Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Wojtek (administrator) on 15-07-2013 19:23:56
Running from C:\Users\Wojtek\Desktop
Windows 7 Ultimate (X64) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Sonix) C:\Windows\vsnp2uvc.exe
() D:\Program Files (x86)\screenSHU\screenSHU.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(GG Network S.A.) C:\Users\Wojtek\AppData\Local\GG\Application\gghub.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(GG Network S.A.) C:\Users\Wojtek\AppData\Local\GG\Application\ggapp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GG Network S.A.) C:\Users\Wojtek\AppData\Local\GG\Application\ggdrive\ggdrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [675840 2008-08-01] (Sonix)
HKCU\...\Run: [DAEMON Tools Lite] - "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKCU\...\Run: [screenSHU] - "d:\Program Files (x86)\screenSHU\screenSHU.exe" --hidden [x]
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [149040 2007-05-04] (Nero AG)
HKCU\...\Run: [GG] - "C:\Users\Wojtek\AppData\Local\GG\Application\gghub.exe" [3365440 2013-05-23] (GG Network S.A.)
HKLM-x32\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [675840 2008-08-01] (Sonix)
HKLM-x32\...\Run: [tsnp2uvc] - C:\Windows\tsnp2uvc.exe [320512 2009-12-11] ()
HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [413696 2008-09-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs-x32:            [0 ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - d:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll No File
BHO-x32: D - {5054B0E2-CDE9-3FC2-BA5F-A73BF9F1D3A1} - C:\Windows\SysWow64\xwr75502.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL No File
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL No File [ ]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.255.254 195.162.76.1

FireFox:
========
FF ProfilePath: C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\nnkfjq7v.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: user_pref("browser.startup.homepage", "");
FF NetworkProxy: "backup.ftp", "127.0.0.1"
FF NetworkProxy: "backup.ftp_port", 9666
FF NetworkProxy: "backup.gopher", "127.0.0.1"
FF NetworkProxy: "backup.gopher_port", 9666
FF NetworkProxy: "backup.socks", "127.0.0.1"
FF NetworkProxy: "backup.socks_port", 9666
FF NetworkProxy: "backup.ssl", "127.0.0.1"
FF NetworkProxy: "backup.ssl_port", 9666
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 9666
FF NetworkProxy: "gopher", "127.0.0.1"
FF NetworkProxy: "gopher_port", 9666
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 9666
FF NetworkProxy: "share_proxy_settings", ""
FF NetworkProxy: "socks", ""
FF NetworkProxy: "socks_port", ""
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 9666
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\nnkfjq7v.default\searchplugins\filmwebpl---filmy.xml
FF SearchPlugin: C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\nnkfjq7v.default\searchplugins\filmwebpl---ludzie-filmu.xml
FF SearchPlugin: C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\nnkfjq7v.default\searchplugins\filmwebpl.xml
FF SearchPlugin: C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\nnkfjq7v.default\searchplugins\wyszukiwarka-filmw-w-youtube.xml
FF Extension: BitComet 视频下载器 - C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\nnkfjq7v.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] D:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] D:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR Extension: (Google Drive) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Facebook) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0
CHR Extension: (Google Search) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (Save to Google Drive) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\1.5.10_0
CHR Extension: (Top Eleven) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljphpjlafmmdmegmfbkacafhbegjfkkn\2.0.0.4_0
CHR Extension: (Google Maps) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0
CHR Extension: (Gmail) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Abstract-Blue) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa\1.0_0

==================== Services (Whitelisted) =================

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-04-18] ()
S3 BITCOMET_HELPER_SERVICE; D:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S3 Microsoft Office Groove Audit Service; D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [65824 2006-10-27] (Microsoft Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [267824 2007-05-04] (Nero AG)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-16] ()
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService [x]

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-15] (DT Soft Ltd)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3552512 2009-12-18] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 19:23 - 2013-07-15 19:23 - 00000000 ____D C:\FRST
2013-07-15 19:22 - 2013-07-15 19:22 - 00089702 _____ C:\Users\Wojtek\Desktop\OTL.Txt
2013-07-15 19:18 - 2013-07-15 19:18 - 00001004 _____ C:\Users\Wojtek\Desktop\DragonsProphetSetup.exe — skrót.lnk
2013-07-15 19:18 - 2013-07-15 19:18 - 00000989 _____ C:\Users\Wojtek\Desktop\DragonsProphetDownloader.exe — skrót.lnk
2013-07-15 19:15 - 2013-07-15 19:16 - 01777839 _____ (Farbar) C:\Users\Wojtek\Desktop\FRST64.exe
2013-07-15 19:14 - 2013-07-15 19:14 - 00001262 _____ C:\Users\Wojtek\Documents\FIX.REG
2013-07-15 13:53 - 2013-07-15 13:53 - 00090706 _____ C:\Users\Wojtek\Downloads\OTL.Txt
2013-07-15 13:53 - 2013-07-15 13:53 - 00006142 _____ C:\Users\Wojtek\Downloads\07152013_134053.txt
2013-07-15 13:24 - 2013-07-15 13:25 - 01873863 _____ (Infernum Productions AG                                     ) C:\Users\Wojtek\Downloads\DragonsProphetDownloader.exe
2013-07-14 12:04 - 2013-07-14 12:04 - 00000000 ____D C:\_OTL
2013-07-14 11:19 - 2013-07-14 11:19 - 00602624 _____ (OldTimer Tools) C:\Users\Wojtek\Desktop\OTL_3_2_20_0__Stable32_-3897 [ Programy.pl ].exe
2013-07-14 11:12 - 2013-07-14 11:12 - 00602112 _____ (OldTimer Tools) C:\Users\Wojtek\Desktop\OTL_[www.programosy.pl].exe
2013-07-13 12:17 - 2013-07-13 12:17 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\thriXXX
2013-07-08 16:41 - 2013-07-08 16:41 - 00000000 ____D C:\Users\Wojtek\Documents\NeocoreGames
2013-07-08 16:34 - 2013-07-08 16:34 - 00001018 _____ C:\Users\Public\Desktop\The Incredible Adventures of Van Helsing.lnk
2013-07-07 17:42 - 2013-07-07 17:43 - 00000000 ____D C:\Users\Wojtek\Documents\NFS Most Wanted
2013-07-07 17:39 - 2013-07-07 17:39 - 00001050 _____ C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2013-07-07 16:01 - 2013-07-07 16:01 - 00000000 ____D C:\ProgramData\SystemRequirementsLab
2013-07-05 08:21 - 2007-11-08 17:00 - 00077824 _____ C:\Users\Wojtek\Desktop\unstopcp.exe
2013-07-02 13:59 - 2013-07-02 13:59 - 00000331 _____ C:\Windows\game.ini
2013-07-02 13:50 - 2013-07-02 13:50 - 00000000 __SHD C:\Windows\ftpcache
2013-07-02 12:37 - 2013-07-15 13:58 - 00001030 _____ C:\Users\Wojtek\Desktop\Fifa12_DELTA10FY.EXE — skrót.lnk
2013-07-01 17:43 - 2013-07-01 17:43 - 00000000 ____D C:\Users\Wojtek\AppData\Local\My Games
2013-07-01 17:08 - 2013-07-01 17:08 - 00000000 ____D C:\Program Files\7-Zip
2013-06-30 15:14 - 2013-06-30 15:14 - 00000000 ____D C:\ProgramData\{7515027E-7A7A-4130-B3CB-BE9A159E359B}
2013-06-30 14:22 - 2013-06-30 14:22 - 00004096 _____ C:\Windows\d3dx.dat
2013-06-30 14:11 - 2013-06-30 14:34 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWood
2013-06-30 14:02 - 2013-06-30 14:34 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Piranha Bytes
2013-06-29 10:49 - 2013-06-29 10:49 - 00000939 _____ C:\Users\Public\Desktop\SimCity™.lnk
2013-06-28 17:25 - 2013-06-28 17:25 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-28 10:08 - 2013-06-28 10:08 - 00000607 _____ C:\Users\Wojtek\Desktop\Start.exe — skrót.lnk
2013-06-28 09:09 - 2013-06-28 09:09 - 00000000 ____D C:\Users\Wojtek\Documents\SimCity
2013-06-28 09:04 - 2013-06-28 09:04 - 00000000 ____D C:\Users\Wojtek\AppData\Local\Origin
2013-06-28 09:04 - 2013-06-28 09:04 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-25 21:16 - 2013-06-25 21:16 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\Unity
2013-06-23 14:20 - 2013-06-24 18:35 - 00001605 _____ C:\Users\Wojtek\Desktop\skse_loader.exe — skrót.lnk
2013-06-22 14:00 - 2013-06-22 14:00 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\TERA
2013-06-22 10:38 - 2013-06-22 10:38 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-22 10:38 - 2013-06-22 10:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-22 10:38 - 2013-06-22 10:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-22 10:38 - 2013-06-22 10:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-16 17:01 - 2013-07-15 18:26 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-16 17:01 - 2013-06-16 17:27 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-06-15 14:25 - 2013-06-15 14:25 - 00000736 _____ C:\Users\Wojtek\Desktop\Nexus Mod Manager.lnk

==================== One Month Modified Files and Folders =======

2013-07-15 19:24 - 2012-12-24 14:59 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 19:23 - 2013-07-15 19:23 - 00000000 ____D C:\FRST
2013-07-15 19:22 - 2013-07-15 19:22 - 00089702 _____ C:\Users\Wojtek\Desktop\OTL.Txt
2013-07-15 19:18 - 2013-07-15 19:18 - 00001004 _____ C:\Users\Wojtek\Desktop\DragonsProphetSetup.exe — skrót.lnk
2013-07-15 19:18 - 2013-07-15 19:18 - 00000989 _____ C:\Users\Wojtek\Desktop\DragonsProphetDownloader.exe — skrót.lnk
2013-07-15 19:16 - 2013-07-15 19:15 - 01777839 _____ (Farbar) C:\Users\Wojtek\Desktop\FRST64.exe
2013-07-15 19:14 - 2013-07-15 19:14 - 00001262 _____ C:\Users\Wojtek\Documents\FIX.REG
2013-07-15 19:14 - 2009-07-14 06:45 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 19:14 - 2009-07-14 06:45 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 18:26 - 2013-06-16 17:01 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 13:58 - 2013-07-02 12:37 - 00001030 _____ C:\Users\Wojtek\Desktop\Fifa12_DELTA10FY.EXE — skrót.lnk
2013-07-15 13:53 - 2013-07-15 13:53 - 00090706 _____ C:\Users\Wojtek\Downloads\OTL.Txt
2013-07-15 13:53 - 2013-07-15 13:53 - 00006142 _____ C:\Users\Wojtek\Downloads\07152013_134053.txt
2013-07-15 13:45 - 2012-12-15 12:52 - 01464309 ____N C:\Windows\WindowsUpdate.log
2013-07-15 13:42 - 2013-01-20 22:42 - 00000000 ____D C:\Users\Wojtek\AppData\Local\screenSHU
2013-07-15 13:42 - 2012-12-24 14:59 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 13:42 - 2012-12-15 13:09 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-15 13:42 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-15 13:40 - 2012-12-15 13:02 - 00000000 ___RD C:\Users\Wojtek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-15 13:25 - 2013-07-15 13:24 - 01873863 _____ (Infernum Productions AG                                     ) C:\Users\Wojtek\Downloads\DragonsProphetDownloader.exe
2013-07-15 10:00 - 2013-06-06 14:04 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\GG
2013-07-14 17:15 - 2012-12-17 19:53 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\TS3Client
2013-07-14 16:40 - 2013-04-28 12:46 - 00000000 ____D C:\Users\Wojtek\Documents\FIFA 12
2013-07-14 12:04 - 2013-07-14 12:04 - 00000000 ____D C:\_OTL
2013-07-14 11:19 - 2013-07-14 11:19 - 00602624 _____ (OldTimer Tools) C:\Users\Wojtek\Desktop\OTL_3_2_20_0__Stable32_-3897 [ Programy.pl ].exe
2013-07-14 11:12 - 2013-07-14 11:12 - 00602112 _____ (OldTimer Tools) C:\Users\Wojtek\Desktop\OTL_[www.programosy.pl].exe
2013-07-14 11:10 - 2013-01-01 19:12 - 00013272 _____ C:\resolve.log
2013-07-14 11:09 - 2013-05-24 13:47 - 00000000 ____D C:\Users\Wojtek\AppData\Local\Unity
2013-07-14 10:35 - 2009-07-14 07:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-13 12:17 - 2013-07-13 12:17 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\thriXXX
2013-07-13 10:19 - 2012-12-24 14:59 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 10:19 - 2012-12-24 14:59 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 17:24 - 2013-01-05 15:28 - 01689530 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-12 17:24 - 2009-07-14 19:55 - 00741426 _____ C:\Windows\system32\perfh015.dat
2013-07-12 17:24 - 2009-07-14 19:55 - 00155998 _____ C:\Windows\system32\perfc015.dat
2013-07-09 22:01 - 2012-12-15 13:29 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\DAEMON Tools Lite
2013-07-08 19:58 - 2012-12-22 22:46 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\Skype
2013-07-08 19:58 - 2012-12-22 22:46 - 00000000 ____D C:\ProgramData\Skype
2013-07-08 16:41 - 2013-07-08 16:41 - 00000000 ____D C:\Users\Wojtek\Documents\NeocoreGames
2013-07-08 16:38 - 2013-04-23 21:02 - 00000000 ____D C:\ProgramData\RELOADED
2013-07-08 16:34 - 2013-07-08 16:34 - 00001018 _____ C:\Users\Public\Desktop\The Incredible Adventures of Van Helsing.lnk
2013-07-08 12:59 - 2012-12-19 23:03 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\Notepad++
2013-07-07 17:43 - 2013-07-07 17:42 - 00000000 ____D C:\Users\Wojtek\Documents\NFS Most Wanted
2013-07-07 17:39 - 2013-07-07 17:39 - 00001050 _____ C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2013-07-07 16:01 - 2013-07-07 16:01 - 00000000 ____D C:\ProgramData\SystemRequirementsLab
2013-07-07 16:01 - 2012-12-16 20:43 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-07-06 16:13 - 2009-07-14 07:13 - 01663756 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-04 11:56 - 2012-12-15 12:48 - 00000000 ____D C:\Windows\Panther
2013-07-02 20:55 - 2013-06-14 19:14 - 00000000 ____D C:\Users\Wojtek\AppData\Local\Skyrim
2013-07-02 14:06 - 2013-01-17 17:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-02 13:59 - 2013-07-02 13:59 - 00000331 _____ C:\Windows\game.ini
2013-07-02 13:50 - 2013-07-02 13:50 - 00000000 __SHD C:\Windows\ftpcache
2013-07-01 17:43 - 2013-07-01 17:43 - 00000000 ____D C:\Users\Wojtek\AppData\Local\My Games
2013-07-01 17:43 - 2013-05-20 16:32 - 00000000 ____D C:\Users\Wojtek\Documents\My Games
2013-07-01 17:08 - 2013-07-01 17:08 - 00000000 ____D C:\Program Files\7-Zip
2013-07-01 12:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-30 15:14 - 2013-06-30 15:14 - 00000000 ____D C:\ProgramData\{7515027E-7A7A-4130-B3CB-BE9A159E359B}
2013-06-30 14:34 - 2013-06-30 14:11 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWood
2013-06-30 14:34 - 2013-06-30 14:02 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Piranha Bytes
2013-06-30 14:22 - 2013-06-30 14:22 - 00004096 _____ C:\Windows\d3dx.dat
2013-06-30 14:20 - 2013-03-09 17:09 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-06-30 12:21 - 2012-12-16 22:22 - 00001035 _____ C:\Users\Wojtek\Desktop\Camtasia Studio 7.lnk
2013-06-29 10:49 - 2013-06-29 10:49 - 00000939 _____ C:\Users\Public\Desktop\SimCity™.lnk
2013-06-29 10:49 - 2013-02-22 22:57 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-06-28 18:30 - 2013-06-14 19:39 - 00000000 ____D C:\Users\Wojtek\Documents\Nexus Mod Manager
2013-06-28 17:25 - 2013-06-28 17:25 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-28 10:08 - 2013-06-28 10:08 - 00000607 _____ C:\Users\Wojtek\Desktop\Start.exe — skrót.lnk
2013-06-28 09:09 - 2013-06-28 09:09 - 00000000 ____D C:\Users\Wojtek\Documents\SimCity
2013-06-28 09:09 - 2013-03-11 18:52 - 00000000 ____D C:\ProgramData\Origin
2013-06-28 09:07 - 2013-03-11 18:55 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\Origin
2013-06-28 09:04 - 2013-06-28 09:04 - 00000000 ____D C:\Users\Wojtek\AppData\Local\Origin
2013-06-28 09:04 - 2013-06-28 09:04 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-25 21:16 - 2013-06-25 21:16 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\Unity
2013-06-25 13:31 - 2013-06-06 14:04 - 00000000 ____D C:\Users\Wojtek\AppData\Local\GG
2013-06-24 18:35 - 2013-06-23 14:20 - 00001605 _____ C:\Users\Wojtek\Desktop\skse_loader.exe — skrót.lnk
2013-06-22 14:00 - 2013-06-22 14:00 - 00000000 ____D C:\Users\Wojtek\AppData\Roaming\TERA
2013-06-22 10:38 - 2013-06-22 10:38 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-22 10:38 - 2013-06-22 10:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-22 10:38 - 2013-06-22 10:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-22 10:38 - 2013-06-22 10:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-22 10:38 - 2012-12-15 21:52 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-22 10:38 - 2012-12-15 21:52 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-21 19:00 - 2013-05-02 13:37 - 00000000 ____D C:\Users\Wojtek\Documents\i68Fifa12
2013-06-16 17:27 - 2013-06-16 17:01 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-06-16 17:27 - 2013-03-27 19:23 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-06-16 17:27 - 2013-03-13 21:56 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-06-16 17:27 - 2012-12-15 13:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-16 17:27 - 2012-12-15 13:40 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-16 17:04 - 2013-03-27 19:23 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-06-16 15:43 - 2013-03-13 21:56 - 00000000 ____D C:\Users\Wojtek\AppData\Local\PunkBuster
2013-06-16 15:42 - 2013-03-27 19:23 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-15 14:25 - 2013-06-15 14:25 - 00000736 _____ C:\Users\Wojtek\Desktop\Nexus Mod Manager.lnk
2013-06-15 14:25 - 2013-06-14 19:39 - 00000000 ____D C:\Users\Wojtek\AppData\Local\Black_Tree_Gaming

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2009-07-14 01:38] - [2009-07-14 03:41] - 1008640 ____A (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E

C:\Windows\SysWOW64\User32.dll
[2012-12-15 13:03] - [2012-12-15 13:03] - 0833024 ____A (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-15 10:27

==================== End Of Log ============================