Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-12-2015 Ran by Aramejskie PsP (administrator) on ARABSKAPATELNIA (08-12-2015 22:26:51) Running from C:\Users\Aramejskie PsP\Desktop\farbar Loaded Profiles: Aramejskie PsP (Available Profiles: Aramejskie PsP) Platform: Microsoft Windows 7 Ultimate (X86) Language: Angielski (Stany Zjednoczone) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] () HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKU\S-1-5-21-4007559694-3794498742-1702077847-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [220672 2009-07-14] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-11-28] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 176.118.143.2 176.118.143.6 192.168.1.1 Tcpip\..\Interfaces\{0C6884CE-47C7-4FB8-9EB8-E1EC922A563A}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{0C6884CE-47C7-4FB8-9EB8-E1EC922A563A}: [DhcpNameServer] 176.118.143.2 176.118.143.6 192.168.1.1 Tcpip\..\Interfaces\{937879C4-134C-4F1D-AE74-5EEBED85A401}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{E7A81199-F178-45BE-AFC9-402577ECEE41}: [NameServer] 8.8.8.8,8.8.4.4 Internet Explorer: ================== BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-27] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-27] (Oracle Corporation) Chrome: ======= CHR Profile: C:\Users\Aramejskie PsP\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Aramejskie PsP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-08] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed] R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [536346624 2007-12-21] () [File not signed] S3 Steam Client Service; "C:\Program Files\Common Files\Steam\SteamService.exe" /RunAsService [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-13] (Atheros Communications, Inc.) R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2015-11-28] (Duplex Secure Ltd.) U3 a6hfhfqk; C:\Windows\system32\Drivers\a6hfhfqk.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder) U3 pwlirpoc; \??\C:\Users\ARAMEJ~1\AppData\Local\Temp\pwlirpoc.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-08 18:20 - 2015-12-08 18:20 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Roaming\TeamViewer 2015-12-08 17:21 - 2015-12-08 17:21 - 00380416 _____ C:\Users\Aramejskie PsP\Downloads\9ylfu6o6.exe 2015-12-08 16:15 - 2015-12-08 22:26 - 00000000 ____D C:\Users\Aramejskie PsP\Desktop\farbar 2015-12-08 15:54 - 2015-12-08 22:26 - 00000000 ____D C:\FRST 2015-12-08 15:29 - 2015-12-08 15:30 - 00018944 ___SH C:\Users\Aramejskie PsP\Thumbs.db 2015-12-06 22:12 - 2015-12-06 22:12 - 00000480 ____H C:\Users\Aramejskie PsP\AppData\Roaming\½ž’“Ó™œ‰ 2015-12-06 11:14 - 2015-12-06 11:14 - 00000104 _____ C:\Users\Aramejskie PsP\Desktop\Panel sterowania — skrót.lnk 2015-11-30 22:09 - 2015-11-30 22:09 - 00000363 _____ C:\Users\Aramejskie PsP\Desktop\Komputer — skrót.lnk 2015-11-28 17:13 - 2015-11-28 17:13 - 00477240 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2015-11-28 16:59 - 2015-12-08 16:14 - 00000000 ____D C:\Users\Aramejskie PsP\Downloads\Diablo 2 LOD + Dodatki 2015-11-28 16:59 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\LocalLow\uTorrent 2015-11-28 16:57 - 2015-11-28 16:57 - 00002687 _____ C:\Users\Aramejskie PsP\Desktop\µTorrent.lnk 2015-11-28 16:57 - 2015-11-28 16:57 - 00002687 _____ C:\Users\Aramejskie PsP\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-11-28 16:57 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Roaming\uTorrent 2015-11-28 09:50 - 2015-11-28 09:50 - 00000000 ____D C:\Windows\system32\SPReview 2015-11-28 09:49 - 2015-11-28 09:49 - 00000000 ____D C:\Windows\system32\EventProviders 2015-11-28 01:56 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Roaming\Macromedia 2015-11-28 01:56 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Roaming\Adobe 2015-11-28 01:48 - 2015-11-28 01:48 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-11-28 01:48 - 2015-11-28 01:48 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-11-28 01:48 - 2015-11-28 01:48 - 00000000 ____D C:\Windows\system32\Macromed 2015-11-28 01:48 - 2007-12-21 00:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-28 01:45 - 2015-11-28 01:45 - 00001094 _____ C:\Users\Aramejskie PsP\Desktop\GameRanger.lnk 2015-11-28 01:45 - 2015-11-28 01:45 - 00001080 _____ C:\Users\Aramejskie PsP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk 2015-11-28 01:45 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Roaming\GameRanger 2015-11-27 20:54 - 2015-11-27 20:54 - 00000000 ____D C:\Program Files\Common Files\Java 2015-11-27 20:53 - 2015-11-27 20:53 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2015-11-27 20:53 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\LocalLow\Sun 2015-11-27 20:53 - 2007-12-21 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-11-27 20:52 - 2015-11-27 20:52 - 00000000 ____D C:\Program Files\Java 2015-11-27 20:52 - 2007-12-21 00:22 - 00000000 ____D C:\ProgramData\Oracle 2015-11-27 20:51 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\LocalLow\Oracle 2015-11-27 20:42 - 2015-11-27 20:42 - 00000000 ____D C:\Program Files\WinRAR 2015-11-27 20:42 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Roaming\WinRAR 2015-11-27 20:42 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-11-27 20:42 - 2007-12-21 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-11-27 20:18 - 2015-12-07 17:51 - 00687812 _____ C:\Windows\system32\perfh015.dat 2015-11-27 20:18 - 2015-12-07 17:51 - 00131366 _____ C:\Windows\system32\perfc015.dat 2015-11-27 20:18 - 2015-11-27 19:33 - 00337158 _____ C:\Windows\system32\perfi015.dat 2015-11-27 20:18 - 2015-11-27 19:33 - 00038710 _____ C:\Windows\system32\perfd015.dat 2015-11-27 20:14 - 2015-11-27 20:14 - 00000000 ____D C:\Windows\system32\XPSViewer 2015-11-27 20:13 - 2015-11-27 20:13 - 00000000 ____D C:\Windows\system32\pl 2015-11-27 20:12 - 2015-11-27 20:12 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-11-27 20:12 - 2015-11-27 20:12 - 00000000 ____D C:\Windows\system32\appraiser 2015-11-27 19:23 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Local\TeamViewer 2015-11-27 19:22 - 2015-09-18 17:32 - 00023384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-11-27 19:22 - 2015-09-18 17:30 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-11-27 19:22 - 2015-09-18 17:30 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-11-27 19:22 - 2015-09-18 17:30 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-11-27 19:22 - 2015-09-18 17:30 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-11-27 19:22 - 2015-09-18 17:30 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-11-27 19:22 - 2015-09-18 17:25 - 00999936 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-11-27 19:22 - 2015-05-21 14:18 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-11-27 19:22 - 2015-01-28 00:28 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-11-27 19:22 - 2014-09-15 01:42 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-27 19:22 - 2010-04-07 08:10 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-11-27 19:22 - 2010-01-09 07:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll 2015-11-27 19:22 - 2009-12-02 09:17 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-27 19:22 - 2009-10-10 03:57 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys 2015-11-27 19:21 - 2015-03-19 03:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-11-27 19:21 - 2015-03-19 03:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-27 19:21 - 2013-03-19 05:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-11-27 19:21 - 2013-03-19 03:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-11-27 19:21 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-11-27 19:21 - 2010-12-18 06:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-27 19:21 - 2010-10-16 05:36 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2015-11-27 19:21 - 2010-08-21 06:36 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-27 19:21 - 2010-06-22 03:47 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2015-11-27 19:21 - 2010-06-22 03:47 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2015-11-27 19:21 - 2010-06-22 03:47 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2015-11-27 19:21 - 2010-03-08 22:33 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-27 19:21 - 2009-12-29 07:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-11-27 19:21 - 2009-09-26 06:58 - 00194488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2015-11-27 19:20 - 2015-12-08 15:36 - 00000000 ____D C:\Program Files\TeamViewer 2015-11-27 19:20 - 2015-11-27 19:20 - 00001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-11-27 19:20 - 2015-11-27 19:20 - 00000999 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-11-27 19:17 - 2010-02-27 08:32 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-11-27 19:17 - 2010-02-27 08:32 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-27 19:17 - 2010-02-27 08:32 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-27 19:06 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-27 19:06 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-27 19:06 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-11-27 19:06 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-27 19:05 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-27 19:05 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-11-27 19:05 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-27 19:04 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-27 19:04 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-27 18:54 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Roaming\ATI 2015-11-27 18:54 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Local\ATI 2015-11-27 18:54 - 2007-12-21 00:22 - 00000000 ____D C:\ProgramData\ATI 2015-11-27 18:49 - 2007-12-21 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center 2015-11-27 18:45 - 2015-11-27 18:45 - 00000000 ____D C:\Program Files\ATI 2015-11-27 18:45 - 2007-12-21 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Install Manager 2015-11-27 18:45 - 2007-07-21 23:52 - 00048736 _____ C:\Windows\system32\Drivers\ativvpxx.vp 2015-11-27 18:45 - 2007-07-21 22:05 - 02920448 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2015-11-27 18:45 - 2007-07-21 21:55 - 00344064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll 2015-11-27 18:45 - 2007-07-21 21:55 - 00262144 _____ (ATI Technologies, Inc.) C:\Windows\system32\atipdlxx.dll 2015-11-27 18:45 - 2007-07-21 21:55 - 00237568 _____ (ATI Technologies, Inc.) C:\Windows\system32\Oemdspif.dll 2015-11-27 18:45 - 2007-07-21 21:55 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll 2015-11-27 18:45 - 2007-07-21 21:54 - 00241664 _____ (ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.dll 2015-11-27 18:45 - 2007-07-21 21:54 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\system32\ati2edxx.dll 2015-11-27 18:45 - 2007-07-21 21:53 - 00610304 _____ (ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe 2015-11-27 18:45 - 2007-07-21 21:43 - 02998272 _____ (ATI Technologies Inc. ) C:\Windows\system32\atiumdag.dll 2015-11-27 18:45 - 2007-07-21 21:38 - 08118272 _____ (ATI Technologies Inc.) C:\Windows\system32\atioglxx.dll 2015-11-27 18:45 - 2007-07-21 21:30 - 03822592 _____ (ATI Technologies Inc. ) C:\Windows\system32\atiumdva.dll 2015-11-27 18:45 - 2007-07-21 21:29 - 03107788 _____ C:\Windows\system32\atiumdva.dat 2015-11-27 18:45 - 2007-07-21 21:10 - 00049152 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2015-11-27 18:45 - 2007-05-30 11:37 - 00002096 _____ C:\Windows\system32\Drivers\ativpkxx.vp 2015-11-27 18:45 - 2007-05-30 11:37 - 00002096 _____ C:\Windows\system32\Drivers\ativokxx.vp 2015-11-27 18:45 - 2007-04-18 08:19 - 00002096 _____ C:\Windows\system32\Drivers\ativdkxx.vp 2015-11-27 18:45 - 2007-02-20 16:39 - 00144773 _____ C:\Windows\system32\atiicdxx.dat 2015-11-27 18:45 - 2006-10-30 11:22 - 00008192 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\AtiPcie.sys 2015-11-27 18:45 - 2006-08-23 17:26 - 00328162 _____ C:\Windows\system32\Drivers\ativcaxx.cpa 2015-11-27 18:45 - 2006-08-23 17:26 - 00000929 _____ C:\Windows\system32\Drivers\ativcaxx.vp 2015-11-27 18:44 - 2015-11-27 18:48 - 00000000 ____D C:\Program Files\ATI Technologies 2015-11-27 18:26 - 2007-12-21 00:22 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-27 18:12 - 2015-11-27 18:12 - 00000000 ____D C:\Windows\pss 2015-11-27 17:50 - 2015-06-23 12:27 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-11-27 17:50 - 2007-12-21 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-11-27 17:50 - 2007-12-21 00:18 - 00001214 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-11-27 17:46 - 2015-12-08 19:06 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-27 17:46 - 2015-11-27 17:48 - 00000000 ____D C:\Program Files\Google 2015-11-27 17:46 - 2007-12-21 00:01 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-27 17:45 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Local\Google 2015-11-27 17:44 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Local\Deployment 2015-11-27 17:44 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Local\Apps\2.0 2015-11-27 17:44 - 2007-12-21 00:02 - 00057560 _____ C:\Users\Aramejskie PsP\AppData\Local\GDIPFONTCACHEV1.DAT 2015-11-27 17:29 - 2015-11-27 17:29 - 00000020 ___SH C:\Users\Aramejskie PsP\ntuser.ini 2015-11-27 17:29 - 2015-11-27 17:29 - 00000000 _SHDL C:\Users\Aramejskie PsP\My Documents 2015-11-27 17:29 - 2015-11-27 17:29 - 00000000 _SHDL C:\Users\Aramejskie PsP\Documents\My Videos 2015-11-27 17:29 - 2015-11-27 17:29 - 00000000 _SHDL C:\Users\Aramejskie PsP\Documents\My Pictures 2015-11-27 17:29 - 2015-11-27 17:29 - 00000000 _SHDL C:\Users\Aramejskie PsP\Documents\My Music 2015-11-27 17:29 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Roaming\Media Center Programs 2015-11-27 17:29 - 2007-12-21 00:22 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Local\VirtualStore 2015-11-27 17:28 - 2015-12-08 15:29 - 00000000 ____D C:\Users\Aramejskie PsP 2015-11-27 17:26 - 2015-12-07 17:51 - 01523412 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-27 17:26 - 2010-01-26 02:07 - 00000048 __RSH C:\wedaolu 2015-11-27 17:26 - 2010-01-09 11:17 - 00206312 __RSH C:\grldr ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-08 16:21 - 2007-12-21 00:03 - 00000000 ____D C:\Users\Aramejskie PsP\AppData\Local\SmartWeb 2015-12-08 15:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows 2015-11-28 09:16 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\AppCompat 2015-11-27 21:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache 2015-11-27 20:14 - 2009-07-14 05:56 - 00000000 ____D C:\Windows\system32\winrm 2015-11-27 20:14 - 2009-07-14 05:56 - 00000000 ____D C:\Windows\system32\WCN 2015-11-27 20:14 - 2009-07-14 05:56 - 00000000 ____D C:\Windows\system32\slmgr 2015-11-27 20:14 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\MUI 2015-11-27 20:14 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\IME 2015-11-27 20:14 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\System 2015-11-27 20:13 - 2009-07-14 05:56 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2015-11-27 20:13 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\com 2015-11-27 18:24 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared ==================== Files in the root of some directories ======= 2015-12-06 22:12 - 2015-12-06 22:12 - 0000480 ____H () C:\Users\Aramejskie PsP\AppData\Roaming\½ž’“Ó™œ‰ Some files in TEMP: ==================== C:\Users\Aramejskie PsP\AppData\Local\Temp\dnsapi.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2007-12-21 09:32 ==================== End of FRST.txt ============================