Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2013 Ran by Artur (administrator) on 30-08-2013 18:26:54 Running from H:\ Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (SafeNet Inc.) C:\Windows\system32\hasplms.exe (Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation) HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated) HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.) HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [IntelliType Pro] - c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation) HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation) HKCU\...\Run: [AdobeBridge] - C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe [13145448 2008-08-28] (Adobe Systems, Inc.) HKCU\...\Run: [IPLA!] - C:\Program Files (x86)\ipla\ipla.exe [21172832 2013-05-28] (Redefine Sp z o.o.) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd) HKCU\...\Run: [Google Update] - C:\Users\Artur\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-04-16] (Google Inc.) HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.) HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1157128 2009-07-27] (Dritek System Inc.) HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.) HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-11-25] (CyberLink Corp.) HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-05] (Acer Corp.) HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [39424 2009-12-21] (Nullsoft) HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated) HKLM-x32\...\Run: [CryptoCard Suite Cert Monitor] - C:\Program Files (x86)\CryptoTech\CryptoCard\CCMonitor.exe [308224 2010-10-08] () HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated) HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096 2012-09-18] (RealNetworks, Inc.) HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] () HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EdgeCLS11.00.lnk ShortcutTarget: EdgeCLS11.00.lnk -> C:\Program Files\Cam\edgecls.exe (No File) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Pobieracz w tle.lnk ShortcutTarget: SolidWorks Pobieracz w tle.lnk -> C:\Program Files (x86)\Common Files\Menedżer instalacji SolidWorks\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.) Startup: C:\Users\Artur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wp.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&m=aspire_5332&r=27360110c505l0374z1h5t4822x231 SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) DPF: HKLM-x32 {B4891BE9-835D-471B-B495-F5F3E6A8BBD7} http://cdn.vod4net.pl/1791/viv-3.5.27.1/player/player_ocx.jpeg DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\nqel93ya.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Artur\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Artur\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: () - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: () - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: () - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0 CHR Extension: () - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0 CHR Extension: () - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx CHR StartMenuInternet: Google Chrome - C:\Users\Artur\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.) R2 MSSQL$ECSQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.) S2 UGS License Server (ugslmd); C:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe [1372160 2008-04-23] (Macrovision Corporation) ==================== Drivers (Whitelisted) ==================== R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-07] (AVAST Software) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [323584 2012-10-06] (SafeNet Inc.) R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies) S2 Sentinel; C:\Windows\SysWow64\Drivers\SENTINEL.SYS [76288 2006-06-12] (Rainbow Technologies, Inc.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-12-28] () U3 adf77we0; C:\Windows\System32\Drivers\adf77we0.sys [0 ] (Microsoft Corporation) S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [x] S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x] S2 Sentinel; \SystemRoot\System32\Drivers\SENTINEL.SYS [x] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-30 17:32 - 2013-08-30 17:32 - 00000000 ____D C:\Users\Artur\Desktop\Stare dane programu Firefox 2013-08-11 11:11 - 2013-08-11 11:16 - 00143792 _____ C:\Users\Artur\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-10 23:47 - 2013-08-10 23:47 - 00157312 _____ C:\Users\Artur\AppData\Local\GDIPFONTCACHEV1.DAT.crypted 2013-08-10 23:47 - 2013-08-10 23:47 - 00019072 _____ C:\Users\Artur\AppData\Local\WebpageIcons.db.crypted 2013-08-10 23:47 - 2013-08-10 23:47 - 00008320 _____ C:\Users\Artur\AppData\Local\Resmon.ResmonCfg.crypted 2013-08-10 23:47 - 2013-08-10 23:47 - 00005120 _____ C:\Users\Artur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini.crypted 2013-08-10 22:08 - 2013-08-10 22:08 - 00039552 _____ C:\ProgramData\FullRemove.exe.crypted 2013-08-10 22:08 - 2013-08-10 22:08 - 00009216 _____ C:\ProgramData\ArcadeDeluxe3.log.crypted 2013-08-02 18:03 - 2013-08-02 19:25 - 996147200 _____ C:\Users\Artur\Downloads\EdgeCAM 2013R1 Student.part3.rar 2013-08-02 18:03 - 2013-08-02 19:23 - 996147200 _____ C:\Users\Artur\Downloads\EdgeCAM 2013R1 Student.part2.rar 2013-08-02 18:03 - 2013-08-02 19:00 - 624794488 _____ C:\Users\Artur\Downloads\EdgeCAM 2013R1 Student.part4.rar 2013-08-02 18:02 - 2013-08-02 19:24 - 996147200 _____ C:\Users\Artur\Downloads\EdgeCAM 2013R1 Student.part1.rar ==================== One Month Modified Files and Folders ======= 2013-08-30 18:08 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-30 18:08 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-30 18:07 - 2009-10-05 12:52 - 01125327 _____ C:\Windows\WindowsUpdate.log 2013-08-30 18:04 - 2012-04-16 18:53 - 00001042 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-30 18:01 - 2010-12-26 14:13 - 00000000 ____D C:\Users\Artur\AppData\Roaming\ipla 2013-08-30 18:00 - 2012-05-31 19:23 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1930279667-1086179956-1495167052-1000UA.job 2013-08-30 18:00 - 2012-05-26 09:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-30 18:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-30 18:00 - 2009-07-14 06:51 - 00174855 _____ C:\Windows\setupact.log 2013-08-30 17:59 - 2013-08-30 17:59 - 00000000 ____D C:\AdwCleaner 2013-08-30 17:59 - 2010-07-28 19:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-30 17:38 - 2010-12-26 14:12 - 00000000 ____D C:\Program Files (x86)\ipla 2013-08-30 17:36 - 2010-12-26 14:13 - 00000000 ____D C:\ProgramData\ipla 2013-08-30 17:34 - 2009-08-14 12:52 - 38276656 _____ C:\Windows\PFRO.log 2013-08-30 17:32 - 2013-08-30 17:32 - 00000000 ____D C:\Users\Artur\Desktop\Stare dane programu Firefox 2013-08-30 17:28 - 2012-04-16 18:53 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-30 17:18 - 2012-05-31 19:24 - 00000000 ____D C:\Users\Artur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2013-08-30 17:11 - 2011-10-26 17:56 - 00000000 ____D C:\Users\Artur\AppData\Roaming\Skype 2013-08-30 17:11 - 2010-09-22 20:34 - 00798208 ___SH C:\Users\Artur\Desktop\Thumbs.db 2013-08-11 11:16 - 2013-08-11 11:11 - 00143792 _____ C:\Users\Artur\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-11 11:11 - 2011-08-28 11:31 - 00000000 ____D C:\ProgramData\RDRM 2013-08-11 11:09 - 2010-12-28 14:58 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2013-08-11 01:04 - 2012-11-11 19:42 - 00000000 ____D C:\Users\Artur\Desktop\disco 2013-08-11 00:34 - 2012-09-19 00:00 - 00000000 ____D C:\Users\Artur\Desktop\cls 2013-08-11 00:34 - 2012-07-06 14:51 - 00000000 ___RD C:\Users\Artur\Desktop\angielski 2013-08-11 00:11 - 2011-10-26 20:55 - 00000000 ____D C:\Users\Artur\AppData\Roaming\SolidWorks 2013-08-11 00:11 - 2010-01-30 17:53 - 00000000 ____D C:\Users\Artur\AppData\Roaming\WinRAR 2013-08-11 00:11 - 2010-01-09 19:32 - 00000000 ____D C:\Users\Artur\AppData\Roaming\skypePM 2013-08-11 00:11 - 2010-01-06 20:14 - 00000000 ____D C:\Users\Artur\AppData\Roaming\streamripper 2013-08-11 00:11 - 2010-01-06 18:23 - 00000000 ____D C:\Users\Artur\AppData\Roaming\uTorrent 2013-08-11 00:11 - 2010-01-05 18:21 - 00000000 ____D C:\Users\Artur\AppData\Roaming\SoftDMA 2013-08-11 00:10 - 2010-12-26 14:13 - 00000000 ____D C:\Users\Artur\AppData\Roaming\RDRM 2013-08-11 00:10 - 2010-01-05 18:21 - 00000000 ____D C:\Users\Artur\AppData\Roaming\PowerCinema 2013-08-11 00:09 - 2010-01-15 20:08 - 00000000 ____D C:\Users\Artur\AppData\Roaming\iPlus 2013-08-11 00:09 - 2010-01-10 01:16 - 00000000 ____D C:\Users\Artur\AppData\Roaming\Media Player Classic 2013-08-10 23:52 - 2010-01-05 19:33 - 00000000 ____D C:\Users\Artur\AppData\Roaming\Gadu-Gadu 10 2013-08-10 23:52 - 2010-01-05 18:15 - 00000000 ____D C:\Users\Artur\AppData\Roaming\GameConsole 2013-08-10 23:50 - 2013-07-03 22:11 - 00000000 ____D C:\Users\Artur\AppData\Roaming\CircuitWorks 2013-08-10 23:50 - 2010-12-28 14:58 - 00000000 ____D C:\Users\Artur\AppData\Roaming\DAEMON Tools Lite 2013-08-10 23:50 - 2010-01-05 18:01 - 00000000 ____D C:\Users\Artur\AppData\Roaming\Adobe 2013-08-10 23:47 - 2013-08-10 23:47 - 00157312 _____ C:\Users\Artur\AppData\Local\GDIPFONTCACHEV1.DAT.crypted 2013-08-10 23:47 - 2013-08-10 23:47 - 00019072 _____ C:\Users\Artur\AppData\Local\WebpageIcons.db.crypted 2013-08-10 23:47 - 2013-08-10 23:47 - 00008320 _____ C:\Users\Artur\AppData\Local\Resmon.ResmonCfg.crypted 2013-08-10 23:47 - 2013-08-10 23:47 - 00005120 _____ C:\Users\Artur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini.crypted 2013-08-10 23:47 - 2011-03-10 02:02 - 00000000 ____D C:\Users\Artur\AppData\Local\Windows Live Writer 2013-08-10 23:45 - 2013-07-04 20:34 - 00000000 ____D C:\Users\Artur\AppData\Local\SolidCAM Temporary Files 2013-08-10 23:45 - 2010-09-19 22:39 - 00000000 ____D C:\Users\Artur\AppData\Local\Speedchecker 2013-08-10 23:44 - 2010-01-05 18:21 - 00000000 ____D C:\Users\Artur\AppData\Local\PlayMovie 2013-08-10 23:32 - 2011-10-26 21:04 - 00000000 ____D C:\SolidWorks Data 2013-08-10 23:32 - 2010-03-27 17:01 - 00000000 ____D C:\Users\Artur\.gstreamer-0.10 2013-08-10 23:32 - 2010-01-05 18:21 - 00000000 ____D C:\Users\Artur\AppData\Local\Acer Arcade Deluxe 2013-08-10 23:24 - 2010-04-16 15:58 - 00000000 ____D C:\solid edge v20 2013-08-10 23:14 - 2010-01-08 22:26 - 00000000 ____D C:\programy 2013-08-10 22:08 - 2013-08-10 22:08 - 00039552 _____ C:\ProgramData\FullRemove.exe.crypted 2013-08-10 22:08 - 2013-08-10 22:08 - 00009216 _____ C:\ProgramData\ArcadeDeluxe3.log.crypted 2013-08-10 22:05 - 2009-08-14 12:45 - 00000000 ____D C:\ProgramData\SiteAdvisor 2013-08-10 21:59 - 2010-04-16 20:38 - 00000000 ____D C:\ProgramData\FLEXnet 2013-08-10 21:59 - 2009-10-05 13:02 - 00000000 ____D C:\ProgramData\CyberLink 2013-08-10 21:58 - 2009-08-14 12:57 - 00000000 ___HD C:\OEM 2013-08-10 21:15 - 2010-07-24 10:00 - 00000000 ____D C:\edgecam 2013-08-10 21:01 - 2013-01-10 19:13 - 00000000 ____D C:\27499988e4957e7917c6502cd2c3b5be 2013-08-10 21:01 - 2011-11-09 23:17 - 00000000 ____D C:\483ee86647d1ed7ba5 2013-08-10 21:01 - 2011-04-28 00:23 - 00000000 ____D C:\3098af1ca4f350de30 2013-08-10 21:01 - 2011-03-10 18:57 - 00000000 ____D C:\45f06a6d397bcbb76772e0fe11c5 2013-08-10 21:01 - 2009-10-05 12:55 - 00000000 ____D C:\book 2013-08-10 21:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep 2013-08-10 20:56 - 2010-01-20 21:18 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{930C79AA-567C-4E01-898F-002148CD5001} 2013-08-04 16:00 - 2012-05-31 19:23 - 00001006 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1930279667-1086179956-1495167052-1000Core.job 2013-08-02 19:25 - 2013-08-02 18:03 - 996147200 _____ C:\Users\Artur\Downloads\EdgeCAM 2013R1 Student.part3.rar 2013-08-02 19:24 - 2013-08-02 18:02 - 996147200 _____ C:\Users\Artur\Downloads\EdgeCAM 2013R1 Student.part1.rar 2013-08-02 19:23 - 2013-08-02 18:03 - 996147200 _____ C:\Users\Artur\Downloads\EdgeCAM 2013R1 Student.part2.rar 2013-08-02 19:00 - 2013-08-02 18:03 - 624794488 _____ C:\Users\Artur\Downloads\EdgeCAM 2013R1 Student.part4.rar 2013-07-31 00:04 - 2013-07-30 23:42 - 421573874 _____ C:\Users\Artur\Downloads\WebinariumEdgecam25.02.2011.zip 2013-07-31 00:02 - 2013-07-30 23:43 - 482399711 _____ C:\Users\Artur\Downloads\WebinariumEdgecam20.04.2011.zip ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-02 20:28 ==================== End Of Log ============================