Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-08-2013 01
Ran by Michał 2 (administrator) on 27-08-2013 04:05:29
Running from C:\Users\Michał 2\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Razer USA Ltd) F:\Program Files (x86)\Razer\Razer Game Booster\gbtray.exe
() C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\system32\locator.exe
(cake bake) C:\Program Files (x86)\Tepfel\WebCakeDesktop.Updater.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(BitTorrent Inc.) C:\Users\Michał 2\AppData\Roaming\uTorrent\uTorrent.exe
() F:\Program Files F\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() F:\Program Files F\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.177\deploy\LoLLauncher.exe
() F:\Program Files F\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.38\deploy\LolClient.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(OldTimer Tools) C:\Users\Michał 2\Desktop\OTL.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)
HKCU\...\Run: [NTRedirect] - C:\Users\Michał 2\AppData\Roaming\BabSolution\Shared\enhancedNT.dll [187888 2013-08-22] ()
HKCU\...\Run: [uTorrent] - C:\Users\Michał 2\AppData\Roaming\uTorrent\uTorrent.exe [1044560 2013-05-12] (BitTorrent Inc.)
HKCR\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-1751451117-4207112011-2180288902-1003\$efcb0b5f72f3c652314cc0e694d184fc\n. ATTENTION! ====> ZeroAccess?
MountPoints2: {c29781a1-acef-11e2-946d-000074040a00} - G:\_AUTORUN\AUTORUN.EXE
MountPoints2: {d79dbbc0-cf78-11e2-8a2c-806e6f6e6963} - G:\setup.exe
MountPoints2: {fb2ca3e5-9378-11e1-b863-002522063b9c} - H:\Setup.exe
AppInit_DLLs-x32: c:\progra~3\browserdefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\browserdefender.dll  c:\progra~2\saveshare\sprotector.dll c:\progra~2\websearch\sprotector.dll [1050112 2013-01-24] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www1.delta-search.com/?babsrc=HP_ss&mntrId=44BC000074040A00&affID=124001&tsp=4977
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
URLSearchHook: (No Name) - {539F76FD-084E-4858-86D5-62F02F54AE86} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.simplesearches.info/?l=1&q={searchTerms}&pid=512&r=2013/08/21&hid=1590935762&lg=EN&cc=PL&unqvl=31
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=44BC000074040A00&affID=124001&tsp=4977
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90SA71429&ts=1377082787
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.simplesearches.info/?l=1&q={searchTerms}&pid=512&r=2013/08/21&hid=1590935762&lg=EN&cc=PL&unqvl=31
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: WebCake - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\Tepfel\WebCakeIEClient.dll No File
BHO-x32: SearchNewTab - {5872CF53-C86C-0585-F112-A934CF022590} - C:\ProgramData\SearchNewTab\7ikC3z.dll ()
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Minibar.dll (KangoExtensions)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.5\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.5\deltaTlbr.dll (Delta-search.com)
DPF: HKLM-x32 {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: HKLM-x32 {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 190.160.20.1

FireFox:
========
FF ProfilePath: C:\Users\Michał 2\AppData\Roaming\Mozilla\Firefox\Profiles\wbkzynph.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Michał 2\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\MICHA~1\AppData\Local\Temp\crx3AD.tmp
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Michał 2\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\Tepfel\WebCakeLayers.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Michał 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [pkipkeaammekcalmjnnmanhagiokmoof] - C:\ProgramData\Download and Sa\pkipkeaammekcalmjnnmanhagiokmoof.crx

==================== Services (Whitelisted) =================

S4 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [551896 2011-12-13] (Protection Technology)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2838480 2013-08-13] ()
S2 libusbd; C:\Windows\SysWow64\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-07-04] ()
S2 SkypeUpdate; F:\Program Files (x86)\Skype\Updater\Updater.exe [161384 2013-02-28] (Skype Technologies)
R2 WebCakeUpdater; C:\Program Files (x86)\Tepfel\WebCakeDesktop.Updater.exe [51992 2013-08-15] (cake bake)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-08-23] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [303680 2013-08-22] (Wsys Co., Ltd.)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [x]
S4 HiPatchService; F:\Program Files\Hi-Rez Studios\HiPatchService.exe [x]

==================== Drivers (Whitelisted) ====================

R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [3852976 2011-12-13] (Protection Technology)
S3 BioNTDrv; C:\Program Files (x86)\Paragon_Software\Partition_Manager_12_Professional_Demo\program\BioNTDrv.SYS [19760 2012-07-13] (Paragon Software GmbH)
S3 BioNTDrv; C:\Program Files (x86)\Paragon_Software\Partition_Manager_12_Professional_Demo\program\BioNTDrv.SYS [19760 2012-07-13] (Paragon Software GmbH)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
S3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)
R3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20024 2010-02-20] (Deon van der Westhuysen)
R3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39992 2010-02-20] (Deon van der Westhuysen)
S1 prodrv06; C:\Windows\SysWow64\drivers\prodrv06.sys [51744 2003-09-06] (Protection Technology)
S0 prohlp02; C:\Windows\SysWow64\drivers\prohlp02.sys [62656 2003-09-06] (Protection Technology)
S0 prosync1; C:\Windows\SysWow64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S0 sfhlp01; C:\Windows\SysWow64\drivers\sfhlp01.sys [4832 2003-09-06] (Protection Technology)
S3 SPC1030; C:\Windows\System32\DRIVERS\spc1030.sys [3251456 2008-06-11] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-06-07] (Duplex Secure Ltd.)
S3 WinRing0_1_2_0; F:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
S3 WinRing0_1_2_0; F:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
U3 acb6k8za; C:\Windows\System32\Drivers\acb6k8za.sys [0 ] (Advanced Micro Devices)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 libusb0; system32\drivers\libusb0.sys [x]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [x]
S0 prohlp02; System32\drivers\prohlp02.sys [x]
S0 prosync1; System32\drivers\prosync1.sys [x]
U2 SBKUPNT; 
S0 sfhlp01; System32\drivers\sfhlp01.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-27 04:03 - 2013-08-27 04:03 - 00111026 _____ C:\Users\Michał 2\Desktop\Extras.Txt
2013-08-27 04:03 - 2013-08-27 04:03 - 00000000 ____D C:\FRST
2013-08-27 03:57 - 2013-08-27 03:57 - 00117798 _____ C:\Users\Michał 2\Desktop\OTL.Txt
2013-08-27 03:29 - 2013-08-27 03:29 - 01578852 _____ (Farbar) C:\Users\Michał 2\Desktop\FRST64.exe
2013-08-27 03:29 - 2013-08-27 03:29 - 00358507 _____ (Farbar) C:\Users\Michał 2\Desktop\FSS.exe
2013-08-27 02:12 - 2013-08-27 02:12 - 00007605 _____ C:\Users\Michał 2\AppData\Local\Resmon.ResmonCfg
2013-08-27 02:10 - 2013-08-27 02:10 - 00000360 _____ C:\Windows\PFRO.log
2013-08-27 02:10 - 2013-08-27 02:10 - 00000056 _____ C:\Windows\setupact.log
2013-08-27 02:10 - 2013-08-27 02:10 - 00000000 _____ C:\Windows\setuperr.log
2013-08-26 21:52 - 2013-08-26 21:52 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Wayforward Technologies
2013-08-26 21:52 - 2013-08-26 21:52 - 00000000 ____D C:\ProgramData\Steam
2013-08-26 21:51 - 2013-08-26 21:51 - 00001018 _____ C:\Users\Public\Desktop\DuckTales Remastered.lnk
2013-08-26 21:50 - 2013-08-26 21:51 - 00000000 ____D C:\Program Files (x86)\DuckTales Remastered
2013-08-26 18:18 - 2013-08-26 18:19 - 19273460 _____ (Opera Software ASA) C:\Users\Michał 2\Desktop\Opera_Next_16.0.1196.55_Setup.exe
2013-08-26 17:25 - 2013-08-26 17:25 - 00393458 _____ C:\Users\Michał 2\Desktop\Bez naaaaazwy.xcf
2013-08-26 17:25 - 2013-08-26 17:25 - 00005307 _____ C:\Users\Michał 2\AppData\Local\recently-used.xbel
2013-08-25 02:32 - 2013-08-27 02:46 - 00001004 _____ C:\Users\Michał 2\Desktop\kp.txt
2013-08-23 23:57 - 2013-08-23 23:57 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-08-23 23:56 - 2013-08-23 23:56 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-08-23 11:31 - 2013-08-26 21:47 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-23 11:31 - 2013-08-26 21:43 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\WinZipper
2013-08-22 03:27 - 2013-08-22 03:27 - 00519012 _____ (SkaWit - Witold Skałka                                      ) C:\Users\Michał 2\Desktop\aws-setup.exe
2013-08-22 03:27 - 2013-08-22 03:27 - 00001010 _____ C:\Users\Michał 2\Desktop\Automatyczny Wyłącznik Systemu.lnk
2013-08-21 14:02 - 2013-08-21 14:37 - 00000000 ____D C:\Users\Michał 2\Desktop\WinSetup_1_0_beta8
2013-08-21 13:02 - 2013-08-21 13:02 - 00001011 _____ C:\Users\Public\Desktop\UltraISO.lnk
2013-08-21 13:01 - 2013-08-21 13:02 - 00000000 ____D C:\Program Files (x86)\UltraISO
2013-08-21 13:01 - 2013-08-21 13:01 - 00000000 ____D C:\Users\Michał 2\Documents\My ISO Files
2013-08-21 13:00 - 2013-08-24 09:51 - 00000000 ____D C:\ProgramData\eSafe
2013-08-21 12:59 - 2013-08-21 12:59 - 04001621 _____ (EZB Systems, Inc.                                           ) C:\Users\Michał 2\Downloads\uiso9_pe.exe
2013-08-21 12:58 - 2013-08-21 12:58 - 00659824 _____ C:\Users\Michał 2\Desktop\uiso9_pe_Installer.exe
2013-08-21 12:54 - 2013-08-21 12:54 - 00000000 ____D C:\ProgramData\SearchNewTab
2013-08-21 12:54 - 2013-08-21 12:54 - 00000000 ____D C:\Program Files (x86)\WebSearch
2013-08-21 12:53 - 2013-08-21 17:55 - 00000000 ____D C:\ProgramData\saVeNsHaare
2013-08-21 12:53 - 2013-08-21 12:56 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-08-21 12:53 - 2013-08-21 12:53 - 00000000 ____D C:\Program Files (x86)\SaveShare
2013-08-21 12:52 - 2013-08-21 12:56 - 00000000 ____D C:\ProgramData\InstallMate
2013-08-21 12:52 - 2013-08-21 12:52 - 00320952 _____ (StarApp) C:\Users\Michał 2\Desktop\usbm10.rar.exe
2013-08-21 01:59 - 2013-08-21 01:59 - 00000000 ____D C:\Users\Michał 2\Downloads\ChomikBox
2013-08-21 01:53 - 2013-08-24 09:43 - 00000000 ____D C:\Users\Michał 2\.gstreamer-0.10
2013-08-21 01:52 - 2013-08-23 11:31 - 00000000 ____D C:\Users\Michał 2\AppData\Local\ChomikBox
2013-08-21 01:52 - 2013-08-21 01:52 - 00000662 _____ C:\Users\Public\Desktop\ChomikBox.lnk
2013-08-21 01:51 - 2013-08-21 01:52 - 00000000 ____D C:\Program Files (x86)\ChomikBox
2013-08-21 01:48 - 2013-08-21 01:49 - 28002816 _____ C:\Users\Michał 2\Desktop\ChomikBox.msi
2013-08-21 01:44 - 2013-08-21 01:44 - 00000000 ____D C:\Users\Michał 2\Desktop\cast[bractwocienia.com]
2013-08-21 01:41 - 2013-08-21 01:41 - 00026322 _____ C:\Users\Michał 2\Desktop\cast[bractwocienia.com].zip
2013-08-21 00:35 - 2013-08-21 00:35 - 00000563 _____ C:\Users\Michał 2\Desktop\Mineshafter-proxy — skrót.lnk
2013-08-20 22:37 - 2013-08-20 22:37 - 00602112 _____ (OldTimer Tools) C:\Users\Michał 2\Desktop\OTL.exe
2013-08-19 12:40 - 2013-08-19 12:40 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-18 16:21 - 2013-08-18 16:21 - 00000000 ____D C:\Users\Michał 2\Documents\PDF Architect Files
2013-08-18 16:21 - 2013-08-18 16:21 - 00000000 ____D C:\Program Files (x86)\PDF Architect
2013-08-18 16:20 - 2013-08-18 16:32 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-08-18 16:20 - 2013-08-18 16:20 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\pdfforge
2013-08-18 16:20 - 2013-04-09 15:13 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2013-08-18 16:20 - 2012-05-05 11:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2013-08-18 16:20 - 2012-05-05 11:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2013-08-18 10:47 - 2013-08-18 10:47 - 00000000 __SHD C:\found.000
2013-08-18 02:29 - 2013-08-18 02:29 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\PDF Architect
2013-08-18 01:41 - 2013-08-18 01:41 - 00000111 ____H C:\Users\Public\Documents\sys62945.bin
2013-08-18 01:31 - 2013-08-18 01:31 - 38966928 _____ (Adobe Systems Incorporated) C:\Users\Michał 2\Downloads\AdbeRdr11000_pl_PL.exe
2013-08-18 01:10 - 2013-08-18 01:10 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\PDFEditorSDK
2013-08-18 01:08 - 2013-08-18 01:08 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\JAWS PDF Editor SDK
2013-08-18 01:08 - 2013-08-18 01:08 - 00000000 ____D C:\Users\Michał 2\AppData\Local\JAWS PDF Editor SDK
2013-08-18 01:08 - 2013-08-18 01:08 - 00000000 ____D C:\Program Files (x86)\Global Graphics
2013-08-18 01:08 - 2013-08-18 01:08 - 00000000 _____ C:\Users\UpdatusUser\AppData\Local\C
2013-08-18 01:08 - 2013-08-18 01:08 - 00000000 _____ C:\Users\Michał 2\AppData\Local\C
2013-08-18 01:03 - 2013-08-18 01:03 - 00000000 ____D C:\Users\Michał 2\Downloads\JawsPDFEditor(dobreprogramy.pl)
2013-08-18 01:00 - 2013-08-18 01:00 - 21454726 _____ C:\Users\Michał 2\Downloads\JawsPDFEditor(dobreprogramy.pl).zip
2013-08-18 00:47 - 2013-08-18 00:47 - 00000000 ____D C:\Output
2013-08-18 00:46 - 2013-08-19 13:35 - 00000000 ____D C:\Program Files (x86)\Tepfel
2013-08-18 00:46 - 2013-08-18 00:48 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Tepfel
2013-08-18 00:46 - 2013-08-18 00:45 - 02673560 _____ (PDF Password Remover                                        ) C:\Users\Michał 2\Downloads\PDF Password Remover 1.1.0.2.exe
2013-08-18 00:44 - 2013-08-18 00:44 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visage
2013-08-18 00:44 - 2013-08-18 00:44 - 00000000 ____D C:\Program Files (x86)\Visagesoft
2013-08-18 00:39 - 2013-08-18 00:39 - 00003420 _____ C:\Windows\System32\Tasks\EPUpdater
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Delta
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Babylon
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\BabSolution
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Users\Michał 2\AppData\Local\Minibar
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Users\Michał 2\AppData\Local\avgchrome
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\ProgramData\Babylon
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Program Files (x86)\Delta
2013-08-15 01:08 - 2013-08-22 23:46 - 00000000 ____D C:\Users\Michał 2\AppData\Local\Battle.net
2013-08-15 01:08 - 2013-08-15 01:09 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Battle.net
2013-08-15 01:08 - 2013-08-15 01:08 - 00000835 _____ C:\Users\Public\Desktop\Battle.net.lnk
2013-08-15 01:08 - 2013-08-15 01:08 - 00000000 ____D C:\Users\Michał 2\AppData\Local\Blizzard Entertainment
2013-08-14 23:35 - 2013-08-14 23:35 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dargon
2013-08-14 23:34 - 2013-08-14 23:35 - 00000000 ____D C:\Dargon
2013-08-14 23:33 - 2013-08-14 23:33 - 00000000 ____D C:\Users\Michał 2\Documents\DargonMods
2013-08-11 21:06 - 2013-08-11 21:06 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\ps3psarc
2013-08-03 19:35 - 2013-08-03 19:35 - 00000000 ____D C:\ProgramData\GarenaPlus
2013-08-03 12:34 - 2013-08-03 12:35 - 00000000 ____D C:\DXFBDF.tmp
2013-08-01 05:31 - 2013-08-01 05:31 - 00000000 ____D C:\Users\Micha� 2\AppData\Roaming\GameRanger
2013-08-01 05:21 - 2013-08-27 02:11 - 00006838 _____ C:\autoupdate.log
2013-07-31 17:37 - 2013-07-31 17:37 - 00003178 _____ C:\Windows\System32\Tasks\Razer_Game_Booster_AutoUpdate
2013-07-31 17:37 - 2013-07-31 17:37 - 00000000 ____D C:\Users\Michał 2\Documents\Razer
2013-07-31 16:56 - 2013-07-31 16:56 - 00000000 ____D C:\Users\Michał 2\AppData\Local\Razer
2013-07-31 16:55 - 2013-08-27 02:11 - 00003102 _____ C:\Windows\System32\Tasks\Game_Booster_Startup
2013-07-31 16:54 - 2013-07-31 16:54 - 00000000 ____D C:\ProgramData\Razer
2013-07-31 16:31 - 2013-07-31 16:31 - 00000000 ____D C:\ProgramData\LogiShrd
2013-07-31 16:30 - 2013-07-31 16:30 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Leadertech
2013-07-31 16:30 - 2013-07-31 16:30 - 00000000 ____D C:\Users\Michał 2\AppData\Local\Logitech
2013-07-31 16:29 - 2013-07-31 16:29 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-07-31 16:28 - 2013-07-31 16:29 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-07-31 16:27 - 2013-07-31 16:27 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Logitech
2013-07-31 16:27 - 2013-07-31 16:27 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Logishrd
2013-07-30 06:44 - 2013-07-30 06:44 - 00000219 _____ C:\Users\Michał 2\Desktop\Dota 2.url
2013-07-29 12:53 - 2013-07-29 12:53 - 00000000 ____D C:\Program Files (x86)\Garena Plus
2013-07-29 12:49 - 2013-07-29 12:49 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\GarenaPlus
2013-07-29 11:21 - 2013-07-29 11:21 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-28 15:45 - 2013-08-03 21:34 - 00000000 ____D C:\Users\Michał 2\AppData\Local\LogMeIn Hamachi
2013-07-28 12:06 - 2013-07-28 12:06 - 00001072 _____ C:\Users\Michał 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
2013-07-28 12:06 - 2013-07-28 12:06 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\GameRanger

==================== One Month Modified Files and Folders =======

2013-08-27 04:05 - 2013-08-27 04:04 - 00002225 _____ C:\Users\Michał 2\Desktop\FSS.txt
2013-08-27 04:03 - 2013-08-27 04:03 - 00111026 _____ C:\Users\Michał 2\Desktop\Extras.Txt
2013-08-27 04:03 - 2013-08-27 04:03 - 00000000 ____D C:\FRST
2013-08-27 04:03 - 2013-05-12 23:29 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\uTorrent
2013-08-27 04:02 - 2012-02-03 05:09 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-27 03:57 - 2013-08-27 03:57 - 00117798 _____ C:\Users\Michał 2\Desktop\OTL.Txt
2013-08-27 03:38 - 2011-11-13 20:04 - 01836212 _____ C:\Windows\WindowsUpdate.log
2013-08-27 03:29 - 2013-08-27 03:29 - 01578852 _____ (Farbar) C:\Users\Michał 2\Desktop\FRST64.exe
2013-08-27 03:29 - 2013-08-27 03:29 - 00358507 _____ (Farbar) C:\Users\Michał 2\Desktop\FSS.exe
2013-08-27 03:19 - 2012-08-23 10:38 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-27 02:46 - 2013-08-25 02:32 - 00001004 _____ C:\Users\Michał 2\Desktop\kp.txt
2013-08-27 02:23 - 2009-07-14 06:45 - 00014592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-27 02:23 - 2009-07-14 06:45 - 00014592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-27 02:12 - 2013-08-27 02:12 - 00007605 _____ C:\Users\Michał 2\AppData\Local\Resmon.ResmonCfg
2013-08-27 02:11 - 2013-08-01 05:21 - 00006838 _____ C:\autoupdate.log
2013-08-27 02:11 - 2013-07-31 16:55 - 00003102 _____ C:\Windows\System32\Tasks\Game_Booster_Startup
2013-08-27 02:11 - 2012-02-03 05:09 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-27 02:10 - 2013-08-27 02:10 - 00000360 _____ C:\Windows\PFRO.log
2013-08-27 02:10 - 2013-08-27 02:10 - 00000056 _____ C:\Windows\setupact.log
2013-08-27 02:10 - 2013-08-27 02:10 - 00000000 _____ C:\Windows\setuperr.log
2013-08-27 02:10 - 2011-11-13 20:22 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-27 02:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-26 21:52 - 2013-08-26 21:52 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Wayforward Technologies
2013-08-26 21:52 - 2013-08-26 21:52 - 00000000 ____D C:\ProgramData\Steam
2013-08-26 21:51 - 2013-08-26 21:51 - 00001018 _____ C:\Users\Public\Desktop\DuckTales Remastered.lnk
2013-08-26 21:51 - 2013-08-26 21:50 - 00000000 ____D C:\Program Files (x86)\DuckTales Remastered
2013-08-26 21:47 - 2013-08-23 11:31 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-26 21:46 - 2009-07-14 19:55 - 00886594 _____ C:\Windows\system32\perfh015.dat
2013-08-26 21:46 - 2009-07-14 19:55 - 00204930 _____ C:\Windows\system32\perfc015.dat
2013-08-26 21:46 - 2009-07-14 07:13 - 00006252 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-26 21:43 - 2013-08-23 11:31 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\WinZipper
2013-08-26 20:33 - 2012-10-28 10:52 - 00000000 ____D C:\Users\Michał 2\.gimp-2.8
2013-08-26 18:19 - 2013-08-26 18:18 - 19273460 _____ (Opera Software ASA) C:\Users\Michał 2\Desktop\Opera_Next_16.0.1196.55_Setup.exe
2013-08-26 17:25 - 2013-08-26 17:25 - 00393458 _____ C:\Users\Michał 2\Desktop\Bez naaaaazwy.xcf
2013-08-26 17:25 - 2013-08-26 17:25 - 00005307 _____ C:\Users\Michał 2\AppData\Local\recently-used.xbel
2013-08-26 02:08 - 2012-10-27 20:23 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\TS3Client
2013-08-25 22:23 - 2012-11-18 03:48 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Skype
2013-08-24 09:51 - 2013-08-21 13:00 - 00000000 ____D C:\ProgramData\eSafe
2013-08-24 09:43 - 2013-08-21 01:53 - 00000000 ____D C:\Users\Michał 2\.gstreamer-0.10
2013-08-24 01:15 - 2013-07-19 02:55 - 00009368 _____ C:\Users\Michał 2\Desktop\SESJA.txt
2013-08-23 23:57 - 2013-08-23 23:57 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-08-23 23:56 - 2013-08-23 23:56 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-08-23 11:31 - 2013-08-21 01:52 - 00000000 ____D C:\Users\Michał 2\AppData\Local\ChomikBox
2013-08-22 23:46 - 2013-08-15 01:08 - 00000000 ____D C:\Users\Michał 2\AppData\Local\Battle.net
2013-08-22 03:43 - 2013-03-16 03:06 - 00000226 _____ C:\Windows\AWS.ini
2013-08-22 03:27 - 2013-08-22 03:27 - 00519012 _____ (SkaWit - Witold Skałka                                      ) C:\Users\Michał 2\Desktop\aws-setup.exe
2013-08-22 03:27 - 2013-08-22 03:27 - 00001010 _____ C:\Users\Michał 2\Desktop\Automatyczny Wyłącznik Systemu.lnk
2013-08-21 21:31 - 2013-04-19 15:13 - 00000310 _____ C:\Users\Michał\osname.txt
2013-08-21 21:31 - 2013-04-19 15:13 - 00000110 _____ C:\Users\Michał\productid.txt
2013-08-21 21:31 - 2013-04-19 15:13 - 00000106 _____ C:\Users\Michał\bios.txt
2013-08-21 21:31 - 2013-04-19 15:13 - 00000066 _____ C:\Users\Michał\board.txt
2013-08-21 21:31 - 2013-04-19 15:13 - 00000050 _____ C:\Users\Michał\osversion.txt
2013-08-21 21:31 - 2013-04-19 15:13 - 00000011 _____ C:\Users\Michał\user.txt
2013-08-21 21:31 - 2013-04-19 15:13 - 00000000 _____ C:\Users\Michał\id.ini
2013-08-21 17:55 - 2013-08-21 12:53 - 00000000 ____D C:\ProgramData\saVeNsHaare
2013-08-21 14:37 - 2013-08-21 14:02 - 00000000 ____D C:\Users\Michał 2\Desktop\WinSetup_1_0_beta8
2013-08-21 13:02 - 2013-08-21 13:02 - 00001011 _____ C:\Users\Public\Desktop\UltraISO.lnk
2013-08-21 13:02 - 2013-08-21 13:01 - 00000000 ____D C:\Program Files (x86)\UltraISO
2013-08-21 13:01 - 2013-08-21 13:01 - 00000000 ____D C:\Users\Michał 2\Documents\My ISO Files
2013-08-21 13:00 - 2012-10-27 19:41 - 00001611 _____ C:\Users\Michał 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-21 12:59 - 2013-08-21 12:59 - 04001621 _____ (EZB Systems, Inc.                                           ) C:\Users\Michał 2\Downloads\uiso9_pe.exe
2013-08-21 12:58 - 2013-08-21 12:58 - 00659824 _____ C:\Users\Michał 2\Desktop\uiso9_pe_Installer.exe
2013-08-21 12:56 - 2013-08-21 12:53 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-08-21 12:56 - 2013-08-21 12:52 - 00000000 ____D C:\ProgramData\InstallMate
2013-08-21 12:54 - 2013-08-21 12:54 - 00000000 ____D C:\ProgramData\SearchNewTab
2013-08-21 12:54 - 2013-08-21 12:54 - 00000000 ____D C:\Program Files (x86)\WebSearch
2013-08-21 12:53 - 2013-08-21 12:53 - 00000000 ____D C:\Program Files (x86)\SaveShare
2013-08-21 12:52 - 2013-08-21 12:52 - 00320952 _____ (StarApp) C:\Users\Michał 2\Desktop\usbm10.rar.exe
2013-08-21 01:59 - 2013-08-21 01:59 - 00000000 ____D C:\Users\Michał 2\Downloads\ChomikBox
2013-08-21 01:53 - 2012-10-27 19:40 - 00000000 ____D C:\Users\Michał 2
2013-08-21 01:52 - 2013-08-21 01:52 - 00000662 _____ C:\Users\Public\Desktop\ChomikBox.lnk
2013-08-21 01:52 - 2013-08-21 01:51 - 00000000 ____D C:\Program Files (x86)\ChomikBox
2013-08-21 01:49 - 2013-08-21 01:48 - 28002816 _____ C:\Users\Michał 2\Desktop\ChomikBox.msi
2013-08-21 01:44 - 2013-08-21 01:44 - 00000000 ____D C:\Users\Michał 2\Desktop\cast[bractwocienia.com]
2013-08-21 01:41 - 2013-08-21 01:41 - 00026322 _____ C:\Users\Michał 2\Desktop\cast[bractwocienia.com].zip
2013-08-21 00:37 - 2013-07-13 13:25 - 01890646 _____ C:\Users\Michał\output-client.log
2013-08-21 00:37 - 2013-07-13 13:25 - 00000000 ____D C:\Users\Michał\stats
2013-08-21 00:37 - 2011-11-13 20:15 - 00000000 ____D C:\Users\Michał
2013-08-21 00:36 - 2013-07-13 13:25 - 00000978 _____ C:\Users\Michał\options.txt
2013-08-21 00:35 - 2013-08-21 00:35 - 00000563 _____ C:\Users\Michał 2\Desktop\Mineshafter-proxy — skrót.lnk
2013-08-20 22:37 - 2013-08-20 22:37 - 00602112 _____ (OldTimer Tools) C:\Users\Michał 2\Desktop\OTL.exe
2013-08-19 13:35 - 2013-08-18 00:46 - 00000000 ____D C:\Program Files (x86)\Tepfel
2013-08-19 12:40 - 2013-08-19 12:40 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-19 02:49 - 2012-09-21 13:16 - 00000000 ____D C:\fat32format
2013-08-18 16:32 - 2013-08-18 16:20 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-08-18 16:21 - 2013-08-18 16:21 - 00000000 ____D C:\Users\Michał 2\Documents\PDF Architect Files
2013-08-18 16:21 - 2013-08-18 16:21 - 00000000 ____D C:\Program Files (x86)\PDF Architect
2013-08-18 16:20 - 2013-08-18 16:20 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\pdfforge
2013-08-18 10:47 - 2013-08-18 10:47 - 00000000 __SHD C:\found.000
2013-08-18 02:29 - 2013-08-18 02:29 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\PDF Architect
2013-08-18 01:41 - 2013-08-18 01:41 - 00000111 ____H C:\Users\Public\Documents\sys62945.bin
2013-08-18 01:40 - 2012-10-28 08:51 - 00000000 ____D C:\Users\Michał 2\AppData\Local\Adobe
2013-08-18 01:33 - 2011-12-21 17:35 - 00000000 ____D C:\ProgramData\Adobe
2013-08-18 01:33 - 2011-11-15 21:25 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-18 01:31 - 2013-08-18 01:31 - 38966928 _____ (Adobe Systems Incorporated) C:\Users\Michał 2\Downloads\AdbeRdr11000_pl_PL.exe
2013-08-18 01:10 - 2013-08-18 01:10 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\PDFEditorSDK
2013-08-18 01:08 - 2013-08-18 01:08 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\JAWS PDF Editor SDK
2013-08-18 01:08 - 2013-08-18 01:08 - 00000000 ____D C:\Users\Michał 2\AppData\Local\JAWS PDF Editor SDK
2013-08-18 01:08 - 2013-08-18 01:08 - 00000000 ____D C:\Program Files (x86)\Global Graphics
2013-08-18 01:08 - 2013-08-18 01:08 - 00000000 _____ C:\Users\UpdatusUser\AppData\Local\C
2013-08-18 01:08 - 2013-08-18 01:08 - 00000000 _____ C:\Users\Michał 2\AppData\Local\C
2013-08-18 01:08 - 2012-09-05 16:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-18 01:03 - 2013-08-18 01:03 - 00000000 ____D C:\Users\Michał 2\Downloads\JawsPDFEditor(dobreprogramy.pl)
2013-08-18 01:00 - 2013-08-18 01:00 - 21454726 _____ C:\Users\Michał 2\Downloads\JawsPDFEditor(dobreprogramy.pl).zip
2013-08-18 00:48 - 2013-08-18 00:46 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Tepfel
2013-08-18 00:47 - 2013-08-18 00:47 - 00000000 ____D C:\Output
2013-08-18 00:45 - 2013-08-18 00:46 - 02673560 _____ (PDF Password Remover                                        ) C:\Users\Michał 2\Downloads\PDF Password Remover 1.1.0.2.exe
2013-08-18 00:44 - 2013-08-18 00:44 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visage
2013-08-18 00:44 - 2013-08-18 00:44 - 00000000 ____D C:\Program Files (x86)\Visagesoft
2013-08-18 00:39 - 2013-08-18 00:39 - 00003420 _____ C:\Windows\System32\Tasks\EPUpdater
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Delta
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Babylon
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\BabSolution
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Users\Michał 2\AppData\Local\Minibar
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Users\Michał 2\AppData\Local\avgchrome
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\ProgramData\Babylon
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-08-18 00:39 - 2013-08-18 00:39 - 00000000 ____D C:\Program Files (x86)\Delta
2013-08-17 21:33 - 2013-07-10 12:56 - 00000000 ____D C:\Users\Michał 2\AppData\Local\WMTools Downloaded Files
2013-08-17 00:00 - 2012-10-27 19:41 - 00000000 ___RD C:\Users\Michał 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-17 00:00 - 2012-01-21 00:25 - 00000000 ____D C:\Windows\pss
2013-08-16 15:17 - 2013-07-16 18:58 - 00000000 ____D C:\Users\Michał\screenshots
2013-08-15 20:33 - 2013-07-13 13:26 - 00000318 _____ C:\Users\Michał\servers.dat
2013-08-15 01:09 - 2013-08-15 01:08 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Battle.net
2013-08-15 01:08 - 2013-08-15 01:08 - 00000835 _____ C:\Users\Public\Desktop\Battle.net.lnk
2013-08-15 01:08 - 2013-08-15 01:08 - 00000000 ____D C:\Users\Michał 2\AppData\Local\Blizzard Entertainment
2013-08-14 23:37 - 2012-10-27 19:41 - 00000000 ____D C:\Users\Michał 2\AppData\Local\VirtualStore
2013-08-14 23:35 - 2013-08-14 23:35 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dargon
2013-08-14 23:35 - 2013-08-14 23:34 - 00000000 ____D C:\Dargon
2013-08-14 23:33 - 2013-08-14 23:33 - 00000000 ____D C:\Users\Michał 2\Documents\DargonMods
2013-08-14 17:16 - 2013-07-27 17:16 - 00007601 _____ C:\Users\Michał\output-server.log
2013-08-14 16:39 - 2013-07-13 13:25 - 00000000 ____D C:\Users\Michał\saves
2013-08-11 21:06 - 2013-08-11 21:06 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\ps3psarc
2013-08-10 22:23 - 2013-07-16 18:24 - 00081384 _____ C:\Users\Michał\output-client.log.1
2013-08-06 20:40 - 2013-07-25 09:08 - 00506948 _____ C:\Users\Michał 2\Desktop\Dungeon Mapa.xcf
2013-08-04 21:01 - 2011-11-15 21:25 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-08-03 21:34 - 2013-07-28 15:45 - 00000000 ____D C:\Users\Michał 2\AppData\Local\LogMeIn Hamachi
2013-08-03 19:35 - 2013-08-03 19:35 - 00000000 ____D C:\ProgramData\GarenaPlus
2013-08-03 12:35 - 2013-08-03 12:34 - 00000000 ____D C:\DXFBDF.tmp
2013-08-01 05:31 - 2013-08-01 05:31 - 00000000 ____D C:\Users\Micha� 2\AppData\Roaming\GameRanger
2013-08-01 05:31 - 2013-07-27 19:58 - 00000000 ____D C:\Users\Micha� 2
2013-07-31 17:37 - 2013-07-31 17:37 - 00003178 _____ C:\Windows\System32\Tasks\Razer_Game_Booster_AutoUpdate
2013-07-31 17:37 - 2013-07-31 17:37 - 00000000 ____D C:\Users\Michał 2\Documents\Razer
2013-07-31 17:08 - 2013-06-08 23:12 - 00000000 ____D C:\Users\Michał 2\Desktop\nutki smutki
2013-07-31 16:56 - 2013-07-31 16:56 - 00000000 ____D C:\Users\Michał 2\AppData\Local\Razer
2013-07-31 16:54 - 2013-07-31 16:54 - 00000000 ____D C:\ProgramData\Razer
2013-07-31 16:31 - 2013-07-31 16:31 - 00000000 ____D C:\ProgramData\LogiShrd
2013-07-31 16:30 - 2013-07-31 16:30 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Leadertech
2013-07-31 16:30 - 2013-07-31 16:30 - 00000000 ____D C:\Users\Michał 2\AppData\Local\Logitech
2013-07-31 16:29 - 2013-07-31 16:29 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-07-31 16:29 - 2013-07-31 16:28 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-07-31 16:28 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-31 16:27 - 2013-07-31 16:27 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Logitech
2013-07-31 16:27 - 2013-07-31 16:27 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\Logishrd
2013-07-30 06:44 - 2013-07-30 06:44 - 00000219 _____ C:\Users\Michał 2\Desktop\Dota 2.url
2013-07-29 12:53 - 2013-07-29 12:53 - 00000000 ____D C:\Program Files (x86)\Garena Plus
2013-07-29 12:49 - 2013-07-29 12:49 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\GarenaPlus
2013-07-29 12:49 - 2012-07-16 23:00 - 00000000 ____D C:\ProgramData\GarenaMessenger
2013-07-29 11:21 - 2013-07-29 11:21 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-28 12:06 - 2013-07-28 12:06 - 00001072 _____ C:\Users\Michał 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
2013-07-28 12:06 - 2013-07-28 12:06 - 00000000 ____D C:\Users\Michał 2\AppData\Roaming\GameRanger

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-1751451117-4207112011-2180288902-1003\$efcb0b5f72f3c652314cc0e694d184fc

Files to move or delete:
====================
C:\Users\Michał\servers.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2013-08-23 00:24

==================== End Of Log ============================