Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013
Ran by User (administrator) on USER-KOMPUTER on 24-09-2013 19:20:09
Running from C:\Users\User\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9642528 2009-12-08] (Realtek Semiconductor)
HKCU\...\Run: [WinFast Schedule] - C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2912256 2009-03-11] (Leadtek Research Inc.)
HKCU\...\Run: [Gadu-Gadu 10] - C:\Program Files (x86)\Gadu-Gadu 10\gg.exe [12661344 2010-10-07] (GG Network S.A.)
HKCU\...\Run: [Google Update] - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-01] (Google Inc.)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
MountPoints2: {7ce70fe5-f8d7-11e1-b169-6cf049750c5c} - G:\LGAutoRun.exe
MountPoints2: {e002d240-f4c9-11e0-a187-806e6f6e6963} - F:\setup_homm5.exe
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [WinFastDTV] - C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [90112 2009-10-02] (Leadtek Research Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2254768 2012-12-10] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-11] (Avira Operations GmbH & Co. KG)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKLM-x32 - {14D20B54-692B-A145-9C63-1444FD9A71E0} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
SearchScopes: HKLM-x32 - {aa91a22e-2e6d-4c79-a578-d50109b651aa} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVxdm138YYPL&ptb=F7C46875-5961-40B1-B8D3-4777F69E7E76&psa=&ind=2010071702&ptnrS=ZVxdm138YYPL&si=gua131701&st=sb&n=77cf4296&searchfor={searchTerms}
SearchScopes: HKCU - Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKCU - {14D20B54-692B-A145-9C63-1444FD9A71E0} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
SearchScopes: HKCU - {18670B1F-C2D6-45BD-9A8D-52765D9D04C3} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=YYYYYYYYPL&apn_uid=D5E9B6A6-CB5D-4DC3-B56D-FC6AD2BD42F4&apn_sauid=BE31E702-B2A2-453B-B9B1-DF77225466F7
SearchScopes: HKCU - {1922A1A6-2BE2-476D-A739-609B79AF019D} URL = http://www.youtube.com/results?search_query={searchTerms}&page={startPage?}&utm_source=opensearch
SearchScopes: HKCU - {70E7FB92-85CD-4b16-95D0-47F304E4C883} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKCU - {aa91a22e-2e6d-4c79-a578-d50109b651aa} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVxdm138YYPL&ptb=F7C46875-5961-40B1-B8D3-4777F69E7E76&psa=&ind=2010071702&ptnrS=ZVxdm138YYPL&si=gua131701&st=sb&n=77cf4296&searchfor={searchTerms}
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll No File
Toolbar: HKCU -  No Name - {DD02A4EB-4AFD-4D60-99D8-E67F964CA813} -  No File
Toolbar: HKCU -  No Name - {AC7B03F7-9C6B-4946-8964-7A00F880E1F6} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\..\Interfaces\{D86DC8B2-F0BA-4592-A66F-D63A8C117A7B}: [NameServer]213.241.79.37,213.241.79.38

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Google) - http://www.google.com/search?q={searchTerms}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U40) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Google Update) - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR StartMenuInternet: Google Chrome - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-05-24] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-11] (Avira Operations GmbH & Co. KG)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-07-20] ()
S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [292736 2013-08-15] (Puran Software)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R3 3xHybr64; C:\Windows\System32\DRIVERS\3xHybr64.sys [1311616 2009-08-17] (NXP Semiconductors Germany GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-11] (Avira Operations GmbH & Co. KG)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-24] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-24] (Windows (R) Server 2003 DDK provider)
S3 pfc; C:\Windows\SysWow64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-10-12] (Duplex Secure Ltd.)
S3 ST330; C:\Windows\System32\DRIVERS\st330.sys [47616 2010-02-27] (THOMSON Telecom Belgium)
S3 STBUS; C:\Windows\System32\DRIVERS\stbus.sys [24576 2010-02-27] (THOMSON Telecom Belgium)
S3 STETH; C:\Windows\System32\DRIVERS\steth.sys [58880 2010-02-27] (THOMSON Telecom Belgium)
S3 stppp; C:\Windows\System32\DRIVERS\stppp.sys [54272 2010-02-27] (THOMSON Telecom Belgium)
S3 pfc; system32\drivers\pfc.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-24 19:19 - 2013-09-24 19:19 - 01955802 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2013-09-24 19:12 - 2013-09-24 19:12 - 00093870 _____ C:\Users\User\Desktop\Extras.Txt
2013-09-24 19:11 - 2013-09-24 19:11 - 00504198 _____ C:\Users\User\Desktop\OTL.Txt
2013-09-24 18:43 - 2013-09-24 18:44 - 00000000 ____D C:\AdwCleaner
2013-09-24 18:43 - 2013-09-24 18:43 - 01042066 _____ C:\Users\User\Downloads\AdwCleaner.exe
2013-09-16 14:13 - 2013-09-16 14:13 - 00000000 _____ C:\Users\User\Desktop\Nowy dokument tekstowy (2).txt
2013-09-12 21:21 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 21:21 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 21:21 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 21:21 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 21:21 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 21:21 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 21:21 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 21:21 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 21:21 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 21:21 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 21:21 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 21:21 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 21:21 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 21:21 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 21:21 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 21:21 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 21:21 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 21:21 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 21:21 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 21:21 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 21:21 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 21:21 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 21:21 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 21:21 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 21:21 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 21:21 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 21:21 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 21:21 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 21:21 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 21:21 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 21:21 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 16:53 - 2013-09-12 17:35 - 598340473 _____ C:\Users\User\Downloads\Postal 2 PL.EXE
2013-09-12 16:37 - 2013-09-12 16:37 - 00000050 _____ C:\Users\User\Desktop\Nowy dokument tekstowy.txt
2013-09-12 14:00 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 14:00 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 14:00 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 14:00 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 14:00 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 14:00 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 14:00 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 14:00 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 14:00 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 14:00 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 14:00 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 14:00 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 14:00 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 14:00 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 14:00 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 14:00 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 14:00 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 14:00 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 14:00 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 14:00 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 14:00 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 14:00 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 14:00 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 19:25 - 2013-09-11 19:25 - 00000978 _____ C:\Users\User\Desktop\PuranDefragGUI.lnk
2013-09-11 19:23 - 2013-09-24 18:48 - 00000000 ____D C:\Program Files\Puran Utilities
2013-09-11 19:23 - 2013-08-15 16:39 - 01367424 _____ (Puran Software) C:\Windows\system32\PuranFD.exe
2013-09-11 19:23 - 2013-08-15 16:39 - 00292736 _____ (Puran Software) C:\Windows\system32\PuranDefragS.exe
2013-09-11 19:23 - 2013-08-15 16:39 - 00287616 _____ (Puran Software) C:\Windows\system32\PuranDC.exe
2013-09-11 19:23 - 2013-08-15 16:39 - 00256896 _____ (Puran Software) C:\Windows\system32\PuranDefrag.dll
2013-09-11 19:23 - 2013-08-15 16:39 - 00132480 _____ (Puran Software) C:\Windows\system32\PuranDefragBT.exe
2013-09-11 19:22 - 2013-09-11 19:22 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Avira
2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\ProgramData\APN
2013-09-11 19:21 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\User\Documents\APNSetup.exe
2013-09-11 19:20 - 2013-09-11 19:20 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-11 19:20 - 2013-09-11 19:20 - 00000000 ____D C:\ProgramData\Avira
2013-09-11 19:20 - 2013-09-11 19:20 - 00000000 ____D C:\Program Files (x86)\Avira
2013-09-11 19:20 - 2013-09-11 19:19 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-11 19:20 - 2013-09-11 19:19 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-11 19:20 - 2013-09-11 19:19 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-11 19:07 - 2013-09-11 19:07 - 02092792 _____ C:\Users\User\Downloads\avira_free_antivirus.exe
2013-09-11 18:57 - 2013-09-11 18:57 - 07912440 _____ (Adobe Systems Inc.) C:\Users\User\Downloads\Shockwave_Installer_Slim.exe
2013-09-11 18:55 - 2013-09-11 18:55 - 00000000 ____D C:\ProgramData\Oracle
2013-09-11 18:54 - 2013-09-11 18:54 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-11 18:54 - 2013-09-11 18:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-11 18:54 - 2013-09-11 18:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-11 18:54 - 2013-09-11 18:54 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-11 18:54 - 2013-09-11 18:54 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-11 18:51 - 2013-09-11 18:51 - 00913832 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u40.exe
2013-09-11 18:44 - 2013-09-11 18:44 - 00000000 ____D C:\FRST
2013-09-11 18:29 - 2013-09-11 18:30 - 10702672 _____ (Puran Software                                              ) C:\Users\User\Downloads\PuranUtilitiesSetup.exe
2013-09-11 18:21 - 2013-09-11 18:21 - 00000214 _____ C:\Users\User\defogger_reenable
2013-09-11 18:20 - 2013-09-11 18:20 - 00602112 _____ (OldTimer Tools) C:\Users\User\Desktop\OTL.exe
2013-09-11 18:19 - 2013-09-11 18:20 - 01949408 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2013-09-11 18:05 - 2013-09-11 18:05 - 00050477 _____ C:\Users\User\Desktop\Defogger.exe
2013-09-11 17:49 - 2013-09-11 17:49 - 00003003 _____ C:\Users\User\photorec.cfg
2013-09-11 17:47 - 2013-09-11 17:47 - 00000000 ____D C:\Users\User\Downloads\testdisk-6.14.win
2013-09-11 15:16 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 15:16 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 15:16 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 15:16 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 19:00 - 2013-09-10 19:00 - 09430408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-09-09 09:31 - 2013-09-09 09:51 - 00002432 _____ C:\Users\User\AppData\Local\Tempuk2112.html
2013-08-31 09:21 - 2013-09-24 19:01 - 00000000 ____D C:\Users\User\Downloads\Cod5
2013-08-30 16:14 - 2013-08-30 16:14 - 00000000 ____D C:\Users\User\Documents\Alcohol 52%
2013-08-30 15:01 - 2013-08-30 15:01 - 01130576 _____ (BitTorrent Inc.) C:\Users\User\Downloads\utorrent.exe
2013-08-30 09:40 - 2013-08-30 11:02 - 00000000 ____D C:\Users\User\Desktop\Heroes of Might & Magic V - Dzikie Hordy
2013-08-28 09:33 - 2013-08-28 10:02 - 00000000 ____D C:\Users\User\AppData\Roaming\Origin
2013-08-26 13:57 - 2013-08-26 13:57 - 00000000 ____D C:\Users\User\Documents\Paradox Interactive
2013-08-26 13:53 - 2013-08-26 13:53 - 00000000 ____D C:\8ee20b058dc89cae709aed3829ee3d
2013-08-26 13:53 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-08-26 13:53 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-08-26 13:53 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-08-26 13:53 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-08-26 13:53 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-08-26 13:53 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-08-26 13:53 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-08-26 13:53 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-08-26 13:53 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-08-26 13:53 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-08-26 13:53 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-08-26 13:53 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-08-26 13:51 - 2013-08-26 13:51 - 00001210 _____ C:\Users\Public\Desktop\Europa Universalis IV.lnk
2013-08-26 13:48 - 2013-08-26 13:51 - 00000000 ____D C:\Program Files (x86)\Europa Universalis IV
2013-08-26 12:02 - 2013-08-26 12:02 - 00000000 ____D C:\Users\User\AppData\Roaming\DownLite

==================== One Month Modified Files and Folders =======

2013-09-24 19:19 - 2013-09-24 19:19 - 01955802 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2013-09-24 19:12 - 2013-09-24 19:12 - 00093870 _____ C:\Users\User\Desktop\Extras.Txt
2013-09-24 19:11 - 2013-09-24 19:11 - 00504198 _____ C:\Users\User\Desktop\OTL.Txt
2013-09-24 19:07 - 2009-07-14 19:55 - 00697896 _____ C:\Windows\system32\perfh015.dat
2013-09-24 19:07 - 2009-07-14 19:55 - 00135006 _____ C:\Windows\system32\perfc015.dat
2013-09-24 19:07 - 2009-07-14 07:13 - 01549932 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-24 19:05 - 2011-10-12 22:42 - 00000539 _____ C:\Users\User\Documents\ax_files.xml
2013-09-24 19:01 - 2013-08-31 09:21 - 00000000 ____D C:\Users\User\Downloads\Cod5
2013-09-24 19:00 - 2012-03-29 20:04 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-24 18:53 - 2009-07-14 06:45 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-24 18:53 - 2009-07-14 06:45 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-24 18:49 - 2010-11-07 01:37 - 00000000 ____D C:\Users\User\AppData\Local\LogMeIn Hamachi
2013-09-24 18:48 - 2013-09-11 19:23 - 00000000 ____D C:\Program Files\Puran Utilities
2013-09-24 18:48 - 2010-02-23 21:57 - 01929888 _____ C:\Windows\WindowsUpdate.log
2013-09-24 18:46 - 2012-03-19 23:12 - 00000000 ____D C:\Users\User\Desktop\FIZYKA-matura(TO BZDURA)
2013-09-24 18:45 - 2010-02-23 23:09 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-09-24 18:45 - 2010-02-23 23:01 - 00000144 _____ C:\service.log
2013-09-24 18:45 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-24 18:45 - 2009-07-14 06:51 - 00256737 _____ C:\Windows\setupact.log
2013-09-24 18:44 - 2013-09-24 18:43 - 00000000 ____D C:\AdwCleaner
2013-09-24 18:43 - 2013-09-24 18:43 - 01042066 _____ C:\Users\User\Downloads\AdwCleaner.exe
2013-09-24 18:39 - 2011-10-01 22:04 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1892876427-196628923-906992480-1000UA.job
2013-09-24 18:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-09-24 16:07 - 2010-03-27 22:49 - 00003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BCC6A330-5EB9-4A56-B8BE-543DC1D52F59}
2013-09-24 12:58 - 2011-07-02 18:01 - 00000000 ____D C:\Civilization V
2013-09-22 11:39 - 2011-10-01 22:04 - 00001002 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1892876427-196628923-906992480-1000Core.job
2013-09-20 21:48 - 2010-12-25 10:58 - 00111928 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-20 21:48 - 2010-12-25 10:58 - 00111928 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-09-20 08:42 - 2011-10-01 22:07 - 00002321 _____ C:\Users\User\Desktop\Google Chrome.lnk
2013-09-16 14:13 - 2013-09-16 14:13 - 00000000 _____ C:\Users\User\Desktop\Nowy dokument tekstowy (2).txt
2013-09-12 21:37 - 2009-07-14 06:45 - 00276200 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 21:35 - 2010-03-04 13:36 - 00282682 _____ C:\Windows\PFRO.log
2013-09-12 21:20 - 2013-08-14 23:52 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 21:19 - 2010-07-31 07:43 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 21:16 - 2010-12-17 19:18 - 00000000 ____D C:\Program Files\Przyspiesz Komputer
2013-09-12 21:16 - 2010-07-23 13:35 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-12 17:35 - 2013-09-12 16:53 - 598340473 _____ C:\Users\User\Downloads\Postal 2 PL.EXE
2013-09-12 16:37 - 2013-09-12 16:37 - 00000050 _____ C:\Users\User\Desktop\Nowy dokument tekstowy.txt
2013-09-12 09:05 - 2010-02-23 22:47 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 09:05 - 2010-02-23 22:47 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-11 19:25 - 2013-09-11 19:25 - 00000978 _____ C:\Users\User\Desktop\PuranDefragGUI.lnk
2013-09-11 19:22 - 2013-09-11 19:22 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Avira
2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\ProgramData\APN
2013-09-11 19:20 - 2013-09-11 19:20 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-11 19:20 - 2013-09-11 19:20 - 00000000 ____D C:\ProgramData\Avira
2013-09-11 19:20 - 2013-09-11 19:20 - 00000000 ____D C:\Program Files (x86)\Avira
2013-09-11 19:19 - 2013-09-11 19:20 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-11 19:19 - 2013-09-11 19:20 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-11 19:19 - 2013-09-11 19:20 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-11 19:07 - 2013-09-11 19:07 - 02092792 _____ C:\Users\User\Downloads\avira_free_antivirus.exe
2013-09-11 19:00 - 2012-01-26 20:00 - 00000396 _____ C:\Windows\SysWOW64\AppLog.log
2013-09-11 18:59 - 2010-07-23 13:30 - 00000000 ____D C:\Program Files\VDownloader
2013-09-11 18:57 - 2013-09-11 18:57 - 07912440 _____ (Adobe Systems Inc.) C:\Users\User\Downloads\Shockwave_Installer_Slim.exe
2013-09-11 18:57 - 2010-07-19 18:24 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-09-11 18:55 - 2013-09-11 18:55 - 00000000 ____D C:\ProgramData\Oracle
2013-09-11 18:54 - 2013-09-11 18:54 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-11 18:54 - 2013-09-11 18:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-11 18:54 - 2013-09-11 18:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-11 18:54 - 2013-09-11 18:54 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-11 18:54 - 2013-09-11 18:54 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-11 18:54 - 2012-05-24 20:48 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-11 18:54 - 2011-01-28 23:48 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-11 18:51 - 2013-09-11 18:51 - 00913832 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u40.exe
2013-09-11 18:44 - 2013-09-11 18:44 - 00000000 ____D C:\FRST
2013-09-11 18:30 - 2013-09-11 18:29 - 10702672 _____ (Puran Software                                              ) C:\Users\User\Downloads\PuranUtilitiesSetup.exe
2013-09-11 18:21 - 2013-09-11 18:21 - 00000214 _____ C:\Users\User\defogger_reenable
2013-09-11 18:20 - 2013-09-11 18:20 - 00602112 _____ (OldTimer Tools) C:\Users\User\Desktop\OTL.exe
2013-09-11 18:20 - 2013-09-11 18:19 - 01949408 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2013-09-11 18:05 - 2013-09-11 18:05 - 00050477 _____ C:\Users\User\Desktop\Defogger.exe
2013-09-11 17:49 - 2013-09-11 17:49 - 00003003 _____ C:\Users\User\photorec.cfg
2013-09-11 17:47 - 2013-09-11 17:47 - 00000000 ____D C:\Users\User\Downloads\testdisk-6.14.win
2013-09-11 17:23 - 2010-11-21 20:16 - 00000000 ____D C:\Program Files (x86)\Graboid
2013-09-11 17:18 - 2010-09-05 14:01 - 00000000 ____D C:\ProgramData\Symantec
2013-09-11 17:18 - 2010-09-05 14:01 - 00000000 ____D C:\ProgramData\Norton
2013-09-10 19:01 - 2012-03-29 20:04 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-10 19:01 - 2012-03-29 20:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-10 19:01 - 2011-12-30 23:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-10 19:00 - 2013-09-10 19:00 - 09430408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-09-09 09:51 - 2013-09-09 09:31 - 00002432 _____ C:\Users\User\AppData\Local\Tempuk2112.html
2013-09-07 16:10 - 2010-07-19 16:00 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2013-09-02 09:10 - 2010-12-20 15:16 - 00000000 ____D C:\Users\User\Documents\My Games
2013-08-30 16:18 - 2010-03-03 18:24 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-30 16:14 - 2013-08-30 16:14 - 00000000 ____D C:\Users\User\Documents\Alcohol 52%
2013-08-30 15:03 - 2010-07-19 16:01 - 00000000 ____D C:\Program Files\uTorrent
2013-08-30 15:01 - 2013-08-30 15:01 - 01130576 _____ (BitTorrent Inc.) C:\Users\User\Downloads\utorrent.exe
2013-08-30 11:02 - 2013-08-30 09:40 - 00000000 ____D C:\Users\User\Desktop\Heroes of Might & Magic V - Dzikie Hordy
2013-08-29 21:35 - 2010-04-11 11:02 - 00000000 ____D C:\Users\User\Documents\FIFA 09
2013-08-29 07:21 - 2012-02-19 20:05 - 00000000 ____D C:\Users\User\AppData\Local\CoI
2013-08-28 17:44 - 2010-03-03 18:01 - 00504540 _____ C:\Windows\DirectX.log
2013-08-28 14:25 - 2011-01-12 20:01 - 00000000 ____D C:\Users\User\Desktop\wojenno strategiczne
2013-08-28 14:16 - 2013-02-12 17:26 - 00000000 ____D C:\Users\User\AppData\Local\Warframe
2013-08-28 10:02 - 2013-08-28 09:33 - 00000000 ____D C:\Users\User\AppData\Roaming\Origin
2013-08-28 10:02 - 2011-11-20 12:29 - 00000000 ____D C:\ProgramData\Origin
2013-08-27 14:32 - 2013-04-02 20:09 - 00000000 ____D C:\Users\User\Downloads\kam_remake_server_r4186
2013-08-26 18:37 - 2010-07-26 15:16 - 00000000 ____D C:\Users\User\Downloads\pbsetup
2013-08-26 18:36 - 2010-12-14 23:15 - 00000000 ____D C:\Users\User\Downloads\CoD4MW-1.6-1.7-PatchSetup.exe
2013-08-26 18:33 - 2012-06-16 01:51 - 00000000 ____D C:\Users\User\Downloads\Manager
2013-08-26 13:57 - 2013-08-26 13:57 - 00000000 ____D C:\Users\User\Documents\Paradox Interactive
2013-08-26 13:54 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-08-26 13:53 - 2013-08-26 13:53 - 00000000 ____D C:\8ee20b058dc89cae709aed3829ee3d
2013-08-26 13:51 - 2013-08-26 13:51 - 00001210 _____ C:\Users\Public\Desktop\Europa Universalis IV.lnk
2013-08-26 13:51 - 2013-08-26 13:48 - 00000000 ____D C:\Program Files (x86)\Europa Universalis IV
2013-08-26 12:02 - 2013-08-26 12:02 - 00000000 ____D C:\Users\User\AppData\Roaming\DownLite

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\arctic-loop.exe
C:\Users\User\AppData\Local\Temp\AskSLib.dll
C:\Users\User\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\User\AppData\Local\Temp\gg10.upgr.exe
C:\Users\User\AppData\Local\Temp\hamachi-update-2.1.0.294.exe
C:\Users\User\AppData\Local\Temp\htmlayout.dll
C:\Users\User\AppData\Local\Temp\install_flashplayer11x32au_mssa_aih.exe
C:\Users\User\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\rootsupd.exe
C:\Users\User\AppData\Local\Temp\setup.exe
C:\Users\User\AppData\Local\Temp\Shortcut_Shortcut_SweetIMSetup (2).exe
C:\Users\User\AppData\Local\Temp\Shortcut_SweetIMSetup (2).exe
C:\Users\User\AppData\Local\Temp\Shortcut_SweetIMSetup.exe
C:\Users\User\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\User\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\User\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\User\AppData\Local\Temp\tbDow0.dll
C:\Users\User\AppData\Local\Temp\tbPHP0.dll
C:\Users\User\AppData\Local\Temp\tbXfir.dll
C:\Users\User\AppData\Local\Temp\tmp9E12.exe
C:\Users\User\AppData\Local\Temp\uninstall14444694.exe
C:\Users\User\AppData\Local\Temp\uninstall14444756.exe
C:\Users\User\AppData\Local\Temp\uninstall14444818.exe
C:\Users\User\AppData\Local\Temp\uninstall14444834.exe
C:\Users\User\AppData\Local\Temp\uninstall14444959.exe
C:\Users\User\AppData\Local\Temp\update1548575.exe
C:\Users\User\AppData\Local\Temp\update166016.exe
C:\Users\User\AppData\Local\Temp\update68656.exe
C:\Users\User\AppData\Local\Temp\utt2F20.tmp.exe
C:\Users\User\AppData\Local\Temp\_is93D6.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-12-05 14:10

==================== End Of Log ============================