB8403LPJVULSBX&q={searchTerms}
    HKU\S-1-5-21-22330260-176085029-1354153045-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-22330260-176085029-1354153045-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...HitachiXHTS543232L9A300_090123FB8403LPJVULSBX
    HKU\S-1-5-21-22330260-176085029-1354153045-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&...XHTS543232L9A300_090123FB8403LPJVULSBX&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...XHTS543232L9A300_090123FB8403LPJVULSBX&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    SearchScopes: HKU\S-1-5-21-22330260-176085029-1354153045-1003 -> DefaultScope {84B09931-DAE2-4818-B5C2-7108140A58D0} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=^BBE^OSJ000^YY^PL&gct=&itbv=12.23.0.15&apn_uid=C9E9F5D5-06B8-48F0-8F2A-DE0C8BE37535&apn_ptnrs=BBE&apn_dtid=^OSJ000^YY^PL&apn_dbr=ie&doi=2015-01-27&trgb=IE&q={searchTerms}&psv=&pt=tb
    SearchScopes: HKU\S-1-5-21-22330260-176085029-1354153045-1003 -> {01DE1850-2730-4FB0-A81F-86497231A576} URL = hxxp://pl.wikipedia.org/w/index.php?title=Specjalna:Szukaj&search={searchTerms}
    SearchScopes: HKU\S-1-5-21-22330260-176085029-1354153045-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-22330260-176085029-1354153045-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
    SearchScopes: HKU\S-1-5-21-22330260-176085029-1354153045-1003 -> {5F970FDE-702B-4ef9-920C-5F2848A5AF26} URL = hxxp://www.astroburn-search.com/search/web?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-22330260-176085029-1354153045-1003 -> {7FDBEA2C-C82A-4541-A101-81205A7806FA} URL = hxxp://search.avg.com/?d=4d5b9b36&i=23&tp=chrome&q={searchTerms}&lng={language}&nt=1
    SearchScopes: HKU\S-1-5-21-22330260-176085029-1354153045-1003 -> {84B09931-DAE2-4818-B5C2-7108140A58D0} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=^BBE^OSJ000^YY^PL&gct=&itbv=12.23.0.15&apn_uid=C9E9F5D5-06B8-48F0-8F2A-DE0C8BE37535&apn_ptnrs=BBE&apn_dtid=^OSJ000^YY^PL&apn_dbr=ie&doi=2015-01-27&trgb=IE&q={searchTerms}&psv=&pt=tb
    SearchScopes: HKU\S-1-5-21-22330260-176085029-1354153045-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={ADA5D0B0-E01D-4C16-A8B0-9CDD7E0932EF}&mid=90a8c0d7264cc9d89e4a6fe6dabafc71-e2af046960788896500df4ce625c4e82f8128f1b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-09-13 15:45:38&v=4.2.1.951&pid=wtu&sg=&sap=dsp&q={searchTerms}
    Toolbar: HKLM - Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files\Astroburn Toolbar\ABToolbar.dll [2011-05-23] ()
    Toolbar: HKU\S-1-5-21-22330260-176085029-1354153045-1003 -> Brak nazwy - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Brak pliku
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll Brak pliku
    FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.3\\npsitesafety.dll [Brak pliku]
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2011-10-27] (LiveVDO )
    FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2013-02-10]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2009-08-25] [Brak podpisu cyfrowego]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2009-10-21] [Brak podpisu cyfrowego]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2009-11-10] [Brak podpisu cyfrowego]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [2010-03-31] [Brak podpisu cyfrowego]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-04-15] [Brak podpisu cyfrowego]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-07-31] [Brak podpisu cyfrowego]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-10-17] [Brak podpisu cyfrowego]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-01-06] [Brak podpisu cyfrowego]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-03-11] [Brak podpisu cyfrowego]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-06-30] [Brak podpisu cyfrowego]
    FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2011-04-27]
    CHR HKLM\...\Chrome\Extension: [pbiamblgmkgbcgbcgejjgebalncpmhnp] - C:\Program Files\StartSearch plugin\vshareplg.crx <nie znaleziono>
    CHR HKU\S-1-5-21-22330260-176085029-1354153045-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
    S2 APNMCP; "C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe" [X]
    S2 Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2015-12-12] ()
    U3 aqm8ly07; C:\Windows\system32\Drivers\aqm8ly07.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
    S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
    S3 VMC302; System32\Drivers\VMC302.sys [X]
    2015-12-11 20:03 - 2015-12-11 22:03 - 00000001 _____ C:\Windows\system32\pl.html
    2015-12-11 04:00 - 2015-12-12 09:48 - 00000000 ____D C:\Users\Jarek\AppData\Roaming\TSv
    2015-12-11 04:00 - 2015-12-11 04:00 - 00000000 ____D C:\ProgramData\BWdMB
    2015-12-12 18:18 - 2013-06-04 11:35 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
    2015-12-12 18:18 - 2009-10-09 17:45 - 00000416 _____ C:\Windows\Tasks\PCConfidential.job
    2015-12-11 22:21 - 2015-11-07 14:34 - 00000000 ____D C:\Users\Jarek\AppData\Roaming\istartsurf
    2015-12-11 22:21 - 2015-11-07 14:34 - 00000000 ____D C:\ProgramData\XWMiniProX
    2015-12-11 22:21 - 2014-10-24 08:01 - 00000000 ____D C:\Users\Jarek\AppData\Roaming\BrowserExtensions
    2015-12-11 22:21 - 2012-02-14 20:46 - 00000000 ____D C:\Program Files\StartSearch plugin
    2015-12-11 22:21 - 2009-10-09 17:45 - 00000000 ____D C:\Program Files\Free Offers from Freeze.com
    2015-04-26 08:15 - 2015-04-26 08:15 - 0000000 _____ () C:\Program Files\GUTCCD.tmp
    2015-05-25 18:26 - 2015-05-25 18:26 - 6420480 _____ () C:\Program Files\GUTD163.tmp
    C:\Users\Jarek\AppData\Local\Temp*.html
    2009-12-24 12:08 - 2009-12-24 12:08 - 0148736 _____ (Avanquest Software) C:\ProgramData\hpe42FA.dll
    2015-11-07 14:34 - 2015-12-11 04:00 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    EmptyTemp:

    0