Saskus utworzono 22 lutego 2015 utworzono 22 lutego 2015 Siemka, na wstępie chciałbym przeprosić jeśli napisałem nie w tym dziale co trzeba, ale nie wiedziałem gdzie to napisać. A więc od jakiegoś czasu mam problem. Mianowicie nie potrafię otworzyć żadnego folderu czy wejść w mój komputer, panel sterowania itp. umiem w pliki notatnikowe i pliki rar. Daję screen'y. [URL=http://www.iv.pl/][/URL] [URL=http://www.iv.pl/][/URL]
r102 komentarz 22 lutego 2015 komentarz 22 lutego 2015 Jakiś wirus ? Tam na pasku zadań jest ikona Avasta, wyłącz go - może on coś napsocił ?
Gość komentarz 22 lutego 2015 komentarz 22 lutego 2015 wejdz w tryb awaryjny i przeskanuj kompa programem malwarebytes
Saskus komentarz 23 lutego 2015 Autor komentarz 23 lutego 2015 A skąd ja go potem wezmę? Bo mi to w serwisie instalowali razem z tą licencją itp.
Zayfi komentarz 23 lutego 2015 komentarz 23 lutego 2015 Zostaw na razie Avasta. Zrób logi z FRST i wstaw http://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1 1
Saskus komentarz 23 lutego 2015 Autor komentarz 23 lutego 2015 Jestem w tym zielony, chodzi o to? Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-02-2015 Ran by user (administrator) on USER-PC on 23-02-2015 20:02:19 Running from D:\DYSK D\akie tam Loaded Profiles: user (Available profiles: user) Platform: Windows Vista (TM) Home Basic Service Pack 2 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe () C:\Windows\System32\PnkBstrA.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [NPSStartup] => [X] HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-07] (AVAST Software) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\Run: [RGSC] => D:\Program Files\Rockstar Games Social Club\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.) HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\Run: [GG] => C:\Users\user\AppData\Local\GG\Application\gghub.exe [4023360 2014-09-05] (GG Network S.A.) HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-30] (Piriform Ltd) HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3619160 2015-02-23] (Electronic Arts) HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\MountPoints2: {17028605-26b3-11e4-95c7-001d7daf9387} - J:\setup.exe HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\MountPoints2: {2988529c-25fd-11e3-a659-001d7daf9387} - K:\LaunchU3.exe -a HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\MountPoints2: {6a37ca0c-bb52-11e3-acd6-001d7daf9387} - J:\Startme.exe IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => No File ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => No File ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => No File ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-670912209-4032307253-4015798818-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=128&systemid=488&v=a13350-405&apn_uid=7374742512704780&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKU\S-1-5-21-670912209-4032307253-4015798818-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-670912209-4032307253-4015798818-1000 -> {2A9C6836-421D-423E-B1B9-45D5E45D4B18} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms} SearchScopes: HKU\S-1-5-21-670912209-4032307253-4015798818-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=128&systemid=488&v=a13350-405&apn_uid=7374742512704780&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms} BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\08z7xjnf.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF Plugin: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( ) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=1.6.0_38 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-670912209-4032307253-4015798818-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\08z7xjnf.default\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npganymedenet.dll ( ) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\08z7xjnf.default\searchplugins\Ask.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml FF Extension: Sup-SW - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\08z7xjnf.default\Extensions\{f2456568-e603-43db-8838-ffa7c4a685c7} [2014-11-05] FF Extension: Rapideo.pl - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\08z7xjnf.default\Extensions\jid1-MVBjD3PCN9WVIQ@jetpack.xpi [2013-10-06] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-21] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2014-09-21] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-01-25] Chrome: ======= CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (San Francisco at Night 2560x1440) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplglopmmclcjcpohjkebadphlckecb [2014-09-12] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-10] CHR Extension: (https://www.facebook.com/?stype=lo&jlou=AffV1) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\caamdmhbhejapcnpngpmjildhiolebli [2014-08-10] CHR Extension: (http://ask.fm/) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hodkangnoihaogpgakjfdkepoljfcfbc [2014-08-10] CHR Extension: (http://serwertruck.eu/) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdkfknmhbgdfbppikdkeommjhmfcjkih [2014-08-10] CHR Extension: (Skype Click to Call) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-10] CHR Extension: (http://truckers-pts.pl/) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgoefmamgphfbcnpnhccjomongdjkjna [2014-08-10] CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-10] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-11-22] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [64952 2011-06-06] (Adobe Systems Incorporated) [File not signed] S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-09-24] (Adobe Systems Incorporated) [File not signed] S3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-25] (AVAST Software) S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation) [File not signed] S2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2013-01-25] (Google Inc.) [File not signed] S3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2013-01-25] (Google Inc.) [File not signed] R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1890128 2014-09-04] (LogMeIn Inc.) [File not signed] S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-12] (Hewlett-Packard Co.) [File not signed] R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-08-08] (LogMeIn, Inc.) [File not signed] S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-29] (Mozilla Foundation) [File not signed] R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed] S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation) [File not signed] S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation) [File not signed] S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation) [File not signed] S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-07-29] () [File not signed] R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) [File not signed] S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies) [File not signed] S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [835776 2015-02-19] (Valve Corporation) [File not signed] S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [753504 2010-03-18] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-06-25] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-06-25] (AVAST Software) R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-06-25] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-06-25] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-06-25] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-06-25] (AVAST Software) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-06-25] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-06-25] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-10-23] () [File not signed] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-18] (Disc Soft Ltd) S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-11-02] () [File not signed] R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) [File not signed] R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-10-23] () [File not signed] S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-05] (Malwarebytes Corporation) [File not signed] S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-07-19] (Duplex Secure Ltd.) S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 WinRing0_1_2_0; \??\C:\Users\user\Desktop\Real Temp\WinRing0.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-23 20:00 - 2015-02-23 20:02 - 00000000 ____D () C:\FRST 2015-02-23 18:01 - 2015-02-23 18:03 - 00000000 ____D () C:\Program Files\Origin 2015-02-23 18:01 - 2015-02-23 18:01 - 00000780 _____ () C:\Users\Public\Desktop\Origin.lnk 2015-02-23 17:37 - 2015-02-23 17:51 - 00000000 ____D () C:\Users\user\Documents\FIFA 14 2015-02-23 17:37 - 2015-02-23 17:37 - 00000884 _____ () C:\Users\Public\Desktop\FIFA 14.lnk 2015-02-23 17:37 - 2015-02-23 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14 2015-02-22 20:40 - 2015-02-22 20:40 - 00000557 _____ () C:\Users\user\Desktop\TheForest.lnk 2015-02-22 14:26 - 2015-02-23 19:08 - 00000000 ____D () C:\Users\user\Desktop\The Forest 2015-02-22 14:24 - 2015-02-22 14:25 - 00000000 ____D () C:\Users\user\Desktop\ALI213 2015-02-22 14:24 - 2015-02-22 14:02 - 01058816 ____R (游侠网NETSHOW) C:\Users\user\Desktop\ÓÎĎŔÍřNETSHOW.exe 2015-02-22 14:23 - 2015-02-22 14:05 - 670639893 ____R () C:\Users\user\Desktop\The.Forest.v0.12-ALI213.rar 2015-02-21 19:03 - 2015-02-23 15:43 - 00000000 ____D () C:\Users\user\AppData\Local\wf-launcher 2015-02-21 19:03 - 2015-02-23 15:09 - 00000000 ____D () C:\ProgramData\GFACE 2015-02-21 19:03 - 2015-02-21 19:03 - 00001545 _____ () C:\Users\user\Desktop\Warface Launcher.lnk 2015-02-21 19:03 - 2015-02-21 19:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface Launcher 2015-02-21 13:49 - 2015-02-21 13:49 - 00000000 ____D () C:\Users\user\Documents\Paradox Interactive 2015-02-21 13:11 - 2015-02-21 13:11 - 00000216 _____ () C:\Users\user\Desktop\Crusader Kings II.url 2015-02-21 07:21 - 2015-02-23 18:11 - 00044967 _____ () C:\Windows\WindowsUpdate.log 2015-02-21 07:18 - 2015-02-21 07:18 - 00000356 _____ () C:\Windows\PFRO.log 2015-02-20 21:05 - 2015-02-20 21:05 - 00000847 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 6.lnk 2015-02-20 21:05 - 2015-02-20 21:05 - 00000835 _____ () C:\Users\Public\Desktop\Total Uninstall 6.lnk 2015-02-20 21:05 - 2015-02-20 21:05 - 00000016 _____ () C:\ProgramData\mntemp 2015-02-20 21:05 - 2015-02-20 21:05 - 00000000 ____D () C:\ProgramData\Martau 2015-02-20 21:05 - 2015-02-20 21:05 - 00000000 ____D () C:\Program Files\Total Uninstall 6 2015-02-19 19:17 - 2015-02-19 19:17 - 00000000 ____D () C:\Users\user\AppData\Local\Steam 2015-02-15 16:52 - 2015-02-15 16:55 - 00000000 ____D () C:\Users\user\AppData\Local\SniperV2 2015-02-15 13:32 - 2015-02-15 13:32 - 00000215 _____ () C:\Users\user\Desktop\Sniper Elite V2.url 2015-02-14 14:13 - 2015-02-21 13:11 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-02-14 14:13 - 2015-02-14 14:13 - 00000213 _____ () C:\Users\user\Desktop\Counter-Strike Global Offensive.url 2015-02-09 18:34 - 2015-02-21 15:50 - 00002151 _____ () C:\Users\user\Desktop\PD.txt 2015-02-09 17:55 - 2015-02-09 17:55 - 00000000 ____D () C:\output 2015-01-31 15:34 - 2015-01-31 15:34 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer 2015-01-25 12:25 - 2015-01-25 12:25 - 00000000 ____D () C:\Users\user\Documents\Lucius ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-23 19:19 - 2006-11-02 13:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-23 19:19 - 2006-11-02 13:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-23 18:23 - 2013-01-25 17:06 - 00000000 ____D () C:\Users\user\AppData\Roaming\GG 2015-02-23 18:22 - 2013-01-25 17:06 - 00000000 ____D () C:\Users\user\AppData\Local\GG 2015-02-23 18:01 - 2015-01-13 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-02-23 18:01 - 2013-04-12 20:25 - 00000000 ____D () C:\ProgramData\Origin 2015-02-23 15:47 - 2013-02-12 18:09 - 00000000 ____D () C:\Users\user\AppData\Roaming\DAEMON Tools Lite 2015-02-23 15:45 - 2014-11-22 14:31 - 00000000 ____D () C:\Program Files\Steam 2015-02-23 13:20 - 2013-01-26 10:33 - 00000000 ____D () C:\Users\user\AppData\Local\LogMeIn Hamachi 2015-02-23 13:19 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-23 12:17 - 2006-11-02 13:58 - 00006018 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-02-22 20:18 - 2013-01-25 17:54 - 00000000 ____D () C:\Users\user\AppData\Roaming\.minecraft 2015-02-22 20:06 - 2014-02-27 14:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\.minecraftzyczu 2015-02-22 16:57 - 2013-02-08 19:46 - 00000000 ____D () C:\Users\user\AppData\Roaming\uTorrent 2015-02-20 21:16 - 2014-06-07 11:26 - 00000000 ____D () C:\Users\user\AppData\Roaming\Riot Games 2015-02-20 21:09 - 2013-02-01 15:08 - 00000000 ____D () C:\Windows\Minidump 2015-02-20 21:09 - 2013-01-25 12:09 - 00000000 ____D () C:\Windows\Panther 2015-02-20 21:03 - 2014-06-30 20:10 - 00000000 ____D () C:\Users\user\AppData\Roaming\PhotoScape 2015-02-20 17:26 - 2013-05-12 08:33 - 00000000 ____D () C:\Program Files\Common Files\Steam 2015-02-18 15:47 - 2014-11-25 14:39 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d008b52e851f52.job 2015-02-18 09:47 - 2014-11-25 14:39 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d008b52e212592.job 2015-02-14 18:34 - 2013-03-09 12:39 - 00281768 _____ () C:\Windows\system32\PnkBstrB.xtr 2015-02-11 21:26 - 2013-01-25 16:58 - 00000000 ____D () C:\Users\user\Documents\Euro Truck Simulator 2 2015-02-11 13:07 - 2014-11-22 15:35 - 00000000 ____D () C:\Program Files\R.G. Gamblers 2015-02-11 13:07 - 2013-01-25 16:42 - 00000000 ____D () C:\Users\user\Documents\My Games 2015-02-09 17:53 - 2014-06-30 20:14 - 00093184 ____H () C:\Users\user\Documents\photothumb.db 2015-01-31 15:34 - 2013-01-25 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer 2015-01-29 16:57 - 2014-09-21 06:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-01-29 16:57 - 2013-01-25 12:35 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service ==================== Files in the root of some directories ======= 2013-01-26 12:01 - 2011-12-13 07:56 - 633312835 _____ () C:\Program Files\18 wos extreme trucker 2 setup.exe 2010-06-02 04:21 - 2010-06-02 04:21 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0195766 _____ () C:\Program Files\APR2007_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0053302 _____ () C:\Program Files\APR2007_xinput_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 3112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 3319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab 2011-03-30 10:40 - 2011-03-30 10:40 - 0095576 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll 2011-03-30 10:40 - 2011-03-30 10:40 - 1566040 _____ () C:\Program Files\dsetup32.dll 2011-03-30 10:40 - 2011-03-30 10:40 - 0044624 _____ () C:\Program Files\dxdllreg_x86.cab 2011-03-30 10:40 - 2011-03-30 10:40 - 0517976 _____ () C:\Program Files\DXSETUP.exe 2011-03-30 10:40 - 2011-03-30 10:40 - 0097152 _____ () C:\Program Files\dxupdate.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab 2013-01-27 12:45 - 2014-05-30 21:24 - 0138056 _____ () C:\Users\user\AppData\Roaming\PnkBstrK.sys 2013-09-24 20:11 - 2013-09-24 20:11 - 0012393 _____ () C:\Users\user\AppData\Local\Bron.tok.A17.em.bin 2013-12-24 19:20 - 2013-12-24 19:20 - 0000552 _____ () C:\Users\user\AppData\Local\d3d8caps.dat 2013-01-25 12:22 - 2014-12-16 20:39 - 0001356 _____ () C:\Users\user\AppData\Local\d3d9caps.dat 2013-09-24 20:38 - 2013-09-24 20:55 - 0001233 _____ () C:\Users\user\AppData\Local\JunkAtx.bin 2013-09-22 14:03 - 2013-09-22 14:03 - 0000051 _____ () C:\Users\user\AppData\Local\Kosong.Bron.Tok.txt 2013-01-25 17:36 - 2013-01-25 17:43 - 0000360 _____ () C:\ProgramData\hpzinstall.log 2015-02-20 21:05 - 2015-02-20 21:05 - 0000016 _____ () C:\ProgramData\mntemp Some content of TEMP: ==================== C:\Users\user\AppData\Local\Temp\ggdrive-menu.exe C:\Users\user\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\user\AppData\Local\Temp\i4jdel0.exe C:\Users\user\AppData\Local\Temp\installstats.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-23 13:25 ==================== End Of Log ============================
Zayfi komentarz 23 lutego 2015 komentarz 23 lutego 2015 Masz infekcję. Nie dałeś kompletnych logów - brak Addition.txt 1. Otwórz notatnik i wklej CloseProcesses: HKLM\...\Run: [NPSStartup] => [X] IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => No File ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => No File ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => No File ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => No File SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.as...q={searchTerms} SearchScopes: HKU\S-1-5-21-670912209-4032307253-4015798818-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-670912209-4032307253-4015798818-1000 -> {2A9C6836-421D-423E-B1B9-45D5E45D4B18} URL = http://search.yahoo....p={searchTerms} SearchScopes: HKU\S-1-5-21-670912209-4032307253-4015798818-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.as...q={searchTerms} CHR Extension: (http://ask.fm/) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hodkangnoihaogpgakjfdkepoljfcfbc [2014-08-10] S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 WinRing0_1_2_0; \??\C:\Users\user\Desktop\Real Temp\WinRing0.sys [X] EmptyTemp: plik zapisz jako fixlist.txt i umieśc w D:\DYSK D\akie tam. Uruchom FRST i kliknij w Fix. 2. Po usuwaniu zrób nowy skan, ale wcześniej zaznacz opcje Addition - powstaną dwa logi. Dołacz obydwa. 1
Saskus komentarz 24 lutego 2015 Autor komentarz 24 lutego 2015 (edytowane) Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-02-2015 01 Ran by user at 2015-02-24 18:14:24 Running from D:\DYSK D\akie tam Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "FIFA 14" (HKLM\...\{6049054B-DB11-48E1-A583-9A565D5C8856}_is1) (Version: 1.4.0.0 - ) µTorrent (HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\uTorrent) (Version: 3.4.2.33023 - BitTorrent Inc.) 32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) ActivePresenter (HKLM\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 3.7.2 - Atomi Systems, Inc.) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader X (10.1.0) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.) AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden AMD Catalyst Install Manager (HKLM\...\{E43B4909-141E-DFF3-8C58-62B5E4D66BBA}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.) avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2018 - Avast Software) Bejeweled® 3 (HKLM\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.) Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Licomp EMPiK Multimedia) Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000 - Licomp EMPiK Multimedia) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (Version: 1.6 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version: 1.7 - Activision) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP) Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Crusader Kings II (HKLM\...\Steam App 203770) (Version: - Paradox Development Studio) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) DJ_AIO_Software_min (Version: 90.0.222.000 - Hewlett-Packard) Hidden Encounter2003 (HKLM\...\{0B89E4FD-8E46-4E9E-89E3-567125B65C04}) (Version: 4.1.0 - DiligenceSoftworks) Euro Truck Simulator 2 (HKLM\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.2.5 - SCS Software) Euro Truck Simulator 2 wersja 1.5.2.1s (HKLM\...\Euro Truck Simulator 2_is1) (Version: 1.5.2.1s - SCS Software) GameDesire-Pool & Snooker (HKLM\...\GameDesire-Pool & Snooker) (Version: - ) GG (HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden Grand Theft Auto IV (HKLM\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games) GTA San Andreas (HKLM\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) HP Deskjet All-In-One Software 9.0 (HKLM\...\{B2C61EBB-F47C-48ba-B375-27A40F8F48F7}) (Version: 9.0 - HP) IZArc 4.1.7 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.7 - Ivan Zahariev) Java(TM) 6 Update 38 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216038FF}) (Version: 6.0.380 - Oracle) K-Lite Codec Pack 9.6.5 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 9.6.5 - ) LibreOffice 3.6 (HKLM\...\{60B2F25C-22CB-4CD9-9168-8C63708DC1A1}) (Version: 3.6.4.3 - The Document Foundation) LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.) LogMeIn Hamachi (Version: 2.2.0.236 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware wersja 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Minecraft Pingwin Pack 5 wersja 5.0 (HKLM\...\{8CB84F44-615F-4B3A-A193-E825D7E3362C}_is1) (Version: 5.0 - AvenisHD) Mozilla Firefox 35.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MTA:SA v1.4.0 (HKLM\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto) NVIDIA PhysX (HKLM\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation) OpenAL (HKLM\...\OpenAL) (Version: - ) OpenFM (HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\OpenFM) (Version: 2 - GG Network S.A.) Origin (HKLM\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) PC DUAL SHOCK (HKLM\...\{D313CA09-D5D4-4B3D-B4D0-20F2289BCD01}) (Version: 2003.12.22 - ) Peggle (HKLM\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games) PhotoScape (HKLM\...\PhotoScape) (Version: - ) Plants vs. Zombies™ (HKLM\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Rockstar Games Social Club (HKLM\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games) SAMSUNG Android USB Modem Software (HKLM\...\SAMSUNG Android USB Modem) (Version: - ) SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - ) Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - ) SAMSUNG Mobile Modem V2 Software (HKLM\...\SAMSUNG Mobile Modem V2) (Version: - ) Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - ) SAMSUNG Mobile USB Download Driver Software (HKLM\...\SAMSUNG Mobile USB Download Driver) (Version: - ) SAMSUNG Mobile USB Driver (HKLM\...\{7184F382-8A6C-4B85-A3AC-B63734B1E241}) (Version: 1.00.0000 - SAMSUNG) Samsung Mobile USB Modem Device Software (HKLM\...\Samsung Mobile USB Modem Device) (Version: - ) Samsung New PC Studio USB Driver Installer (HKLM\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.2.911.5178 - SAMSUNG Electronics Co., Ltd.) SAMSUN桬頀ƺ⍣躡颸ƺ䏼뮶馈ƺ휝꜏ (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - ) Scan (Version: 9.0.0.0 - Hewlett-Packard) Hidden Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.4.11328 - Skype Technologies S.A.) Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Sniper Elite V2 (HKLM\...\Steam App 63380) (Version: - Rebellion) Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.6.201404170858 - Sony Mobile Communications AB) Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH) The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts) Toolbox (Version: 90.0.146.000 - Hewlett-Packard) Hidden Total Uninstall 6.12.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.12.0 - Gavrila Martau) USB GAMEPAD (HKLM\...\USB Gamepad) (Version: - ) VirtualCom driver (HKLM\...\{1943A043-5C85-4A16-A0D0-D687B2C1A40F}) (Version: 1.0.0 - AIT) Warface Launcher (Beta) (HKLM\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) Wheelman (HKLM\...\{3604BFF4-6EC8-44D6-B147-92C2D642FEDE}) (Version: 1.00.0000 - Midway Games) Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-670912209-4032307253-4015798818-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\user\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= Check "winmgmt" service or repair WMI. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {367B3E9B-F2B5-4733-B9B1-15E8E46DA198} - System32\Tasks\GoogleUpdateTaskMachineUA1d008b52e851f52 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-25] (Google Inc.) Task: {63153128-45EC-4F00-B3E5-ACE024CD834B} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe Task: {9B6C0151-3C6E-42D1-97F3-1984DDBC0DD3} - System32\Tasks\GoogleUpdateTaskMachineCore1d008b52e212592 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-25] (Google Inc.) Task: {A043A9E2-C1D7-4D52-8DD0-CE3BB2F6B826} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d008b52e212592.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d008b52e851f52.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2015-02-23 20:03 - 2015-02-23 20:03 - 02911232 _____ () C:\Program Files\AVAST Software\Avast\defs\15022301\algo.dll 2014-06-25 18:36 - 2014-06-25 18:36 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-10-23 20:19 - 2014-10-23 20:19 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2013-01-27 12:45 - 2014-07-29 12:55 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe 2014-12-23 17:14 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll 2014-12-23 17:14 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData:NT2 AlternateDataStreams: C:\Users\All Users:NT2 AlternateDataStreams: C:\ProgramData\Application Data:NT2 AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF AlternateDataStreams: C:\Users\user\Dane aplikacji:NT AlternateDataStreams: C:\Users\user\Dane aplikacji:NT2 AlternateDataStreams: C:\Users\user\AppData\Roaming:NT AlternateDataStreams: C:\Users\user\AppData\Roaming:NT2 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-670912209-4032307253-4015798818-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^trzFC89.tmp => C:\Windows\pss\trzFC89.tmp.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: ares => "D:\DYSK D\Program Files\Ares\Ares.exe" -h MSCONFIG\startupreg: Pando Media Booster => C:\Program Files\Pando Networks\Media Booster\PMB.exe MSCONFIG\startupreg: SearchProtection => "C:\Users\user\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" ==================== Accounts: ============================= Administrator (S-1-5-21-670912209-4032307253-4015798818-500 - Administrator - Disabled) Gość (S-1-5-21-670912209-4032307253-4015798818-501 - Limited - Disabled) user (S-1-5-21-670912209-4032307253-4015798818-1000 - Administrator - Enabled) => C:\Users\user ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (02/23/2015 08:46:20 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program chrome.exe w wersji 39.0.2171.95 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: c Godzina rozpoczęcia: 01d04f9dd96a9f29 Godzina zakończenia: 19 Error: (02/23/2015 06:49:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd TheForest.exe, wersja 4.6.1.51269, sygnatura czasowa 0x54819edb, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18541, sygnatura czasowa 0x4ec3e3d5, kod wyjątku 0xc0000005, przesunięcie błędu 0x00048762, identyfikator procesu 0xdb4, godzina rozpoczęcia aplikacji 0xTheForest.exe0. Error: (02/23/2015 06:23:23 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program TheForest.exe w wersji 4.6.1.51269 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: f90 Godzina rozpoczęcia: 01d04f8ad2529f29 Godzina zakończenia: 3116 Error: (02/23/2015 05:37:16 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania na woluminie (Proces = J:\Redistributables\DirectX\DXSETUP.exe /silent; Opis = Zainstalowany program DirectX; Hr = 0x80042318). Error: (02/23/2015 05:37:15 PM) (Source: VSS) (EventID: 12347) (User: ) Description: Błąd usługi kopiowania woluminów w tle: Wykryto niespójność wewnętrzną podczas próby nawiązania kontaktu z modułami zapisującymi usługi kopiowania w tle. Moduł zapisujący rejestru nie odpowiedział na kwerendę z usługi VSS. Sprawdź, czy usługa zdarzeń i usługa kopiowania woluminów w tle działają prawidłowo, oraz sprawdź, czy w dzienniku zdarzeń aplikacji nie występują inne zdarzenia. Operacja: Zbieranie danych modułu zapisującego Wykonywanie operacji asynchronicznej Kontekst: Kontekst wykonywania: Requestor Stan bieżący: GatherWriterMetadata Error: (02/22/2015 09:49:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd TheForest.exe, wersja 4.6.1.51269, sygnatura czasowa 0x54819edb, moduł powodujący błąd audioeng.dll, wersja 6.0.6001.18000, sygnatura czasowa 0x4791a639, kod wyjątku 0xc0000005, przesunięcie błędu 0x0000c643, identyfikator procesu 0x4cc, godzina rozpoczęcia aplikacji 0xTheForest.exe0. Error: (02/22/2015 09:49:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd TheForest.exe, wersja 4.6.1.51269, sygnatura czasowa 0x54819edb, moduł powodujący błąd mono.dll, wersja 0.0.0.0, sygnatura czasowa 0x54818010, kod wyjątku 0xc0000005, przesunięcie błędu 0x001192aa, identyfikator procesu 0x4cc, godzina rozpoczęcia aplikacji 0xTheForest.exe0. Error: (02/21/2015 07:03:03 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania na woluminie (Proces = D:\Program Files\Crytek\Warface Launcher\DirectX9.0c\dxsetup.exe Files\Crytek\Warface Launcher\DirectX9.0c\dxsetup.exe" /silent; Opis = Zainstalowany program DirectX; Hr = 0x80042318). Error: (02/21/2015 07:03:03 PM) (Source: VSS) (EventID: 12347) (User: ) Description: Błąd usługi kopiowania woluminów w tle: Wykryto niespójność wewnętrzną podczas próby nawiązania kontaktu z modułami zapisującymi usługi kopiowania w tle. Moduł zapisujący rejestru nie odpowiedział na kwerendę z usługi VSS. Sprawdź, czy usługa zdarzeń i usługa kopiowania woluminów w tle działają prawidłowo, oraz sprawdź, czy w dzienniku zdarzeń aplikacji nie występują inne zdarzenia. Operacja: Zbieranie danych modułu zapisującego Wykonywanie operacji asynchronicznej Kontekst: Kontekst wykonywania: Requestor Stan bieżący: GatherWriterMetadata Error: (02/21/2015 07:02:52 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania na woluminie (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Zainstalowano Warface Launcher (Beta); Hr = 0x80042318). System errors: ============= Error: (02/24/2015 06:06:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Windows Defender%%2148204809 Error: (02/24/2015 06:06:36 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: i8042prt Error: (02/24/2015 06:05:51 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: ZARZĄDZANIE NT) Description: 2147942402 Error: (02/24/2015 06:01:43 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: 1Uruchom usługę ponownieWindows Search%%1056 Error: (02/24/2015 06:01:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: LogMeIn Hamachi Tunneling Engine1 Error: (02/24/2015 06:01:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0101Uruchom usługę ponownie Error: (02/24/2015 06:01:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Licencjonowanie oprogramowania11200001Uruchom usługę ponownie Error: (02/24/2015 06:01:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Windows Search1300001Uruchom usługę ponownie Error: (02/24/2015 06:01:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Skype C2C Service1 Error: (02/24/2015 06:01:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Adobe Acrobat Update Service1 Microsoft Office Sessions: ========================= Error: (02/23/2015 08:46:20 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: chrome.exe39.0.2171.95c01d04f9dd96a9f2919 Error: (02/23/2015 06:49:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: TheForest.exe4.6.1.5126954819edbntdll.dll6.0.6002.185414ec3e3d5c000000500048762db401d04f8d7de75b39 Error: (02/23/2015 06:23:23 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: TheForest.exe4.6.1.51269f9001d04f8ad2529f293116 Error: (02/23/2015 05:37:16 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: J:\Redistributables\DirectX\DXSETUP.exe /silentZainstalowany program DirectX0x80042318 Error: (02/23/2015 05:37:15 PM) (Source: VSS) (EventID: 12347) (User: ) Description: Operacja: Zbieranie danych modułu zapisującego Wykonywanie operacji asynchronicznej Kontekst: Kontekst wykonywania: Requestor Stan bieżący: GatherWriterMetadata Error: (02/22/2015 09:49:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: TheForest.exe4.6.1.5126954819edbaudioeng.dll6.0.6001.180004791a639c00000050000c6434cc01d04edee021e15c Error: (02/22/2015 09:49:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: TheForest.exe4.6.1.5126954819edbmono.dll0.0.0.054818010c0000005001192aa4cc01d04edee021e15c Error: (02/21/2015 07:03:03 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: D:\Program Files\Crytek\Warface Launcher\DirectX9.0c\dxsetup.exe Files\Crytek\Warface Launcher\DirectX9.0c\dxsetup.exe" /silentZainstalowany program DirectX0x80042318 Error: (02/21/2015 07:03:03 PM) (Source: VSS) (EventID: 12347) (User: ) Description: Operacja: Zbieranie danych modułu zapisującego Wykonywanie operacji asynchronicznej Kontekst: Kontekst wykonywania: Requestor Stan bieżący: GatherWriterMetadata Error: (02/21/2015 07:02:52 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Windows\system32\msiexec.exe /VZainstalowano Warface Launcher (Beta)0x80042318 CodeIntegrity Errors: =================================== Date: 2015-02-15 12:43:33.704 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-15 12:43:33.454 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-15 12:43:33.174 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-15 12:43:32.940 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-15 12:43:32.253 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-15 12:43:31.988 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-15 12:43:31.738 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-15 12:43:31.489 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-14 14:49:26.482 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-14 14:49:26.263 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD Phenom(tm) 9500 Quad-Core Processor Percentage of memory in use: 48% Total physical RAM: 2045.77 MB Available physical RAM: 1048.93 MB Total Pagefile: 4346.05 MB Available Pagefile: 3272.34 MB Total Virtual: 2047.88 MB Available Virtual: 1899.91 MB ==================== Drives ================================ Drive c: (Nowy) (Fixed) (Total:70 GB) (Free:4.91 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Nowy) (Fixed) (Total:228.09 GB) (Free:30.17 GB) NTFS Drive j: (20140505) (CDROM) (Total:4.82 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: FACC3225) Partition 1: (Active) - (Size=70 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=228.1 GB) - (Type=OF Extended) ==================== End Of Log ============================ FRST Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2015 01 Ran by user (administrator) on USER-PC on 24-02-2015 18:13:28 Running from D:\DYSK D\akie tam Loaded Profiles: user (Available profiles: user) Platform: Windows Vista (TM) Home Basic Service Pack 2 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe () C:\Windows\System32\PnkBstrA.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-07] (AVAST Software) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\Run: [RGSC] => D:\Program Files\Rockstar Games Social Club\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.) HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\Run: [GG] => C:\Users\user\AppData\Local\GG\Application\gghub.exe [4023360 2014-09-05] (GG Network S.A.) HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-30] (Piriform Ltd) HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\MountPoints2: {17028605-26b3-11e4-95c7-001d7daf9387} - J:\setup.exe HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\MountPoints2: {2988529c-25fd-11e3-a659-001d7daf9387} - K:\LaunchU3.exe -a HKU\S-1-5-21-670912209-4032307253-4015798818-1000\...\MountPoints2: {6a37ca0c-bb52-11e3-acd6-001d7daf9387} - J:\Startme.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-670912209-4032307253-4015798818-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\08z7xjnf.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF Plugin: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( ) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=1.6.0_38 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-670912209-4032307253-4015798818-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\08z7xjnf.default\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npganymedenet.dll ( ) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\08z7xjnf.default\searchplugins\Ask.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml FF Extension: Sup-SW - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\08z7xjnf.default\Extensions\{f2456568-e603-43db-8838-ffa7c4a685c7} [2014-11-05] FF Extension: Rapideo.pl - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\08z7xjnf.default\Extensions\jid1-MVBjD3PCN9WVIQ@jetpack.xpi [2013-10-06] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-21] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2014-09-21] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-01-25] Chrome: ======= CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (San Francisco at Night 2560x1440) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplglopmmclcjcpohjkebadphlckecb [2014-09-12] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-10] CHR Extension: (https://www.facebook.com/?stype=lo&jlou=AffV1) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\caamdmhbhejapcnpngpmjildhiolebli [2014-08-10] CHR Extension: (http://serwertruck.eu/) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdkfknmhbgdfbppikdkeommjhmfcjkih [2014-08-10] CHR Extension: (Skype Click to Call) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-10] CHR Extension: (http://truckers-pts.pl/) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgoefmamgphfbcnpnhccjomongdjkjna [2014-08-10] CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-10] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-11-22] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [64952 2011-06-06] (Adobe Systems Incorporated) [File not signed] S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-09-24] (Adobe Systems Incorporated) [File not signed] S3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-25] (AVAST Software) S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation) [File not signed] S2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2013-01-25] (Google Inc.) [File not signed] S3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2013-01-25] (Google Inc.) [File not signed] R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1890128 2014-09-04] (LogMeIn Inc.) [File not signed] S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-12] (Hewlett-Packard Co.) [File not signed] R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-08-08] (LogMeIn, Inc.) [File not signed] S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-29] (Mozilla Foundation) [File not signed] R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed] S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation) [File not signed] S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation) [File not signed] S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation) [File not signed] S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-07-29] () [File not signed] R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) [File not signed] S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies) [File not signed] S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [835776 2015-02-19] (Valve Corporation) [File not signed] S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [753504 2010-03-18] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-06-25] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-06-25] (AVAST Software) R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-06-25] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-06-25] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-06-25] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-06-25] (AVAST Software) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-06-25] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-06-25] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-10-23] () [File not signed] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-18] (Disc Soft Ltd) S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-11-02] () [File not signed] R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) [File not signed] R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-10-23] () [File not signed] S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-05] (Malwarebytes Corporation) [File not signed] S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-07-19] (Duplex Secure Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-24 17:58 - 2015-02-24 17:58 - 00002652 _____ () C:\Users\user\Desktop\fixlist.txt 2015-02-23 21:21 - 2015-02-23 21:21 - 00000000 ____D () C:\Users\user\AppData\Local\Origin 2015-02-23 21:21 - 2015-02-23 21:21 - 00000000 ____D () C:\Program Files\Origin Games 2015-02-23 21:17 - 2015-02-23 21:17 - 00000780 _____ () C:\Users\Public\Desktop\Origin.lnk 2015-02-23 21:16 - 2015-02-23 21:21 - 00000000 ____D () C:\Program Files\Origin 2015-02-23 20:41 - 2015-02-23 20:38 - 41623172 _____ () C:\Users\user\Desktop\OriginUpdate_8_5_0_4518 (1).zip 2015-02-23 20:13 - 2015-02-23 20:15 - 00000000 ____D () C:\Users\user\Documents\Pobrane 2015-02-23 20:06 - 2015-02-23 20:06 - 00042448 _____ () C:\Users\user\Desktop\frst.txt 2015-02-23 20:00 - 2015-02-24 18:13 - 00000000 ____D () C:\FRST 2015-02-23 17:37 - 2015-02-23 21:26 - 00000000 ____D () C:\Users\user\Documents\FIFA 14 2015-02-23 17:37 - 2015-02-23 17:37 - 00000884 _____ () C:\Users\Public\Desktop\FIFA 14.lnk 2015-02-23 17:37 - 2015-02-23 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14 2015-02-22 20:40 - 2015-02-22 20:40 - 00000557 _____ () C:\Users\user\Desktop\TheForest.lnk 2015-02-22 14:26 - 2015-02-23 19:08 - 00000000 ____D () C:\Users\user\Desktop\The Forest 2015-02-22 14:24 - 2015-02-22 14:02 - 01058816 ____R (游侠网NETSHOW) C:\Users\user\Desktop\ÓÎĎŔÍřNETSHOW.exe 2015-02-22 14:23 - 2015-02-22 14:05 - 670639893 ____R () C:\Users\user\Desktop\The.Forest.v0.12-ALI213.rar 2015-02-21 19:03 - 2015-02-23 22:30 - 00000000 ____D () C:\Users\user\AppData\Local\wf-launcher 2015-02-21 19:03 - 2015-02-23 22:00 - 00000000 ____D () C:\ProgramData\GFACE 2015-02-21 19:03 - 2015-02-21 19:03 - 00001545 _____ () C:\Users\user\Desktop\Warface Launcher.lnk 2015-02-21 19:03 - 2015-02-21 19:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface Launcher 2015-02-21 13:49 - 2015-02-21 13:49 - 00000000 ____D () C:\Users\user\Documents\Paradox Interactive 2015-02-21 13:11 - 2015-02-21 13:11 - 00000216 _____ () C:\Users\user\Desktop\Crusader Kings II.url 2015-02-21 07:21 - 2015-02-24 18:11 - 00063028 _____ () C:\Windows\WindowsUpdate.log 2015-02-21 07:18 - 2015-02-24 18:05 - 00011030 _____ () C:\Windows\PFRO.log 2015-02-20 21:05 - 2015-02-20 21:05 - 00000847 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 6.lnk 2015-02-20 21:05 - 2015-02-20 21:05 - 00000835 _____ () C:\Users\Public\Desktop\Total Uninstall 6.lnk 2015-02-20 21:05 - 2015-02-20 21:05 - 00000016 _____ () C:\ProgramData\mntemp 2015-02-20 21:05 - 2015-02-20 21:05 - 00000000 ____D () C:\ProgramData\Martau 2015-02-20 21:05 - 2015-02-20 21:05 - 00000000 ____D () C:\Program Files\Total Uninstall 6 2015-02-19 19:17 - 2015-02-19 19:17 - 00000000 ____D () C:\Users\user\AppData\Local\Steam 2015-02-15 16:52 - 2015-02-15 16:55 - 00000000 ____D () C:\Users\user\AppData\Local\SniperV2 2015-02-15 13:32 - 2015-02-15 13:32 - 00000215 _____ () C:\Users\user\Desktop\Sniper Elite V2.url 2015-02-14 14:13 - 2015-02-21 13:11 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-02-14 14:13 - 2015-02-14 14:13 - 00000213 _____ () C:\Users\user\Desktop\Counter-Strike Global Offensive.url 2015-02-09 18:34 - 2015-02-21 15:50 - 00002151 _____ () C:\Users\user\Desktop\PD.txt 2015-02-09 17:55 - 2015-02-09 17:55 - 00000000 ____D () C:\output 2015-01-31 15:34 - 2015-01-31 15:34 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer 2015-01-25 12:25 - 2015-01-25 12:25 - 00000000 ____D () C:\Users\user\Documents\Lucius ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-24 18:12 - 2013-01-25 17:06 - 00000000 ____D () C:\Users\user\AppData\Roaming\GG 2015-02-24 18:06 - 2013-01-26 10:33 - 00000000 ____D () C:\Users\user\AppData\Local\LogMeIn Hamachi 2015-02-24 18:05 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-24 18:05 - 2006-11-02 13:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-24 18:05 - 2006-11-02 13:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-24 18:04 - 2006-11-02 13:58 - 00008290 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-02-23 21:21 - 2013-04-12 20:25 - 00000000 ____D () C:\ProgramData\Origin 2015-02-23 21:17 - 2015-01-13 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-02-23 21:16 - 2014-11-05 23:49 - 17102664 _____ (Electronic Arts, Inc.) C:\Users\user\Downloads\OriginThinSetup.exe 2015-02-23 20:14 - 2014-11-22 14:31 - 00000000 ____D () C:\Program Files\Steam 2015-02-23 18:22 - 2013-01-25 17:06 - 00000000 ____D () C:\Users\user\AppData\Local\GG 2015-02-23 15:47 - 2013-02-12 18:09 - 00000000 ____D () C:\Users\user\AppData\Roaming\DAEMON Tools Lite 2015-02-22 20:18 - 2013-01-25 17:54 - 00000000 ____D () C:\Users\user\AppData\Roaming\.minecraft 2015-02-22 20:06 - 2014-02-27 14:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\.minecraftzyczu 2015-02-22 16:57 - 2013-02-08 19:46 - 00000000 ____D () C:\Users\user\AppData\Roaming\uTorrent 2015-02-20 21:16 - 2014-06-07 11:26 - 00000000 ____D () C:\Users\user\AppData\Roaming\Riot Games 2015-02-20 21:09 - 2013-02-01 15:08 - 00000000 ____D () C:\Windows\Minidump 2015-02-20 21:09 - 2013-01-25 12:09 - 00000000 ____D () C:\Windows\Panther 2015-02-20 21:03 - 2014-06-30 20:10 - 00000000 ____D () C:\Users\user\AppData\Roaming\PhotoScape 2015-02-20 17:26 - 2013-05-12 08:33 - 00000000 ____D () C:\Program Files\Common Files\Steam 2015-02-18 15:47 - 2014-11-25 14:39 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d008b52e851f52.job 2015-02-18 09:47 - 2014-11-25 14:39 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d008b52e212592.job 2015-02-14 18:34 - 2013-03-09 12:39 - 00281768 _____ () C:\Windows\system32\PnkBstrB.xtr 2015-02-11 21:26 - 2013-01-25 16:58 - 00000000 ____D () C:\Users\user\Documents\Euro Truck Simulator 2 2015-02-11 13:07 - 2014-11-22 15:35 - 00000000 ____D () C:\Program Files\R.G. Gamblers 2015-02-11 13:07 - 2013-01-25 16:42 - 00000000 ____D () C:\Users\user\Documents\My Games 2015-02-09 17:53 - 2014-06-30 20:14 - 00093184 ____H () C:\Users\user\Documents\photothumb.db 2015-01-31 15:34 - 2013-01-25 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer 2015-01-29 16:57 - 2014-09-21 06:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-01-29 16:57 - 2013-01-25 12:35 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service ==================== Files in the root of some directories ======= 2013-01-26 12:01 - 2011-12-13 07:56 - 633312835 _____ () C:\Program Files\18 wos extreme trucker 2 setup.exe 2010-06-02 04:21 - 2010-06-02 04:21 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0195766 _____ () C:\Program Files\APR2007_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0053302 _____ () C:\Program Files\APR2007_xinput_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 1464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 3112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 3319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab 2010-06-02 04:21 - 2010-06-02 04:21 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab 2011-03-30 10:40 - 2011-03-30 10:40 - 0095576 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll 2011-03-30 10:40 - 2011-03-30 10:40 - 1566040 _____ () C:\Program Files\dsetup32.dll 2011-03-30 10:40 - 2011-03-30 10:40 - 0044624 _____ () C:\Program Files\dxdllreg_x86.cab 2011-03-30 10:40 - 2011-03-30 10:40 - 0517976 _____ () C:\Program Files\DXSETUP.exe 2011-03-30 10:40 - 2011-03-30 10:40 - 0097152 _____ () C:\Program Files\dxupdate.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 1127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab 2010-06-02 04:22 - 2010-06-02 04:22 - 0138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab 2013-01-27 12:45 - 2014-05-30 21:24 - 0138056 _____ () C:\Users\user\AppData\Roaming\PnkBstrK.sys 2013-09-24 20:11 - 2013-09-24 20:11 - 0012393 _____ () C:\Users\user\AppData\Local\Bron.tok.A17.em.bin 2013-12-24 19:20 - 2013-12-24 19:20 - 0000552 _____ () C:\Users\user\AppData\Local\d3d8caps.dat 2013-01-25 12:22 - 2014-12-16 20:39 - 0001356 _____ () C:\Users\user\AppData\Local\d3d9caps.dat 2013-09-24 20:38 - 2013-09-24 20:55 - 0001233 _____ () C:\Users\user\AppData\Local\JunkAtx.bin 2013-09-22 14:03 - 2013-09-22 14:03 - 0000051 _____ () C:\Users\user\AppData\Local\Kosong.Bron.Tok.txt 2013-01-25 17:36 - 2013-01-25 17:43 - 0000360 _____ () C:\ProgramData\hpzinstall.log 2015-02-20 21:05 - 2015-02-20 21:05 - 0000016 _____ () C:\ProgramData\mntemp ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-24 18:11 ==================== End Of Log ============================
Zayfi komentarz 24 lutego 2015 komentarz 24 lutego 2015 Otwórz notatnik i wklej C:\Users\user\AppData\Local\Bron.tok.A17.em.bin C:\Users\user\AppData\Local\Kosong.Bron.Tok.txt plik zapisz jako fixlist.txt i umieśc w D:\DYSK D\akie tam. Uruchom FRST i kliknij w Fix. 2. Wykonaj weryfikacje plików systemowych start > wszystkie programy > Akcesoria > z prawokliku na wiersz polecenia uruchom jako administrator wklep w konsoli sfc /scannow klik enter podaj końcowy komunikat
Gość komentarz 24 lutego 2015 komentarz 24 lutego 2015 czytalem o takich przypadkach spowodowanych avastem, moze warto by sprobowac odinstalowac?
Saskus komentarz 25 lutego 2015 Autor komentarz 25 lutego 2015 Wiersz poleceń? Masz na myślu "run" lub "uruchom"? Bo nie mam nic innego w "innych programach" Odinstalowanie Avast'u w ostateczności.
Zayfi komentarz 25 lutego 2015 komentarz 25 lutego 2015 Wiersz poleceń? Masz na myślu "run" lub "uruchom"? Tak start > polecenie uruchom > cmd enter i wklep komende sfc /scannow enter
Saskus komentarz 25 lutego 2015 Autor komentarz 25 lutego 2015 Mam problem, bo nie mam w prawokliku opcji "Uruchom jako administrator" ,a nie umiem tego załączyć, gdy chcę odznaczyć, abym mógł ową czynność wykonywać to zastaję coś takiego i nie umiem ani odznaczyć, ani zaznaczyć. [URL=http://iv.pl/][/URL]
Zayfi komentarz 26 lutego 2015 komentarz 26 lutego 2015 otwórz notatnik i wklej CMD: sfc /scannow plik zapisz jako fixlist.txt i umieśc w D:\DYSK D\akie tam. Uruchom FRST i kliknij w Fix. Podaj raport fixlog.txt 1
Saskus komentarz 26 lutego 2015 Autor komentarz 26 lutego 2015 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-02-2015 01 Ran by user at 2015-02-26 19:16:59 Run:3 Running from D:\DYSK D\akie tam Loaded Profiles: user (Available profiles: user) Boot Mode: Normal ============================================== Content of fixlist: ***************** CMD: sfc /scannow ***************** ========= sfc /scannow ========= Rozpoczynanie skanowania systemu. Ten proces zajmie troch� czasu. Rozpoczynanie fazy weryfikacji w skanowaniu systemu. Funkcja Ochrona zasob�w systemu Windows odnalaz�a uszkodzone pliki, ale nie mo�e naprawi� niekt�rych z tych plik�w. Szczeg��y znajduj� si� w pliku CBS.Log windir\Logs\CBS\CBS.log. Na przyk�ad C:\Windows\Logs\CBS\CBS.log ========= End of CMD: ========= ==== End of Fixlog 19:17:14 ====
Zayfi komentarz 27 lutego 2015 komentarz 27 lutego 2015 Funkcja Ochrona zasob�w systemu Windows odnalaz�a uszkodzone pliki, ale nie mo�e naprawi� Postaw sobie system od nowa. Nie ma Visty, więc wszelkie próby podstawiania plików sa bez sensu.
Saskus komentarz 27 lutego 2015 Autor komentarz 27 lutego 2015 Czyli mam rozumieć, że nie mam tak jakby podstawy systemu tak? I od nowa muszę zainstalować system?
Saskus komentarz 27 lutego 2015 Autor komentarz 27 lutego 2015 Nie, ale skoro wyszło na to ,że ja nie mam podstawy systemowej czy coś takiego to raczej dezinstalacja nic nie da, hmm? Czy mylę się?
Gość komentarz 27 lutego 2015 komentarz 27 lutego 2015 jak nie sprobojesz to sie nie dowiesz :) wolisz formatowac i wgrywac caly system od nowa? a co jak sie okaze ze jednak mam racje? nie mowie tego z uprzedzen do avasta ale znalazlem watek w ktorym tez ludzie sie glowili i to rozwiozalo problem
Saskus komentarz 27 lutego 2015 Autor komentarz 27 lutego 2015 Spróbuję w któryś dzien po weekendzie i dam znać. :)
Zayfi komentarz 27 lutego 2015 komentarz 27 lutego 2015 wolisz formatowac i wgrywac caly system od nowa? a co jak sie okaze ze jednak mam racje? gdybyś czytał logi wiedziałbys, że system jest tak poważnie uszkodzony, że awast ma tu g....no do gadania alew bawcie sie dalej - powodzenia
Saskus komentarz 28 lutego 2015 Autor komentarz 28 lutego 2015 Skoro tak wychodzi z logów, to nawet nie będę próbował reinstalować avasta, dzięki, będę musiał pomyśleć nad tym formatem;oddaniem do serwisu, bo ja sam formatować nie umiem. ;x
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.