Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-07-2015 Ran by Kamil (administrator) on PC on 05-07-2015 17:33:09 Running from C:\Documents and Settings\Kamil\Moje dokumenty\Pobrane Loaded Profiles: Kamil (Available Profiles: Kamil & Administrator) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (AKKORP) C:\Program Files\Beniamin\TGuard.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Ares Development Group) C:\Program Files\Ares\Ares.exe () C:\WINDOWS\system32\PnkBstrA.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (BitTorrent Inc.) D:\daj\BitTorrent.exe () C:\WINDOWS\system32\PnkBstrB.exe () C:\Documents and Settings\All Users\Dane aplikacji\c716fd70-872c-4aaa-a07f-e248365d7f56\plugincontainer.exe (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe () C:\Program Files\Common Files\c716fd70-872c-4aaa-a07f-e248365d7f56\updater.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe () C:\Documents and Settings\All Users\Dane aplikacji\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\3\Plugin.exe () C:\Documents and Settings\All Users\Dane aplikacji\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\2\Plugin.exe () C:\Documents and Settings\All Users\Dane aplikacji\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\7\Plugin.exe () C:\Documents and Settings\All Users\Dane aplikacji\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\3\Plugin.exe () C:\Documents and Settings\All Users\Dane aplikacji\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\6\Plugin.exe () C:\Documents and Settings\All Users\Dane aplikacji\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\8\Plugin.exe () C:\Documents and Settings\All Users\Dane aplikacji\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\7\Plugin.exe () C:\Documents and Settings\All Users\Dane aplikacji\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\5\Plugin.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe () C:\Documents and Settings\Kamil\Moje dokumenty\Pobrane\v3e8gvvq.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [tguard] => C:\Program Files\Beniamin\tguard.exe [561152 2008-01-31] (AKKORP) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-19] (Avast Software s.r.o.) Winlogon\Notify\Antiwpa: C:\WINDOWS\system32\antiwpa.dll [2005-12-29] () Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2014-01-07] (ATI Technologies Inc.) HKU\S-1-5-21-1482476501-1326574676-725345543-1004\...\Run: [EPSON SX210 Series] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE [199680 2008-11-06] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1482476501-1326574676-725345543-1004\...\Run: [ares] => C:\Program Files\Ares\Ares.exe [888832 2008-08-21] (Ares Development Group) HKU\S-1-5-21-1482476501-1326574676-725345543-1004\...\Run: [Gadu-Gadu] => C:\Program Files\Gadu-Gadu\gg.exe [2127296 2008-03-20] (Gadu-Gadu S.A.) HKU\S-1-5-21-1482476501-1326574676-725345543-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5282584 2014-11-21] (Piriform Ltd) HKU\S-1-5-21-1482476501-1326574676-725345543-1004\...\Run: [BitTorrent] => D:\daj\BitTorrent.exe [1999976 2015-06-21] (BitTorrent Inc.) HKU\S-1-5-21-1482476501-1326574676-725345543-1004\...\MountPoints2: {bb304c04-8436-11e4-a813-bc78086587c4} - G:\AutoRun.exe HKU\S-1-5-21-1482476501-1326574676-725345543-1004\...\MountPoints2: {bb304c09-8436-11e4-a813-cd60f97eb32e} - H:\AutoRun.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-09] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150409 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1428599424&from=cor&uid=ST3320613AS_9SZ079KVXXXX9SZ079KV&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1428599424&from=cor&uid=ST3320613AS_9SZ079KVXXXX9SZ079KV HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1428599424&from=cor&uid=ST3320613AS_9SZ079KVXXXX9SZ079KV&q={searchTerms} HKU\S-1-5-21-1482476501-1326574676-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150409 HKU\S-1-5-21-1482476501-1326574676-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1482476501-1326574676-725345543-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1428599424&from=cor&uid=ST3320613AS_9SZ079KVXXXX9SZ079KV SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=1428599424&from=cor&uid=ST3320613AS_9SZ079KVXXXX9SZ079KV&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=1428599424&from=cor&uid=ST3320613AS_9SZ079KVXXXX9SZ079KV&q={searchTerms} SearchScopes: HKU\S-1-5-21-1482476501-1326574676-725345543-1004 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-18] (Avast Software s.r.o.) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO: Assist Point -> {dc727a8c-7582-483c-a1c2-2b885f099bb5} -> C:\Program Files\Assist Point\Extensions\dc727a8c-7582-483c-a1c2-2b885f099bb5.dll [2015-04-09] () BHO: EpsonToolBandKicker Class -> {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} -> C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22] (SEIKO EPSON CORPORATION) Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22] (SEIKO EPSON CORPORATION) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) Toolbar: HKU\S-1-5-21-1482476501-1326574676-725345543-1004 -> EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22] (SEIKO EPSON CORPORATION) Winsock: Catalog9 01 C:\WINDOWS\system32\bnmndrv.dll [622592 2014-12-15] () Winsock: Catalog9 02 C:\WINDOWS\system32\bnmndrv.dll [622592 2014-12-15] () Winsock: Catalog9 03 C:\WINDOWS\system32\bnmndrv.dll [622592 2014-12-15] () Winsock: Catalog9 04 C:\WINDOWS\system32\bnmndrv.dll [622592 2014-12-15] () Winsock: Catalog9 05 C:\WINDOWS\system32\bnmndrv.dll [622592 2014-12-15] () Winsock: Catalog9 11 C:\WINDOWS\system32\bnmndrv.dll [622592 2014-12-15] () Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 212.2.96.51 Tcpip\..\Interfaces\{7F7D40F9-44B6-4AAA-9531-5391356C54CD}: [DhcpNameServer] 192.168.1.1 212.2.96.51 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\h1k86f3f.default FF NewTab: chrome://quick_start/content/index.html FF SelectedSearchEngine: do-search FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-28] () FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.11.2105 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2005-07-07] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.1212 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2005-07-07] (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin HKU\S-1-5-21-1482476501-1326574676-725345543-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF SearchPlugin: C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\h1k86f3f.default\searchplugins\ask-web-search.xml [2015-02-10] FF Extension: Adblock Plus - C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\h1k86f3f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-22] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-15] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-03-19] FF HKLM\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\h1k86f3f.default\extensions\searchengine@gmail.com FF HKLM\...\Firefox\Extensions: [istart_ffnt@gmail.com] - C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\h1k86f3f.default\extensions\istart_ffnt@gmail.com Chrome: ======= CHR Profile: C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-22] CHR Extension: (Google Docs) - C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-22] CHR Extension: (Google Drive) - C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-22] CHR Extension: (YouTube) - C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-22] CHR Extension: (Google Search) - C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-22] CHR Extension: (Avast SafePrice) - C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-02-22] CHR Extension: (Google Sheets) - C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-22] CHR Extension: (Avast Online Security) - C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-22] CHR Extension: (Google Wallet) - C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-22] CHR Extension: (Gmail) - C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-22] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-18] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-18] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AresChatServer; C:\Program Files\Ares\chatServer.exe [263168 2007-03-20] (Ares Development Group) [File not signed] R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [643072 2014-01-07] (ATI Technologies Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.) R2 NwSapAgent; C:\WINDOWS\System32\ipxsap.dll [66560 2004-08-04] (Microsoft Corporation) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2015-07-03] () R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [281688 2015-07-05] () R2 Service Mgr AssistPoint; C:\Documents and Settings\All Users\Dane aplikacji\c716fd70-872c-4aaa-a07f-e248365d7f56\plugincontainer.exe [659216 2015-07-05] () R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) R2 Update Mgr AssistPoint; C:\Program Files\Common Files\c716fd70-872c-4aaa-a07f-e248365d7f56\updater.exe [575760 2015-07-05] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24144 2015-05-09] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [74976 2015-05-09] (Avast Software s.r.o.) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-05-09] (Avast Software s.r.o.) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904 2015-05-09] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787760 2015-05-09] (Avast Software s.r.o.) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [427992 2015-05-09] (Avast Software s.r.o.) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-05-09] (Avast Software s.r.o.) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209048 2015-05-09] () R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [7875072 2014-01-07] (ATI Technologies Inc.) [File not signed] S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation) R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2004-08-04] (Microsoft Corporation) R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2004-08-04] (Microsoft Corporation) S3 RTHDMIAzAudService; C:\WINDOWS\System32\drivers\RtKHDMI.sys [4125352 2011-12-02] (Realtek Semiconductor Corp.) S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org) S4 IntelIde; No ImagePath S3 massfilter; system32\drivers\massfilter.sys [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] U3 pxtdapow; \??\C:\DOCUME~1\Kamil\USTAWI~1\Temp\pxtdapow.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-05 17:32 - 2015-07-05 17:33 - 00000000 ____D C:\FRST 2015-07-05 16:58 - 2015-07-05 16:58 - 00000000 ___RD C:\Documents and Settings\Kamil\Moje dokumenty\Moja muzyka 2015-07-05 16:45 - 2012-11-29 13:02 - 00446976 _____ (RELOADED) C:\Documents and Settings\Kamil\Pulpit\Far Cry 3 Wybór języka.exe 2015-07-04 09:32 - 2015-07-05 10:16 - 00138032 _____ C:\WINDOWS\system32\Drivers\PnkBstrK.sys 2015-07-03 23:27 - 2015-07-05 17:05 - 00281688 _____ C:\WINDOWS\system32\PnkBstrB.xtr 2015-07-03 23:27 - 2015-07-05 17:05 - 00281688 _____ C:\WINDOWS\system32\PnkBstrB.exe 2015-07-03 23:27 - 2015-07-05 10:15 - 00281688 _____ C:\WINDOWS\system32\PnkBstrB.ex0 2015-07-03 23:27 - 2015-07-03 23:27 - 00076888 _____ C:\WINDOWS\system32\PnkBstrA.exe 2015-07-03 23:27 - 2015-07-03 23:27 - 00000000 ____D C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\PunkBuster 2015-07-03 23:27 - 2015-07-03 23:27 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Orbit 2015-06-23 09:20 - 2015-06-23 09:24 - 54822456 _____ C:\Documents and Settings\Kamil\Moje dokumenty\FarCry3.exe 2015-06-21 17:33 - 2015-07-05 17:34 - 00000000 ____D C:\Documents and Settings\Kamil\Dane aplikacji\BitTorrent 2015-06-21 17:33 - 2015-06-21 17:33 - 00000421 _____ C:\Documents and Settings\Kamil\Menu Start\BitTorrent.lnk 2015-06-21 12:48 - 2015-06-21 12:48 - 00000403 _____ C:\WINDOWS\wmsetup.log 2015-06-21 12:47 - 2015-06-21 13:39 - 630256642 _____ C:\Documents and Settings\Kamil\Moje dokumenty\DyLight-update_1.4.exe 2015-06-21 12:46 - 2015-06-21 12:46 - 00000060 _____ C:\WINDOWS\setupact.log 2015-06-21 12:46 - 2015-06-21 12:46 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-06-21 12:30 - 2015-06-21 12:34 - 53707034 _____ C:\Documents and Settings\Kamil\Moje dokumenty\Dying-Light.exe 2015-06-11 09:28 - 2015-06-11 09:28 - 00000000 ____D C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\DroxIotADemo 2015-06-11 09:27 - 2015-07-03 23:27 - 00000000 ____D C:\Documents and Settings\Kamil\Pulpit\Moje dokumęty 2015-06-11 09:04 - 2015-06-11 09:04 - 00000000 ____D C:\Documents and Settings\Kamil\Menu Start\Programy\Gry 2015-06-10 17:09 - 2015-06-23 09:17 - 00001819 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-05 17:34 - 2014-12-15 11:01 - 00000000 ____D C:\Documents and Settings\Kamil\Moje dokumenty\Pobrane 2015-07-05 17:34 - 2014-12-15 10:16 - 00000000 ____D C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp 2015-07-05 17:29 - 2014-12-15 11:21 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-07-05 17:28 - 2014-12-15 10:06 - 01922055 _____ C:\WINDOWS\WindowsUpdate.log 2015-07-05 17:27 - 2015-06-03 21:25 - 00000278 _____ C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job 2015-07-05 17:27 - 2015-04-09 19:21 - 00000418 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1428600071.job 2015-07-05 17:27 - 2015-04-09 19:12 - 00000000 ____D C:\Program Files\Opera 2015-07-05 17:27 - 2015-03-22 22:16 - 00000222 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-07-05 17:27 - 2015-02-22 11:03 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-05 17:27 - 2014-12-15 10:59 - 00000159 _____ C:\WINDOWS\wiadebug.log 2015-07-05 17:27 - 2014-12-15 10:59 - 00000050 _____ C:\WINDOWS\wiaservc.log 2015-07-05 17:27 - 2014-12-15 10:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-07-05 17:17 - 2015-02-22 11:03 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-05 16:58 - 2014-12-15 10:16 - 00000000 ___RD C:\Documents and Settings\Kamil\Moje dokumenty 2015-07-05 16:45 - 2014-12-15 11:25 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-07-05 16:45 - 2014-12-15 10:16 - 00000000 ____D C:\Documents and Settings\Kamil\Pulpit 2015-07-05 16:43 - 2015-04-09 19:10 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\c716fd70-872c-4aaa-a07f-e248365d7f56 2015-07-05 16:38 - 2015-04-09 19:10 - 00000000 ____D C:\Program Files\Common Files\c716fd70-872c-4aaa-a07f-e248365d7f56 2015-07-05 16:36 - 2014-12-15 10:16 - 00032558 _____ C:\WINDOWS\SchedLgU.Txt 2015-07-05 12:41 - 2014-12-15 10:16 - 00000188 ___SH C:\Documents and Settings\Kamil\ntuser.ini 2015-07-05 10:15 - 2014-12-15 10:16 - 00000188 ___SH C:\Documents and Settings\LocalService\ntuser.ini 2015-07-05 10:10 - 2015-02-22 10:51 - 00000000 ____D C:\Documents and Settings\Kamil\Gadu-Gadu 2015-07-05 00:45 - 2015-05-22 07:27 - 00196608 _____ C:\WINDOWS\system32\config\ACEEvent.evt 2015-07-04 09:30 - 2014-12-15 10:16 - 00000000 ____D C:\Documents and Settings\Kamil 2015-07-04 09:30 - 2004-08-04 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2015-07-03 23:27 - 2015-03-19 22:03 - 00000000 ____D C:\WINDOWS\system32\LogFiles 2015-07-03 23:27 - 2014-12-15 10:54 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2015-07-03 23:27 - 2014-12-15 10:16 - 00000000 ___HD C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji 2015-06-28 11:35 - 2014-12-15 10:05 - 00000000 ____D C:\WINDOWS\system32\Restore 2015-06-28 02:38 - 2014-12-15 11:24 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-06-28 02:38 - 2014-12-15 11:24 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-06-22 20:41 - 2014-12-15 10:56 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2015-06-21 17:33 - 2014-12-15 10:16 - 00000000 __RHD C:\Documents and Settings\Kamil\Dane aplikacji 2015-06-21 17:33 - 2014-12-15 10:16 - 00000000 ___RD C:\Documents and Settings\Kamil\Menu Start 2015-06-21 12:42 - 2015-02-21 21:25 - 00009728 _____ C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-06-16 16:28 - 2014-12-15 10:16 - 00000000 ___HD C:\Documents and Settings\Kamil\Ustawienia lokalne 2015-06-11 09:27 - 2014-12-15 10:56 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2015-06-11 09:04 - 2014-12-15 10:16 - 00000000 ___RD C:\Documents and Settings\Kamil\Menu Start\Programy 2015-06-11 08:33 - 2015-04-10 21:32 - 00067762 _____ C:\WINDOWS\setupapi.log 2015-06-11 08:33 - 2014-12-15 10:06 - 00000000 ____D C:\WINDOWS\system32\DirectX ==================== Files in the root of some directories ======= 2015-01-22 12:35 - 2015-01-22 12:35 - 0036906 _____ () C:\Documents and Settings\Kamil\Dane aplikacji\crashdump.dmp 2015-02-21 21:25 - 2015-06-21 12:42 - 0009728 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-28 17:07 - 2015-04-28 17:07 - 0000000 ___SH () C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\LumaEmu Some files in TEMP: ==================== C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\comver.dll C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\drm_dyndata_7340014.dll C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\Execute2App.exe C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\ICReinstall_Steam(18206)-dp.exe C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\ICReinstall_Windows Media Player 10.exe C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\InstStub.exe C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\Kies3RemoveAll.exe C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\msvcp90.dll C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\msvcr90.dll C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\setup_wm.exe C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\xmlUpdater.exe C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\{BD5511AE-E8D8-45D1-AA57-C94E27E90A3C}-43.0.2357.65_42.0.2311.152_chrome_updater.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of log ============================