Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by dut (administrator) on DUT-KOMPUTER on 06-04-2014 16:57:18
Running from C:\Users\dut\Downloads\Programs
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [6325936 2012-11-26] (ESET)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
SearchScopes: HKCU - DefaultScope {E7F1BB3F-1CDF-4621-89DC-89F3F564A18C} URL = http://www.google.com/search?hl=pl&q={searchTerms}
SearchScopes: HKCU - {E7F1BB3F-1CDF-4621-89DC-89F3F564A18C} URL = http://www.google.com/search?hl=pl&q={searchTerms}
SearchScopes: HKCU - {F92A9602-F47A-44C5-B51F-C261DA10F4A0} URL = http://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1329304 2012-11-26] (ESET)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 AtcL001; C:\Windows\System32\DRIVERS\l160x64.sys [56832 2007-12-17] (Atheros Communications, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [211344 2012-10-08] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [149592 2012-10-08] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [189208 2012-10-08] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2012-10-08] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [57904 2012-11-28] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-22 10:48 - 2014-03-22 10:48 - 00291608 _____ () C:\Windows\Minidump\032214-32385-01.dmp
2014-03-19 16:33 - 2014-03-22 10:48 - 00000000 ____D () C:\Windows\Minidump
2014-03-19 16:33 - 2014-03-22 10:47 - 692468698 _____ () C:\Windows\MEMORY.DMP
2014-03-19 16:33 - 2014-03-19 16:34 - 00472088 _____ () C:\Windows\Minidump\031914-39593-01.dmp
2014-03-19 14:01 - 2014-04-06 16:57 - 00000000 ____D () C:\FRST
2014-03-19 11:13 - 2014-03-19 11:13 - 00020966 _____ () C:\ComboFix.txt
2014-03-19 10:57 - 2014-03-19 11:11 - 00000000 ____D () C:\Windows\erdnt
2014-03-15 14:08 - 2014-03-15 14:08 - 00001641 _____ () C:\Users\dut\Desktop\LEGOEMMET — skrót.lnk
2014-03-15 14:08 - 2014-03-15 14:08 - 00000000 ____D () C:\Users\dut\AppData\Roaming\ttales
2014-03-15 14:08 - 2014-03-15 14:08 - 00000000 ____D () C:\ProgramData\Steam
2014-03-15 13:53 - 2014-03-18 09:27 - 00000000 ____D () C:\Program Files (x86)\The LEGO Movie - Videogame

==================== One Month Modified Files and Folders =======

2014-04-06 16:57 - 2014-03-19 14:01 - 00000000 ____D () C:\FRST
2014-04-06 16:46 - 2009-07-14 19:55 - 00740422 _____ () C:\Windows\system32\perfh015.dat
2014-04-06 16:46 - 2009-07-14 19:55 - 00155996 _____ () C:\Windows\system32\perfc015.dat
2014-04-06 16:46 - 2009-07-14 07:13 - 01670518 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-06 16:41 - 2013-10-14 14:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-06 16:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-06 16:41 - 2009-07-14 06:51 - 00225500 _____ () C:\Windows\setupact.log
2014-04-06 16:40 - 2013-10-07 12:08 - 00000000 ____D () C:\Users\dut\AppData\Roaming\DMCache
2014-04-06 16:40 - 2013-10-07 10:01 - 00000000 ___RD () C:\Users\dut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-06 16:40 - 2013-10-07 09:57 - 01098585 _____ () C:\Windows\WindowsUpdate.log
2014-04-04 08:28 - 2013-11-26 09:55 - 00000000 ____D () C:\Users\dut\Downloads\Compressed
2014-03-31 12:39 - 2009-07-14 06:45 - 00010128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-31 12:39 - 2009-07-14 06:45 - 00010128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-30 20:25 - 2013-12-11 20:45 - 00000000 ___RD () C:\Users\dut\Desktop\aga
2014-03-29 09:22 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-24 14:51 - 2013-10-07 12:08 - 00000000 ____D () C:\Users\dut\Downloads\Video
2014-03-23 20:36 - 2013-10-26 19:01 - 00000000 ____D () C:\Users\dut\AppData\Roaming\Skype
2014-03-22 10:48 - 2014-03-22 10:48 - 00291608 _____ () C:\Windows\Minidump\032214-32385-01.dmp
2014-03-22 10:48 - 2014-03-19 16:33 - 00000000 ____D () C:\Windows\Minidump
2014-03-22 10:47 - 2014-03-19 16:33 - 692468698 _____ () C:\Windows\MEMORY.DMP
2014-03-19 16:34 - 2014-03-19 16:33 - 00472088 _____ () C:\Windows\Minidump\031914-39593-01.dmp
2014-03-19 11:22 - 2013-10-07 12:59 - 00223982 _____ () C:\Windows\PFRO.log
2014-03-19 11:13 - 2014-03-19 11:13 - 00020966 _____ () C:\ComboFix.txt
2014-03-19 11:13 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-03-19 11:11 - 2014-03-19 10:57 - 00000000 ____D () C:\Windows\erdnt
2014-03-19 11:09 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-18 10:51 - 2013-10-07 10:00 - 00000000 ____D () C:\Recovery
2014-03-18 10:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-03-18 09:27 - 2014-03-15 13:53 - 00000000 ____D () C:\Program Files (x86)\The LEGO Movie - Videogame
2014-03-18 09:27 - 2014-02-28 21:03 - 00000000 ____D () C:\Program Files (x86)\e-Deklaracje
2014-03-18 09:27 - 2014-02-28 18:14 - 00000000 ____D () C:\Program Files (x86)\Kunos Simulazioni
2014-03-18 09:27 - 2013-10-09 15:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-18 09:22 - 2014-02-28 18:21 - 00000000 ____D () C:\Users\dut\Documents\Assetto Corsa
2014-03-18 09:22 - 2014-02-28 17:38 - 00000000 ____D () C:\Users\dut\Desktop\Nowy folder (3)
2014-03-18 09:22 - 2014-02-24 12:39 - 00000000 ____D () C:\Users\dut\Desktop\aparat
2014-03-18 09:22 - 2014-02-22 18:44 - 00000000 ____D () C:\Users\dut\AppData\Roaming\Patcher
2014-03-18 09:22 - 2014-02-22 11:55 - 00000000 ____D () C:\Windows\WindowsMobile
2014-03-18 09:22 - 2013-10-07 10:00 - 00000000 ____D () C:\Users\dut
2014-03-15 14:08 - 2014-03-15 14:08 - 00001641 _____ () C:\Users\dut\Desktop\LEGOEMMET — skrót.lnk
2014-03-15 14:08 - 2014-03-15 14:08 - 00000000 ____D () C:\Users\dut\AppData\Roaming\ttales
2014-03-15 14:08 - 2014-03-15 14:08 - 00000000 ____D () C:\ProgramData\Steam

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-20 11:47

==================== End Of Log ============================