Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-01-2015 01 ([color=red]ATTENTION: ====> FRST version is 17 days old and could be outdated[/color]) Ran by Janusz (administrator) on JANUSZ-PC on 29-01-2015 01:19:02 Running from C:\Users\Janusz\Downloads\28 stycz 2015 forum Loaded Profile: Janusz (Available profiles: Janusz) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe (Vimicro) C:\Windows\vmsnap3.exe () C:\Windows\Domino.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe ( ) C:\Program Files\ChomikBox\chomikbox.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Microsoft Corporation) C:\Windows\System32\conime.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [VMSnap3] => C:\Windows\VMSnap3.exe [49152 2006-07-18] (Vimicro) HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-07-04] () HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-10-31] (Realtek Semiconductor) HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-10-11] (Realtek Semiconductor Corp.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456 2014-10-01] (ESET) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-428840236-531340148-3836443965-1000\...\Run: [ChomikBox] => C:\Program Files\ChomikBox\chomikbox.exe [5979648 2012-11-15] ( ) HKU\S-1-5-21-428840236-531340148-3836443965-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-428840236-531340148-3836443965-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-428840236-531340148-3836443965-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ HKU\S-1-5-21-428840236-531340148-3836443965-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.gry.jeja.pl/47,pryskajace-banki.html http://pasjans-online.pl/ SearchScopes: HKU\S-1-5-21-428840236-531340148-3836443965-1000 -> DefaultScope 2A156E3308864EDAB4FE51B856899563 URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-428840236-531340148-3836443965-1000 -> 2A156E3308864EDAB4FE51B856899563 URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKU\S-1-5-21-428840236-531340148-3836443965-1000 -> &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation) Toolbar: HKU\S-1-5-21-428840236-531340148-3836443965-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 FireFox: ======== FF ProfilePath: C:\Users\Janusz\AppData\Roaming\Mozilla\Firefox\Profiles\bjg1ibys.od25lut14 FF SearchEngineOrder.3: Bing FF Homepage: about:home FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-428840236-531340148-3836443965-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Janusz\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-428840236-531340148-3836443965-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Janusz\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Janusz\AppData\Roaming\Mozilla\Firefox\Profiles\bjg1ibys.od25lut14\searchplugins\bingp.xml FF Extension: FEBE - C:\Users\Janusz\AppData\Roaming\Mozilla\Firefox\Profiles\dumjv91v.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2013-06-21] FF Extension: Saved Password Editor - C:\Users\Janusz\AppData\Roaming\Mozilla\Firefox\Profiles\dumjv91v.default\Extensions\savedpasswordeditor@daniel.dawson.xpi [2011-07-12] FF Extension: Flagfox - C:\Users\Janusz\AppData\Roaming\Mozilla\Firefox\Profiles\vzw05s1g.erodate2onplock\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012-06-20] FF Extension: Microsoft .NET Framework Assistant - C:\Users\Janusz\AppData\Roaming\Mozilla\Firefox\Profiles\vzw05s1g.erodate2onplock\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-25] Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2014-10-01] (ESET) S3 FDR; C:\Program Files\Microsoft Logo\Software Certification Toolkit\FDRAgent.exe [806792 2010-05-12] (Microsoft Corp.) S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed] S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed] S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123424 2014-10-10] (ESET) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-02] (REALiX(tm)) R3 ip100Avista; C:\Windows\System32\DRIVERS\ipfnd51.sys [31232 2010-11-23] (IC Plus Corp. ) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] () S3 PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org) [File not signed] S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2009-11-19] (MCCI Corporation) R0 SysTrace; C:\Windows\System32\Drivers\SysTrace.sys [92800 2011-09-19] (Microsoft Corp.) [File not signed] S3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [480128 2007-06-23] (Vimicro Corporation) S3 ZSMC0303; C:\Windows\System32\Drivers\usbVM303.sys [1472768 2007-05-15] (Vimicro Corporation) S4 IpInIp; system32\DRIVERS\ipinip.sys [X] S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-28 23:19 - 2015-01-28 23:20 - 00000000 ____D () C:\Users\Janusz\Downloads\dz zdarz 2015-01-28 22:37 - 2015-01-29 01:19 - 00000000 ____D () C:\Users\Janusz\Downloads\28 stycz 2015 forum 2015-01-28 22:37 - 2015-01-29 01:18 - 00000000 ____D () C:\Users\Janusz\Downloads\bsody 7 24 sty 15 2015-01-24 21:40 - 2015-01-24 21:40 - 00146680 _____ () C:\Windows\Minidump\Mini012415-02.dmp 2015-01-24 08:31 - 2015-01-24 08:32 - 00147456 _____ () C:\Windows\Minidump\Mini012415-01.dmp 2015-01-23 16:24 - 2015-01-23 16:24 - 00146680 _____ () C:\Windows\Minidump\Mini012315-01.dmp 2015-01-19 19:47 - 2015-01-19 19:47 - 00131072 _____ () C:\Windows\Minidump\Mini011915-01.dmp 2015-01-17 23:01 - 2015-01-17 23:01 - 00131072 _____ () C:\Windows\Minidump\Mini011715-01.dmp 2015-01-12 17:54 - 2015-01-12 17:54 - 03452101 _____ () C:\Users\Janusz\Downloads\12 sty 15 vista 1.7z 2015-01-12 17:51 - 2015-01-12 17:53 - 70346029 _____ () C:\Users\Janusz\Downloads\12sty15 vista 2.7z 2015-01-12 15:14 - 2015-01-12 15:14 - 00000000 ____D () C:\Users\Janusz\Downloads\Directory Lister v0.9.1 2015-01-12 14:50 - 2015-01-12 14:50 - 00237703 _____ () C:\Users\Janusz\Downloads\Directory Lister v0.9.1.rar 2015-01-12 13:24 - 2015-01-12 13:24 - 43827786 _____ () C:\Users\Janusz\Downloads\12sty15 CD pit 2014 gofin.7z.005 2015-01-12 13:23 - 2015-01-12 13:24 - 104857600 _____ () C:\Users\Janusz\Downloads\12sty15 CD pit 2014 gofin.7z.004 2015-01-12 13:23 - 2015-01-12 13:24 - 104857600 _____ () C:\Users\Janusz\Downloads\12sty15 CD pit 2014 gofin.7z.001 2015-01-12 13:23 - 2015-01-12 13:23 - 104857600 _____ () C:\Users\Janusz\Downloads\12sty15 CD pit 2014 gofin.7z.003 2015-01-12 13:23 - 2015-01-12 13:23 - 104857600 _____ () C:\Users\Janusz\Downloads\12sty15 CD pit 2014 gofin.7z.002 2015-01-12 12:53 - 2015-01-12 12:53 - 00000000 ____D () C:\Users\Janusz\Downloads\mapy 2015-01-12 12:51 - 2015-01-12 11:20 - 48235715 _____ () C:\Users\Public\12 stycz 15.7z.004 2015-01-12 12:51 - 2015-01-12 11:20 - 104857600 _____ () C:\Users\Public\12 stycz 15.7z.003 2015-01-12 12:51 - 2015-01-12 11:20 - 104857600 _____ () C:\Users\Public\12 stycz 15.7z.002 2015-01-12 12:51 - 2015-01-12 11:20 - 104857600 _____ () C:\Users\Public\12 stycz 15.7z.001 2015-01-12 12:42 - 2015-01-12 22:13 - 00002379 _____ () C:\Users\Janusz\Desktop\Skype.lnk 2015-01-12 12:42 - 2013-12-09 11:30 - 00000870 _____ () C:\Users\Janusz\Desktop\Mozilla Firefox.lnk 2015-01-12 12:42 - 2013-10-21 12:55 - 00000543 _____ () C:\Users\Janusz\Desktop\ChomikBox.lnk 2015-01-12 12:42 - 2012-11-20 10:29 - 00001886 _____ () C:\Users\Janusz\Desktop\HAmcap.lnk 2015-01-12 12:42 - 2012-11-05 16:39 - 00000110 _____ () C:\Users\Janusz\Desktop\RADIOHIT.pls 2015-01-12 12:42 - 2010-07-30 13:15 - 00000077 _____ () C:\Users\Janusz\Desktop\Pokaż Pulpit.scf 2015-01-12 12:42 - 2010-06-29 14:57 - 00146471 _____ () C:\Users\Janusz\Desktop\KULKI.swf 2015-01-12 12:42 - 2010-06-29 14:38 - 00111251 _____ () C:\Users\Janusz\Desktop\PASJANS.SWF.swf 2015-01-12 12:42 - 2010-06-29 12:27 - 00000923 _____ () C:\Users\Janusz\Desktop\Kamerzysta.lnk 2015-01-12 09:48 - 2015-01-12 15:22 - 00000000 ____D () C:\Users\Janusz\Downloads\12sty15 vista 2 2015-01-12 09:28 - 2015-01-12 09:28 - 00000000 ____D () C:\ProgramData\WindowsSearch 2015-01-12 07:34 - 2015-01-12 07:34 - 00000000 ____D () C:\Users\Janusz\Downloads\PACZKA NA WIRY 23 MAJ 14 cz1 2015-01-12 07:28 - 2015-01-12 15:29 - 00000000 ____D () C:\Users\Janusz\Downloads\12 sty 15 vista 1 2015-01-07 17:47 - 2015-01-07 17:47 - 00155960 _____ () C:\Windows\Minidump\Mini010715-01.dmp 2015-01-04 11:34 - 2015-01-04 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2015-01-04 11:34 - 2015-01-04 11:34 - 00000000 ____D () C:\ProgramData\ESET 2015-01-02 14:50 - 2015-01-02 14:50 - 00000000 ____D () C:\Users\Janusz\AppData\Local\PackageAware 2015-01-02 11:34 - 2014-11-04 14:37 - 11059923 _____ () C:\Users\Janusz\Downloads\PACZKA NA WIRY 23 MAJ 14 cz1.7z 2015-01-02 09:32 - 2015-01-02 09:32 - 00023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS 2015-01-02 09:31 - 2015-01-02 09:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32 2015-01-02 09:21 - 2015-01-28 23:28 - 00000000 ____D () C:\Users\Janusz\Downloads\bluescreenview ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-29 01:19 - 2013-12-27 10:54 - 00000000 ____D () C:\FRST 2015-01-29 01:15 - 2010-09-15 11:22 - 00000000 ____D () C:\Windows\pss 2015-01-29 01:08 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public 2015-01-29 00:53 - 2009-04-13 09:02 - 01609052 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-29 00:53 - 2009-04-13 09:01 - 00712332 _____ () C:\Windows\system32\perfh015.dat 2015-01-29 00:53 - 2009-04-13 09:01 - 00150308 _____ () C:\Windows\system32\perfc015.dat 2015-01-29 00:49 - 2010-12-03 19:13 - 00000000 ____D () C:\Users\Janusz\.gstreamer-0.10 2015-01-29 00:49 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\tracing 2015-01-29 00:48 - 2008-01-21 03:47 - 00158060 _____ () C:\Windows\PFRO.log 2015-01-29 00:48 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-29 00:48 - 2006-11-02 13:47 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-29 00:48 - 2006-11-02 13:47 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-29 00:23 - 2009-04-11 13:37 - 01257826 _____ () C:\Windows\WindowsUpdate.log 2015-01-29 00:23 - 2006-11-02 14:01 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-01-29 00:08 - 2011-02-25 09:31 - 00000000 ____D () C:\Program Files\OpenOffice.org 3 2015-01-29 00:02 - 2010-06-29 13:53 - 00000000 ____D () C:\Users\Janusz\AppData\Roaming\Skype 2015-01-28 23:59 - 2010-06-29 08:58 - 00000046 _____ () C:\Windows\adiras.ini 2015-01-28 23:59 - 2010-06-29 08:18 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2015-01-28 23:56 - 2010-06-29 12:49 - 00000000 ____D () C:\Program Files\Java 2015-01-28 23:42 - 2011-10-05 19:02 - 00000000 ____D () C:\Program Files\Adobe 2015-01-28 23:41 - 2014-06-17 22:11 - 00000000 ____D () C:\Users\Janusz\AppData\Local\Adobe 2015-01-28 14:44 - 2012-01-30 10:39 - 00000000 ____D () C:\Users\Janusz\AppData\Local\ChomikBox 2015-01-25 16:51 - 2010-06-30 07:02 - 00000000 ____D () C:\Windows\Minidump 2015-01-25 16:51 - 2010-06-30 07:01 - 332771016 _____ () C:\Windows\MEMORY.DMP 2015-01-12 13:24 - 2013-07-18 10:03 - 00000000 ____D () C:\Users\Janusz\Downloads\OK 2015-01-12 12:12 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Registration 2015-01-12 09:01 - 2012-11-05 16:54 - 00000000 ____D () C:\Users\Janusz\AppData\Roaming\AIMP 2015-01-12 08:36 - 2010-06-29 08:31 - 00025088 _____ () C:\Users\Janusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-12 08:06 - 2010-06-29 07:52 - 00000000 ____D () C:\Users\Janusz 2015-01-04 11:35 - 2006-11-02 12:18 - 00000000 __RHD () C:\Users\Default 2015-01-04 11:34 - 2010-06-29 09:01 - 00000000 ____D () C:\Program Files\ESET 2015-01-02 15:50 - 2014-11-04 10:45 - 00000000 ___HD () C:\Program Files\16 11 2012 2015-01-02 13:48 - 2014-10-07 06:35 - 00000000 ___RD () C:\Program Files\Skype 2015-01-02 13:48 - 2010-06-29 13:53 - 00000000 ____D () C:\ProgramData\Skype 2015-01-02 12:24 - 2014-01-04 15:03 - 00000000 ____D () C:\AdwCleaner 2015-01-02 09:31 - 2012-11-16 21:03 - 00000000 ____D () C:\Program Files\HWiNFO32 2015-01-02 07:49 - 2012-11-18 15:13 - 00000000 ____D () C:\Users\Janusz\AppData\Roaming\GG 2015-01-01 13:19 - 2006-11-02 13:52 - 00113116 _____ () C:\Windows\setupact.log Files to move or delete: ==================== C:\Users\Public\Copy-1.41.0248.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-29 00:55 ==================== End Of Log ============================