Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-09-2013
Ran by Sławek (administrator) on PPP on 23-09-2013 12:31:14
Running from C:\Users\Sławek\Desktop\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Media remote\Media remote.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [862088 2011-01-28] (Acer Incorporated)
HKLM\...\Run: [Media remote] - C:\Program Files (x86)\Media remote\Media remote.exe [41496 2011-03-11] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll, C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: EgisPBIE Class - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Acer Bio Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: EgisPBIE Class - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Acer Bio Protection\EgisPBIE.dll (Egis Technology Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Sławek\AppData\Roaming\Mozilla\Firefox\Profiles\63u36efb.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin64-0.98.38.dll No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Sławek\AppData\Roaming\Mozilla\Firefox\Profiles\63u36efb.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.98.38.dll No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Sławek\AppData\Roaming\Mozilla\Firefox\Profiles\gj35vrkn.default-1379931277532
FF Homepage: hxxp://www.google.pl/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Acer Bio Protection\FFExt
FF Extension:  Password Bank Extension  - C:\Program Files (x86)\Acer Bio Protection\FFExt

==================== Services (Whitelisted) =================

S4 EgisTec Service; C:\Program Files (x86)\Acer Bio Protection\EgisService.exe [318000 2011-01-12] (Egis Technology Inc. )
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202296 2012-04-25] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2010-11-12] (NTI Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-23 12:18 - 2013-09-23 12:19 - 00000000 ____D C:\AdwCleaner
2013-09-23 12:14 - 2013-09-23 12:14 - 00000000 ____D C:\Users\Sławek\Desktop\Stare dane programu Firefox
2013-09-22 14:16 - 2013-09-22 14:16 - 00000020 ___SH C:\Users\Sławek\ntuser.ini
2013-09-21 23:56 - 2013-09-21 23:56 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-21 23:56 - 2013-09-21 23:56 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2013-09-21 21:57 - 2013-09-21 21:57 - 664401764 _____ C:\Windows\MEMORY.DMP
2013-09-21 21:57 - 2013-09-21 21:57 - 00262144 _____ C:\Windows\Minidump\092113-22557-01.dmp
2013-09-21 21:57 - 2013-09-21 21:57 - 00000000 ____D C:\Windows\Minidump
2013-09-21 21:24 - 2013-09-21 21:24 - 00325376 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-21 21:23 - 2013-09-21 21:23 - 00000686 _____ C:\Windows\PFRO.log
2013-09-21 21:07 - 2013-09-23 12:21 - 00001344 _____ C:\Windows\setupact.log
2013-09-21 21:07 - 2013-09-21 21:07 - 00068712 _____ C:\Users\Sławek\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-21 21:07 - 2013-09-21 21:07 - 00000000 _____ C:\Windows\setuperr.log
2013-09-21 21:04 - 2013-09-21 21:04 - 00000000 ____D C:\FRST
2013-09-21 20:51 - 2013-09-21 20:51 - 00034364 _____ C:\Users\Sławek\Documents\cc_20130921_205117.reg
2013-09-21 20:13 - 2013-09-21 20:13 - 00000000 ____D C:\Users\Sławek\AppData\Roaming\Malwarebytes
2013-09-21 20:13 - 2013-09-21 20:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-21 20:13 - 2013-09-21 20:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-21 20:13 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-13 21:52 - 2013-09-13 21:52 - 00000000 _____ C:\Users\Sławek\Documents\list do ATO.txt
2013-09-08 21:05 - 2013-09-08 21:05 - 00000000 ____D C:\Users\Sławek\AppData\Local\calibre-cache
2013-09-08 21:02 - 2013-09-08 21:07 - 00000000 ____D C:\Users\Sławek\AppData\Roaming\calibre
2013-09-08 20:54 - 2013-09-08 20:54 - 00000000 ____D C:\Users\Sławek\AppData\Roaming\IsolatedStorage
2013-09-08 20:54 - 2013-09-08 20:54 - 00000000 ____D C:\Users\Sławek\AppData\Local\_
2013-09-08 20:54 - 2013-09-08 20:54 - 00000000 ____D C:\ProgramData\IsolatedStorage
2013-09-05 18:14 - 2013-09-05 18:14 - 00003034 _____ C:\Windows\System32\Tasks\{39F5EEA8-7565-45CC-9AE3-AAD49C5FE638}
2013-08-28 21:56 - 2013-08-28 21:56 - 00000000 ____D C:\Users\Sławek\AppData\Roaming\Softland
2013-08-28 21:56 - 2013-08-28 21:56 - 00000000 ____D C:\Program Files\Softland
2013-08-28 21:56 - 2013-05-09 10:54 - 00025920 _____ (Softland) C:\Windows\system32\dopdfmn7.dll
2013-08-28 21:56 - 2013-05-09 10:54 - 00021312 _____ (Softland) C:\Windows\system32\dopdfmi7.dll
2013-08-28 21:56 - 2010-11-25 12:17 - 00007549 _____ C:\Windows\system32\dopdf7.ctm
2013-08-28 21:56 - 2010-02-05 15:00 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll

==================== One Month Modified Files and Folders =======

2013-09-23 12:28 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-23 12:28 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-23 12:25 - 2011-04-21 03:09 - 00737480 _____ C:\Windows\system32\perfh015.dat
2013-09-23 12:25 - 2011-04-21 03:09 - 00154136 _____ C:\Windows\system32\perfc015.dat
2013-09-23 12:25 - 2009-07-14 07:13 - 01661232 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-23 12:24 - 2011-04-21 03:15 - 01245822 _____ C:\Windows\WindowsUpdate.log
2013-09-23 12:21 - 2013-09-21 21:07 - 00001344 _____ C:\Windows\setupact.log
2013-09-23 12:21 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-23 12:19 - 2013-09-23 12:18 - 00000000 ____D C:\AdwCleaner
2013-09-23 12:14 - 2013-09-23 12:14 - 00000000 ____D C:\Users\Sławek\Desktop\Stare dane programu Firefox
2013-09-22 21:58 - 2012-06-30 22:00 - 00000000 ____D C:\Program Files (x86)\The KMPlayer
2013-09-22 14:52 - 2012-06-30 21:24 - 00000000 ____D C:\Users\Sławek\AppData\Roaming\uTorrent
2013-09-22 14:16 - 2013-09-22 14:16 - 00000020 ___SH C:\Users\Sławek\ntuser.ini
2013-09-22 14:16 - 2012-06-28 11:52 - 00000000 ____D C:\Users\Sławek
2013-09-21 23:56 - 2013-09-21 23:56 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-21 23:56 - 2013-09-21 23:56 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2013-09-21 22:35 - 2012-07-18 16:39 - 00000000 ____D C:\Users\Sławek\AppData\Roaming\Skype
2013-09-21 22:31 - 2012-07-18 16:43 - 00000000 ____D C:\Users\Sławek\AppData\Roaming\skypePM
2013-09-21 21:57 - 2013-09-21 21:57 - 664401764 _____ C:\Windows\MEMORY.DMP
2013-09-21 21:57 - 2013-09-21 21:57 - 00262144 _____ C:\Windows\Minidump\092113-22557-01.dmp
2013-09-21 21:57 - 2013-09-21 21:57 - 00000000 ____D C:\Windows\Minidump
2013-09-21 21:24 - 2013-09-21 21:24 - 00325376 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-21 21:23 - 2013-09-21 21:23 - 00000686 _____ C:\Windows\PFRO.log
2013-09-21 21:07 - 2013-09-21 21:07 - 00068712 _____ C:\Users\Sławek\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-21 21:07 - 2013-09-21 21:07 - 00000000 _____ C:\Windows\setuperr.log
2013-09-21 21:04 - 2013-09-21 21:04 - 00000000 ____D C:\FRST
2013-09-21 20:51 - 2013-09-21 20:51 - 00034364 _____ C:\Users\Sławek\Documents\cc_20130921_205117.reg
2013-09-21 20:43 - 2012-11-25 14:45 - 00000000 ____D C:\Users\Sławek\AppData\Local\CrashDumps
2013-09-21 20:39 - 2012-06-28 11:56 - 00001377 _____ C:\Users\Sławek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-21 20:13 - 2013-09-21 20:13 - 00000000 ____D C:\Users\Sławek\AppData\Roaming\Malwarebytes
2013-09-21 20:13 - 2013-09-21 20:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-21 20:13 - 2013-09-21 20:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-21 19:36 - 2012-09-05 05:24 - 00000000 ____D C:\Users\Sławek\AppData\Local\Paint.NET
2013-09-13 21:56 - 2013-08-22 12:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-13 21:52 - 2013-09-13 21:52 - 00000000 _____ C:\Users\Sławek\Documents\list do ATO.txt
2013-09-12 19:05 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-09-12 11:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-08 21:07 - 2013-09-08 21:02 - 00000000 ____D C:\Users\Sławek\AppData\Roaming\calibre
2013-09-08 21:05 - 2013-09-08 21:05 - 00000000 ____D C:\Users\Sławek\AppData\Local\calibre-cache
2013-09-08 20:54 - 2013-09-08 20:54 - 00000000 ____D C:\Users\Sławek\AppData\Roaming\IsolatedStorage
2013-09-08 20:54 - 2013-09-08 20:54 - 00000000 ____D C:\Users\Sławek\AppData\Local\_
2013-09-08 20:54 - 2013-09-08 20:54 - 00000000 ____D C:\ProgramData\IsolatedStorage
2013-09-05 18:14 - 2013-09-05 18:14 - 00003034 _____ C:\Windows\System32\Tasks\{39F5EEA8-7565-45CC-9AE3-AAD49C5FE638}
2013-09-05 17:47 - 2012-06-28 12:17 - 00000000 ____D C:\Users\Sławek\AppData\Roaming\Adobe
2013-09-05 17:44 - 2011-03-09 12:14 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-09-05 17:43 - 2011-03-09 12:14 - 00000000 ____D C:\ProgramData\Adobe
2013-08-29 13:25 - 2013-06-29 09:23 - 00000000 ____D C:\Program Files\Unlocker
2013-08-28 21:56 - 2013-08-28 21:56 - 00000000 ____D C:\Users\Sławek\AppData\Roaming\Softland
2013-08-28 21:56 - 2013-08-28 21:56 - 00000000 ____D C:\Program Files\Softland

Some content of TEMP:
====================
C:\Users\Sławek\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 00:36

==================== End Of Log ============================