Anonim / 2 lata, 8 miesięcy temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Ventura (administrator) on VENTURA-PC on 30-05-2015 14:17:52
Running from C:\Users\Ventura\Downloads
Loaded Profiles: Ventura (Available Profiles: Ventura)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-09-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-948652874-1481667178-746418527-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-948652874-1481667178-746418527-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-948652874-1481667178-746418527-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-948652874-1481667178-746418527-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-948652874-1481667178-746418527-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/?gws_rd=ssl
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Ventura\AppData\Roaming\Mozilla\Firefox\Profiles\p8pngxhm.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-02] ()
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-02] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-948652874-1481667178-746418527-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: HackBar - C:\Users\Ventura\AppData\Roaming\Mozilla\Firefox\Profiles\p8pngxhm.default\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2015-04-04]

Chrome: 
=======
CHR Profile: C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-21]
CHR Extension: (Google Docs) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-21]
CHR Extension: (Google Drive) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-21]
CHR Extension: (YouTube) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-21]
CHR Extension: (Battlefield Heroes) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-12-21]
CHR Extension: (Google Search) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-21]
CHR Extension: (Google Sheets) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-21]
CHR Extension: (LoungeDestroyer) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2015-02-15]
CHR Extension: (AdBlock) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-10]
CHR Extension: (Bookmark Manager) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (Google Wallet) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-21]
CHR Extension: (APK Downloader) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhlfmheblhjhkmacldlhdnbgbaiigba [2015-02-21]
CHR Extension: (Gmail) - C:\Users\Ventura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [936832 2015-03-18] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-18] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-11] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-11] (Disc Soft Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-02-17] (Duplex Secure Ltd.)
U3 a77evu8a; C:\Windows\System32\Drivers\a77evu8a.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-30 14:17 - 2015-05-30 14:18 - 00011047 _____ () C:\Users\Ventura\Downloads\FRST.txt
2015-05-30 14:17 - 2015-05-30 14:17 - 00000000 ____D () C:\FRST
2015-05-30 14:16 - 2015-05-30 14:16 - 02108928 _____ (Farbar) C:\Users\Ventura\Downloads\FRST64.exe
2015-05-30 12:28 - 2015-05-30 12:31 - 00959133 _____ () C:\Users\Ventura\Desktop\etap3.exe
2015-05-30 08:22 - 2015-05-30 08:22 - 00958838 _____ () C:\Users\Ventura\Downloads\etap2.exe
2015-05-30 08:22 - 2015-05-30 08:22 - 00004185 _____ () C:\Users\Ventura\Downloads\etap2.o
2015-05-30 07:55 - 2015-05-30 12:31 - 00003748 _____ () C:\Users\Ventura\Desktop\etap3.o
2015-05-30 07:53 - 2015-05-30 07:53 - 00759752 _____ () C:\Users\Ventura\Downloads\ufasoft_coin-0.110.tar.xz
2015-05-30 07:51 - 2015-05-30 07:51 - 00001091 _____ () C:\Users\Ventura\Desktop\CodeBlocks.lnk
2015-05-30 07:51 - 2015-05-30 07:51 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2015-05-30 07:51 - 2015-05-30 07:51 - 00000000 ____D () C:\Program Files (x86)\CodeBlocks
2015-05-30 07:47 - 2015-05-30 07:51 - 100600973 _____ (The Code::Blocks Team) C:\Users\Ventura\Downloads\codeblocks-12.11mingw-setup.exe
2015-05-30 07:42 - 2015-05-30 12:31 - 00000971 _____ () C:\Users\Ventura\Desktop\etap3.cpp
2015-05-29 20:51 - 2015-05-29 20:51 - 00018549 _____ () C:\Windows\DirectX.log
2015-05-29 18:33 - 2015-05-30 07:26 - 00000112 _____ () C:\Windows\setupact.log
2015-05-29 18:33 - 2015-05-29 18:33 - 00000552 _____ () C:\Windows\PFRO.log
2015-05-29 18:33 - 2015-05-29 18:33 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-29 18:31 - 2015-05-29 18:31 - 00012163 _____ () C:\ComboFix.txt
2015-05-29 17:28 - 2015-05-29 18:31 - 00000000 ____D () C:\Qoobox
2015-05-29 17:28 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-29 17:28 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-29 17:28 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-29 17:28 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-29 17:28 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-29 17:28 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-29 17:28 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-29 17:28 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-29 17:27 - 2015-05-29 17:36 - 00000000 ____D () C:\Windows\erdnt
2015-05-29 17:27 - 2015-05-29 17:27 - 05628678 ____R (Swearware) C:\Users\Ventura\Downloads\ComboFix.exe
2015-05-29 16:07 - 2015-05-29 16:07 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-05-29 16:07 - 2015-05-29 16:07 - 00000000 ____D () C:\Windows\system32\vbox
2015-05-29 16:03 - 2015-05-30 13:31 - 00000127 _____ () C:\Users\Ventura\Desktop\Betting Advice.txt
2015-05-29 16:00 - 2015-05-29 18:21 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-29 16:00 - 2015-05-29 16:00 - 03451936 ____N (Avast Software s.r.o.) C:\Users\Public\Documents\aswOfferTool.exe
2015-05-29 08:24 - 2015-05-29 08:24 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\Steam
2015-05-29 08:08 - 2015-05-29 08:08 - 00001166 _____ () C:\Users\Ventura\Desktop\Wolfenstein The Old Blood.lnk
2015-05-29 08:08 - 2015-05-29 08:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The Old Blood
2015-05-29 07:35 - 2015-05-29 08:28 - 00000000 ____D () C:\Program Files (x86)\Wolfenstein The Old Blood
2015-05-28 22:33 - 2015-05-28 22:33 - 00011880 _____ () C:\Users\Ventura\AppData\Local\recently-used.xbel
2015-05-28 18:10 - 2015-05-28 18:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-27 21:23 - 2015-05-27 23:08 - 00000000 ____D () C:\Users\Ventura\Downloads\The.Witcher.3.Wild.Hunt.Polish.Language.Pack-GOG
2015-05-27 13:21 - 2015-05-27 15:59 - 00000000 ____D () C:\Users\Ventura\Downloads\Wolfenstein.The.Old.Blood-CODEX
2015-05-27 11:50 - 2015-05-29 11:10 - 00000000 ____D () C:\Users\Ventura\Documents\The Witcher 3
2015-05-27 10:25 - 2015-05-27 10:25 - 00001955 _____ () C:\Users\Public\Desktop\The Witcher® 3 - Wild Hunt.lnk
2015-05-27 10:04 - 2015-05-27 10:04 - 00000649 _____ () C:\Users\Ventura\Documents\Ventura - Shortcut.lnk
2015-05-26 12:21 - 2015-05-27 06:44 - 00000000 ____D () C:\Users\Ventura\Downloads\The Witcher 3 Wild Hunt
2015-05-23 20:52 - 2015-05-30 12:37 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\CodeBlocks
2015-05-23 20:52 - 2015-05-30 07:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2015-05-23 20:48 - 2015-05-23 20:48 - 00001390 _____ () C:\Users\Ventura\Downloads\etap2.cpp
2015-05-23 20:45 - 2015-05-24 12:05 - 00000000 ____D () C:\Users\Ventura\Documents\Datee
2015-05-23 14:17 - 2015-05-23 14:25 - 00000000 ____D () C:\WebServ
2015-05-23 14:17 - 2015-05-23 14:17 - 00000590 _____ () C:\Users\Ventura\Desktop\WebServ.lnk
2015-05-23 14:17 - 2015-05-23 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebServ
2015-05-23 14:17 - 2004-06-16 14:39 - 00000005 _____ () C:\Windows\php.ini
2015-05-16 16:01 - 2015-05-29 18:16 - 00000000 ____D () C:\Program Files (x86)\Metin2 Singapore
2015-05-16 14:02 - 2015-05-16 14:06 - 00000000 ____D () C:\Users\Ventura\AbiSuite
2015-05-16 14:02 - 2015-05-16 14:02 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
2015-05-16 14:02 - 2015-05-16 14:02 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\enchant
2015-05-16 14:02 - 2015-05-16 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
2015-05-16 14:01 - 2015-05-16 14:02 - 00000000 ____D () C:\Program Files (x86)\AbiWord
2015-05-08 16:15 - 2015-05-08 16:15 - 04337955 _____ () C:\Users\Ventura\Downloads\Strona Wiedzmina1.rar
2015-05-08 16:15 - 2015-05-07 22:19 - 00000000 ____D () C:\Users\Ventura\Desktop\Strona Wiedzmina
2015-05-06 08:53 - 2015-05-29 00:50 - 00000000 ___RD () C:\Users\Ventura\Dropbox
2015-05-06 08:49 - 2015-05-29 18:18 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\Dropbox
2015-05-05 13:00 - 2015-05-06 09:15 - 00000000 ____D () C:\Users\Ventura\Desktop\Strona Osy
2015-05-05 12:15 - 2015-05-05 13:04 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\Notepad++
2015-05-05 12:15 - 2015-05-05 12:15 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-05-05 12:15 - 2015-05-05 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-05-05 12:15 - 2015-05-05 12:15 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-04-30 18:08 - 2015-04-30 18:12 - 00000080 _____ () C:\Users\Ventura\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-04-30 18:08 - 2015-04-30 18:08 - 00000000 ____D () C:\Users\Ventura\AppData\Local\Rockstar Games
2015-04-30 18:07 - 2015-04-30 18:08 - 00000000 ____D () C:\Users\Ventura\Documents\Rockstar Games
2015-04-30 17:39 - 2015-04-30 18:37 - 00000000 ____D () C:\Program Files\Rockstar Games
2015-04-30 17:39 - 2015-04-30 18:37 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-30 14:09 - 2015-01-04 16:49 - 00000378 _____ () C:\Windows\Tasks\WpsNotifyTask_Ventura.job
2015-05-30 14:08 - 2014-12-21 18:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-30 14:05 - 2015-01-04 16:48 - 00000378 _____ () C:\Windows\Tasks\WpsUpdateTask_Ventura.job
2015-05-30 14:04 - 2014-12-21 18:15 - 00910921 _____ () C:\Windows\WindowsUpdate.log
2015-05-30 13:39 - 2014-12-21 18:23 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-30 13:29 - 2009-07-14 06:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-30 13:29 - 2009-07-14 06:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-30 08:39 - 2014-12-21 18:23 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-30 07:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-29 18:32 - 2015-01-11 11:48 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\DAEMON Tools Lite
2015-05-29 18:32 - 2015-01-01 17:08 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\BitTorrent
2015-05-29 18:30 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-29 18:21 - 2009-07-14 07:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-29 18:17 - 2014-12-21 18:13 - 00000000 ____D () C:\Users\Ventura
2015-05-29 18:16 - 2015-04-07 10:58 - 00000000 ____D () C:\Program Files (x86)\Mount&Blade Warband
2015-05-29 18:15 - 2015-04-02 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-05-29 18:15 - 2015-04-02 12:47 - 00000000 ____D () C:\GOG Games
2015-05-29 18:15 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-29 18:14 - 2015-01-16 20:31 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-05-29 17:37 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-29 17:24 - 2015-03-18 22:23 - 00000000 ____D () C:\Windows\pss
2015-05-29 00:48 - 2009-07-14 06:45 - 00276256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-28 22:33 - 2015-01-06 10:56 - 00000000 ____D () C:\Users\Ventura\AppData\Local\gtk-2.0
2015-05-28 22:33 - 2015-01-06 10:55 - 00000000 ____D () C:\Users\Ventura\.gimp-2.8
2015-05-28 22:33 - 2014-12-21 19:33 - 00000000 ____D () C:\Users\Ventura\Documents\Battlefield Heroes
2015-05-28 18:29 - 2015-01-01 17:09 - 00000000 ____D () C:\ProgramData\APN
2015-05-28 18:29 - 2014-12-21 18:22 - 00058464 _____ () C:\Users\Ventura\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-28 18:08 - 2015-02-20 23:18 - 00000000 ____D () C:\Program Files (x86)\Dead Space 3
2015-05-28 18:05 - 2015-04-02 16:18 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\GameRanger
2015-05-28 18:05 - 2015-01-11 12:39 - 00000000 ____D () C:\Program Files (x86)\Enemy Front
2015-05-28 18:00 - 2014-12-21 18:29 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\Skype
2015-05-27 21:28 - 2009-07-14 07:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-27 21:26 - 2014-12-22 11:17 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\vlc
2015-05-26 09:41 - 2014-12-21 18:25 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-17 08:34 - 2014-12-21 18:23 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 08:34 - 2014-12-21 18:23 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-17 07:32 - 2015-01-25 13:26 - 00000000 ____D () C:\Users\Ventura\AppData\Roaming\TS3Client
2015-05-16 14:03 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-05-05 13:54 - 2014-12-21 18:29 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======

2015-05-28 22:33 - 2015-05-28 22:33 - 0011880 _____ () C:\Users\Ventura\AppData\Local\recently-used.xbel
2014-12-31 16:35 - 2014-12-31 16:35 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-21 18:09

==================== End of log ============================