Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by p (administrator) on P-KOMPUTER on 07-04-2014 19:58:23
Running from C:\Users\p\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Hi-Rez Studios) D:\Smite\HiPatchService.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\PCDApp\dgen.exe
() C:\Program Files (x86)\Tor\tor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-13] (AVAST Software)
HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-06-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKU\S-1-5-21-2112952637-360388262-2101993964-1000\...\Run: [Steam] - D:\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-2112952637-360388262-2101993964-1000\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-07] ()
HKU\S-1-5-21-2112952637-360388262-2101993964-1000\...\Run: [uTorrent] - C:\Users\p\AppData\Roaming\uTorrent\uTorrent.exe [1051984 2013-03-09] (BitTorrent Inc.)
HKU\S-1-5-21-2112952637-360388262-2101993964-1000\...\Run: [ESL Wire] - C:\Program Files\EslWire\wire.exe [3620352 2014-04-02] (Turtle Entertainment GmbH)
HKU\S-1-5-21-2112952637-360388262-2101993964-1000\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1277688 2013-08-21] (Bogdan Sharkov)
HKU\S-1-5-21-2112952637-360388262-2101993964-1000\...\Run: [RGSC] - D:\Gta\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKU\S-1-5-21-2112952637-360388262-2101993964-1000\...\Run: [LightShot] - C:\Users\p\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226592 2014-03-06] ()
HKU\S-1-5-21-2112952637-360388262-2101993964-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2112952637-360388262-2101993964-1000\...\MountPoints2: {3dddaec5-786f-11e3-8e41-8c89a5ff9703} - H:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-2112952637-360388262-2101993964-1000\...\MountPoints2: {e4a54f32-b33d-11e2-9a27-8c89a5ff9703} - G:\Setup.exe
HKU\S-1-5-21-2112952637-360388262-2101993964-1000\...\MountPoints2: {e9adf9d3-fe6c-11e2-b65b-8c89a5ff9703} - F:\autorun.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
AppInit_DLLs-x32: c:\progra~3\bitguard\271769~1.27\{c16c1~1\bitguard.dll => "c:\progra~3\bitguard\271769~1.27\{c16c1~1\bitguard.dll" File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.searchgol.com/?affID=119816&babsrc=HP_ss_Btisdt7&mntrId=76358C89A5FF9703
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=76358C89A5FF9703&affID=119357&tsp=4961
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP&q={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: flash-Enhancer - {5A60B6BB-FA81-4EFA-AB9C-A820E2143736} - C:\Program Files (x86)\AmiExt\flashEnhancer\ie\flashEnhancer.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Surftastic - {7964af97-b3d4-4b63-b2d2-185a180f2b28} - C:\Program Files (x86)\Surftastic\Surftasticbho.dll (Surftastic)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocnik logowania za pomocą konta Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\p\AppData\Roaming\Mozilla\Firefox\Profiles\cbn2u8im.default-1396261637946
FF NewTab: hxxp://istart.webssearches.com/newtab/?type=nt&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP
FF Homepage: hxxp://istart.webssearches.com/?type=hp&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll ( )
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\p\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: MEGA - C:\Users\p\AppData\Roaming\Mozilla\Firefox\Profiles\cbn2u8im.default-1396261637946\Extensions\firefox@mega.co.nz.xpi [2014-04-07]
FF Extension: Adblock Plus - C:\Users\p\AppData\Roaming\Mozilla\Firefox\Profiles\cbn2u8im.default-1396261637946\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-13]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\p\AppData\Roaming\Mozilla\Firefox\Profiles\cbn2u8im.default-1396261637946\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [ext@flashenhancer.com] - C:\Program Files (x86)\AmiExt\flashEnhancer\ff
FF Extension: No Name - C:\Program Files (x86)\AmiExt\flashEnhancer\ff [2014-04-07]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://istart.webssearches.com/?type=sc&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchKeyword: webssearches
CHR DefaultSearchProvider: webssearches
CHR DefaultSearchURL: http://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Unity Player) - C:\Users\p\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Dokumenty Google) - C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-17]
CHR Extension: (Dysk Google) - C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-17]
CHR Extension: (YouTube) - C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-17]
CHR Extension: (Szukaj w Google) - C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-17]
CHR Extension: (Delta Toolbar) - C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-06-01]
CHR Extension: (avast! Online Security) - C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-13]
CHR Extension: (PutLockerDownloader V3.0) - C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Extensions\koalekbhpbggkcfhkkbolikjoaobbppi [2013-06-01]
CHR Extension: (Helper extension) - C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchpfiddbhbdnagofhkjlaiaejmkdcla [2013-06-18]
CHR Extension: (Google Wallet) - C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07]
CHR Extension: (Quick Start) - C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-04-07]
CHR Extension: (Gmail) - C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-17]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\p\AppData\Roaming\BabSolution\CR\delta2.crx [2013-04-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-13]
CHR HKLM-x32\...\Chrome\Extension: [koalekbhpbggkcfhkkbolikjoaobbppi] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx [2013-11-13]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-04-07]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?type=sc&ts=1396871278&from=amt&uid=ST3750525AS_5VP5MYCPXXXX5VP5MYCP

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-05-04] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-13] (AVAST Software)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
R2 HiPatchService; D:\Smite\HiPatchService.exe [9216 2013-08-13] (Hi-Rez Studios)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [688240 2014-03-31] (Cherished Technololgy LIMITED)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-05-29] ()
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [96972 2014-04-05] ()
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-14] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-04-07] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-13] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-13] ()
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-08] (HandSet Incorporated)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-07 19:58 - 2014-04-07 19:58 - 00027897 _____ () C:\Users\p\Downloads\FRST.txt
2014-04-07 19:57 - 2014-04-07 19:58 - 00000000 ____D () C:\FRST
2014-04-07 19:57 - 2014-04-07 19:57 - 00380416 _____ () C:\Users\p\Downloads\s35ekt4z.exe
2014-04-07 19:56 - 2014-04-07 19:56 - 02157056 _____ (Farbar) C:\Users\p\Downloads\FRST64.exe
2014-04-07 19:54 - 2014-04-07 19:55 - 01145856 _____ (Farbar) C:\Users\p\Downloads\FRST.exe
2014-04-07 19:07 - 2014-04-07 19:07 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-07 17:19 - 2014-04-07 17:19 - 00380416 _____ () C:\Users\p\Downloads\5ejz7xjc.exe
2014-04-07 17:18 - 2014-04-07 17:18 - 00117202 _____ () C:\Users\p\Downloads\Extras.Txt
2014-04-07 17:17 - 2014-04-07 17:17 - 00109830 _____ () C:\Users\p\Downloads\OTL.Txt
2014-04-07 16:24 - 2014-04-07 19:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-07 16:24 - 2014-04-07 16:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-07 15:40 - 2014-04-07 19:01 - 00000000 ____D () C:\AdwCleaner
2014-04-07 15:16 - 2014-04-07 15:17 - 00898856 _____ () C:\Users\p\Downloads\script.zip
2014-04-07 14:53 - 2013-12-27 20:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-07 14:53 - 2013-12-27 20:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-07 14:46 - 2014-04-07 14:46 - 00001365 _____ () C:\Users\p\Desktop\GeForce Experience.lnk
2014-04-07 13:50 - 2014-04-07 13:50 - 00000000 ____D () C:\Program Files (x86)\Lightspark 0.5.3-git
2014-04-07 13:49 - 2014-04-07 19:02 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-07 13:49 - 2014-04-07 19:01 - 00000000 ____D () C:\Users\p\AppData\Roaming\SupTab
2014-04-07 13:49 - 2014-04-07 19:01 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-07 13:49 - 2014-04-07 19:01 - 00000000 ____D () C:\Program Files (x86)\AmiExt
2014-04-07 13:49 - 2014-04-07 13:49 - 00000000 ____D () C:\Program Files\PCDApp
2014-04-07 13:48 - 2014-04-07 19:02 - 00000000 ____D () C:\ProgramData\WPM
2014-04-07 13:47 - 2014-04-07 19:01 - 00000000 ____D () C:\Program Files (x86)\Surftastic
2014-04-07 13:44 - 2014-04-07 13:44 - 00351232 _____ () C:\Users\p\Downloads\Batios.pl.Klient.Gry.zip__4607_i538333467_il105.exe
2014-04-07 12:03 - 2014-04-07 19:43 - 00003018 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-04-03 15:00 - 2014-04-03 15:01 - 00018283 _____ () C:\Windows\DirectX.log
2014-03-31 12:27 - 2014-03-31 12:27 - 00000000 ____D () C:\Users\p\Desktop\Stare dane programu Firefox
2014-03-30 10:08 - 2014-03-30 10:08 - 00000885 _____ () C:\Users\Public\Desktop\PAYDAY 2.lnk
2014-03-30 08:36 - 2014-04-07 19:01 - 00000000 ____D () C:\Users\p\Desktop\Nowy folder (3)
2014-03-30 08:36 - 2014-03-30 08:36 - 00000000 ____D () C:\Users\p\Documents\PAYDAY 2 Saves
2014-03-30 01:03 - 2014-03-30 01:03 - 00000000 _____ () C:\Windows\SysWOW64\Access.dat
2014-03-30 01:01 - 2014-03-30 01:20 - 00000000 ____D () C:\Users\p\AppData\Roaming\Tunngle
2014-03-30 01:01 - 2014-03-30 01:04 - 00000000 ____D () C:\ProgramData\Tunngle
2014-03-30 01:01 - 2014-03-30 01:03 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-03-30 01:01 - 2014-03-30 01:01 - 00000991 _____ () C:\Users\Public\Desktop\Tunngle beta.lnk
2014-03-30 01:01 - 2014-03-30 01:01 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-03-30 01:01 - 2014-03-30 01:01 - 00000000 ____D () C:\Users\p\Documents\Tunngle
2014-03-30 01:01 - 2009-09-16 08:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2014-03-30 00:59 - 2014-03-30 00:59 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\p\Downloads\Tunngle_Setup_v4.5.1.4b_www.INSTALKI.pl.exe
2014-03-29 11:57 - 2014-03-29 11:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 00:33 - 2014-03-30 01:12 - 00000000 ____D () C:\Users\p\AppData\Local\PAYDAY 2
2014-03-29 00:33 - 2014-03-29 00:33 - 00000000 ____D () C:\Users\p\AppData\Local\Game Updater
2014-03-28 23:11 - 2014-03-28 23:11 - 00000000 ____D () C:\Users\p\AppData\Local\Setup Integrity Check
2014-03-28 17:53 - 2014-03-30 08:36 - 00000000 ____D () C:\Users\p\Downloads\PAYDAY.2.Multi-RU.Repack.by.z10yded
2014-03-27 19:26 - 2014-03-27 19:26 - 00000845 _____ () C:\Users\Public\Desktop\Elsword.lnk
2014-03-27 19:25 - 2014-03-27 19:25 - 01920192 _____ (Gameforge4D ) C:\Users\p\Downloads\Elsword_PL_3.0807.8.2.exe
2014-03-27 19:25 - 2014-03-27 19:25 - 00569645 _____ (Gameforge 4D ) C:\Users\p\Downloads\Downloader_Elsword_PL.exe
2014-03-27 16:13 - 2014-03-30 18:42 - 00006762 _____ () C:\Windows\PFRO.log
2014-03-26 20:27 - 2014-03-26 20:27 - 03822704 _____ () C:\Users\p\Downloads\battlelog-web-plugins_2.3.2_133.exe
2014-03-19 22:11 - 2014-03-19 22:11 - 00000000 ____D () C:\Users\p\AppData\Local\Skype
2014-03-19 22:10 - 2014-03-19 22:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 19:04 - 2014-04-04 13:22 - 00000779 _____ () C:\Users\Public\Desktop\ESL Wire.lnk
2014-03-16 09:34 - 2014-04-07 19:42 - 00006207 _____ () C:\Windows\setupact.log
2014-03-16 09:34 - 2014-03-16 09:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-12 16:23 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 16:23 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 16:23 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 16:23 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 16:23 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 16:23 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 16:23 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 16:23 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 16:23 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 16:23 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 16:23 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 16:23 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 16:23 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 16:23 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 16:23 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 16:23 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 16:23 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 16:23 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 16:23 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 16:23 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 16:23 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 16:23 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 16:23 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 16:23 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 16:23 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 16:23 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 16:23 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 16:23 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 16:23 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 16:23 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 16:23 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 16:23 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 16:23 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 16:23 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 16:23 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 16:23 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 16:23 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 16:23 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 16:23 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 16:23 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 16:23 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 16:23 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 16:23 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 16:23 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 16:22 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 16:22 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 16:22 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 16:22 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-10 20:18 - 2014-03-10 20:18 - 00267000 _____ () C:\Users\p\Downloads\NS2014129079582.zip
2014-03-08 23:32 - 2014-03-08 23:32 - 00000808 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-03-08 23:32 - 2014-03-08 23:32 - 00000000 ____D () C:\Users\p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-03-08 23:32 - 2014-03-08 23:32 - 00000000 ____D () C:\Users\p\AppData\Local\WarThunder
2014-03-08 23:32 - 2014-03-08 23:32 - 00000000 ____D () C:\ProgramData\WarThunder
2014-03-08 23:31 - 2014-03-08 23:31 - 04083168 _____ (Gaijin Entertainment ) C:\Users\p\Downloads\wt_launcher_1.0.1.330.exe

==================== One Month Modified Files and Folders =======

2014-04-07 19:59 - 2013-02-07 15:46 - 00000000 ____D () C:\Users\p\AppData\Local\PMB Files
2014-04-07 19:58 - 2014-04-07 19:58 - 00027897 _____ () C:\Users\p\Downloads\FRST.txt
2014-04-07 19:58 - 2014-04-07 19:57 - 00000000 ____D () C:\FRST
2014-04-07 19:58 - 2013-04-17 15:45 - 00001038 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-07 19:57 - 2014-04-07 19:57 - 00380416 _____ () C:\Users\p\Downloads\s35ekt4z.exe
2014-04-07 19:56 - 2014-04-07 19:56 - 02157056 _____ (Farbar) C:\Users\p\Downloads\FRST64.exe
2014-04-07 19:55 - 2014-04-07 19:54 - 01145856 _____ (Farbar) C:\Users\p\Downloads\FRST.exe
2014-04-07 19:52 - 2013-05-09 21:54 - 00000000 ____D () C:\Users\p\AppData\Local\ESL Wire Game Client
2014-04-07 19:52 - 2013-03-09 16:15 - 00000000 ____D () C:\Users\p\AppData\Roaming\uTorrent
2014-04-07 19:50 - 2009-07-14 06:45 - 00028528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-07 19:50 - 2009-07-14 06:45 - 00028528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-07 19:46 - 2013-02-05 20:57 - 01491219 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 19:45 - 2013-02-07 22:30 - 00000000 ____D () C:\Users\p\AppData\Local\LogMeIn Hamachi
2014-04-07 19:43 - 2014-04-07 12:03 - 00003018 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-04-07 19:43 - 2013-02-28 20:29 - 00000000 ____D () C:\Users\p\AppData\Roaming\Skype
2014-04-07 19:42 - 2014-03-16 09:34 - 00006207 _____ () C:\Windows\setupact.log
2014-04-07 19:42 - 2013-04-17 15:45 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-07 19:41 - 2013-02-05 21:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-07 19:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-07 19:07 - 2014-04-07 19:07 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-07 19:07 - 2013-11-13 14:40 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-07 19:06 - 2013-02-07 23:08 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-07 19:03 - 2013-02-05 20:57 - 00000000 ____D () C:\Users\p
2014-04-07 19:02 - 2014-04-07 13:49 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-07 19:02 - 2014-04-07 13:48 - 00000000 ____D () C:\ProgramData\WPM
2014-04-07 19:01 - 2014-04-07 16:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-07 19:01 - 2014-04-07 15:40 - 00000000 ____D () C:\AdwCleaner
2014-04-07 19:01 - 2014-04-07 13:49 - 00000000 ____D () C:\Users\p\AppData\Roaming\SupTab
2014-04-07 19:01 - 2014-04-07 13:49 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-07 19:01 - 2014-04-07 13:49 - 00000000 ____D () C:\Program Files (x86)\AmiExt
2014-04-07 19:01 - 2014-04-07 13:47 - 00000000 ____D () C:\Program Files (x86)\Surftastic
2014-04-07 19:01 - 2014-03-30 08:36 - 00000000 ____D () C:\Users\p\Desktop\Nowy folder (3)
2014-04-07 19:01 - 2014-02-07 10:58 - 00000000 ____D () C:\Users\p\Documents\FIFA 14
2014-04-07 19:01 - 2014-01-25 21:33 - 00000000 ____D () C:\Users\p\Desktop\Nowy folder (2)
2014-04-07 19:01 - 2013-10-29 16:18 - 00000000 ____D () C:\Users\p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2014-04-07 19:01 - 2013-06-18 19:06 - 00000000 ____D () C:\Users\p\AppData\Roaming\File Scout
2014-04-07 19:01 - 2013-05-24 19:30 - 00000000 ____D () C:\Users\p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com
2014-04-07 19:01 - 2013-05-24 19:30 - 00000000 ____D () C:\Users\p\AppData\Local\PutLockerDownloader
2014-04-07 19:01 - 2013-05-24 19:30 - 00000000 ____D () C:\Program Files (x86)\PutLockerDownloader.com
2014-04-07 19:01 - 2013-05-09 21:54 - 00000000 ____D () C:\Program Files\EslWire
2014-04-07 19:01 - 2013-05-02 18:02 - 00000000 ____D () C:\Users\p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2014-04-07 19:01 - 2013-05-02 18:02 - 00000000 ____D () C:\Users\p\AppData\Roaming\Delta
2014-04-07 19:01 - 2013-05-02 18:02 - 00000000 ____D () C:\Users\p\AppData\Roaming\DealPly
2014-04-07 19:01 - 2013-05-02 18:02 - 00000000 ____D () C:\Users\p\AppData\Roaming\BabSolution
2014-04-07 19:01 - 2013-05-02 18:02 - 00000000 ____D () C:\Program Files (x86)\Delta
2014-04-07 19:01 - 2013-05-02 18:02 - 00000000 ____D () C:\Program Files (x86)\DealPly
2014-04-07 19:01 - 2013-04-30 20:30 - 00000000 ____D () C:\Users\p\AppData\Local\Lollipop
2014-04-07 19:01 - 2013-02-24 12:34 - 00000000 ____D () C:\Users\p\AppData\Roaming\eDownload
2014-04-07 19:01 - 2013-02-07 17:54 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-04-07 19:01 - 2013-02-05 21:08 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-07 19:01 - 2010-11-21 15:03 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-04-07 19:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-07 19:00 - 2014-01-21 21:22 - 00000000 __RHD () C:\MSOCache
2014-04-07 19:00 - 2013-02-05 21:10 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-07 17:19 - 2014-04-07 17:19 - 00380416 _____ () C:\Users\p\Downloads\5ejz7xjc.exe
2014-04-07 17:18 - 2014-04-07 17:18 - 00117202 _____ () C:\Users\p\Downloads\Extras.Txt
2014-04-07 17:17 - 2014-04-07 17:17 - 00109830 _____ () C:\Users\p\Downloads\OTL.Txt
2014-04-07 16:24 - 2014-04-07 16:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-07 15:47 - 2013-11-24 23:07 - 00312320 ___SH () C:\Users\p\Desktop\Thumbs.db
2014-04-07 15:18 - 2013-02-07 15:05 - 00000000 ____D () C:\Users\p\AppData\Roaming\TS3Client
2014-04-07 15:17 - 2014-04-07 15:16 - 00898856 _____ () C:\Users\p\Downloads\script.zip
2014-04-07 14:46 - 2014-04-07 14:46 - 00001365 _____ () C:\Users\p\Desktop\GeForce Experience.lnk
2014-04-07 13:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-04-07 13:50 - 2014-04-07 13:50 - 00000000 ____D () C:\Program Files (x86)\Lightspark 0.5.3-git
2014-04-07 13:49 - 2014-04-07 13:49 - 00000000 ____D () C:\Program Files\PCDApp
2014-04-07 13:48 - 2013-02-05 20:58 - 00001633 _____ () C:\Users\p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-07 13:44 - 2014-04-07 13:44 - 00351232 _____ () C:\Users\p\Downloads\Batios.pl.Klient.Gry.zip__4607_i538333467_il105.exe
2014-04-07 13:33 - 2013-10-20 12:06 - 00000380 _____ () C:\Windows\Tasks\update-sys.job
2014-04-07 13:29 - 2013-02-07 15:46 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-07 13:02 - 2013-12-20 14:03 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-07 12:12 - 2013-10-20 12:06 - 00000380 _____ () C:\Windows\Tasks\update-S-1-5-21-2112952637-360388262-2101993964-1000.job
2014-04-07 12:12 - 2013-02-24 12:12 - 00000000 ____D () C:\Users\p\AppData\Local\Adobe
2014-04-06 21:22 - 2013-02-27 18:01 - 00000000 ____D () C:\ProgramData\Origin
2014-04-05 13:12 - 2013-05-11 22:56 - 00000444 ____H () C:\Windows\Tasks\Norton Security Scan for p.job
2014-04-04 13:22 - 2014-03-18 19:04 - 00000779 _____ () C:\Users\Public\Desktop\ESL Wire.lnk
2014-04-03 20:50 - 2010-11-21 14:53 - 00740422 _____ () C:\Windows\system32\perfh015.dat
2014-04-03 20:50 - 2010-11-21 14:53 - 00155996 _____ () C:\Windows\system32\perfc015.dat
2014-04-03 20:50 - 2009-07-14 07:13 - 01670518 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 15:01 - 2014-04-03 15:00 - 00018283 _____ () C:\Windows\DirectX.log
2014-03-31 18:02 - 2013-12-18 19:02 - 00000096 _____ () C:\Users\p\AppData\Roaming\WB.CFG
2014-03-31 12:27 - 2014-03-31 12:27 - 00000000 ____D () C:\Users\p\Desktop\Stare dane programu Firefox
2014-03-30 18:42 - 2014-03-27 16:13 - 00006762 _____ () C:\Windows\PFRO.log
2014-03-30 10:08 - 2014-03-30 10:08 - 00000885 _____ () C:\Users\Public\Desktop\PAYDAY 2.lnk
2014-03-30 09:53 - 2013-04-17 15:45 - 00004034 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 09:52 - 2013-04-17 15:45 - 00003782 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-30 08:38 - 2009-07-14 06:45 - 04956896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-30 08:36 - 2014-03-30 08:36 - 00000000 ____D () C:\Users\p\Documents\PAYDAY 2 Saves
2014-03-30 08:36 - 2014-03-28 17:53 - 00000000 ____D () C:\Users\p\Downloads\PAYDAY.2.Multi-RU.Repack.by.z10yded
2014-03-30 08:33 - 2013-02-05 21:18 - 00064224 _____ () C:\Users\p\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-30 08:32 - 2013-02-07 14:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-30 01:20 - 2014-03-30 01:01 - 00000000 ____D () C:\Users\p\AppData\Roaming\Tunngle
2014-03-30 01:12 - 2014-03-29 00:33 - 00000000 ____D () C:\Users\p\AppData\Local\PAYDAY 2
2014-03-30 01:09 - 2013-11-23 18:23 - 00000000 ____D () C:\Users\p\Downloads\Nowy folder
2014-03-30 01:04 - 2014-03-30 01:01 - 00000000 ____D () C:\ProgramData\Tunngle
2014-03-30 01:03 - 2014-03-30 01:03 - 00000000 _____ () C:\Windows\SysWOW64\Access.dat
2014-03-30 01:03 - 2014-03-30 01:01 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-03-30 01:01 - 2014-03-30 01:01 - 00000991 _____ () C:\Users\Public\Desktop\Tunngle beta.lnk
2014-03-30 01:01 - 2014-03-30 01:01 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-03-30 01:01 - 2014-03-30 01:01 - 00000000 ____D () C:\Users\p\Documents\Tunngle
2014-03-30 00:59 - 2014-03-30 00:59 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\p\Downloads\Tunngle_Setup_v4.5.1.4b_www.INSTALKI.pl.exe
2014-03-29 11:57 - 2014-03-29 11:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 10:56 - 2013-02-24 20:42 - 00000000 ____D () C:\Users\p\AppData\Roaming\GG
2014-03-29 00:33 - 2014-03-29 00:33 - 00000000 ____D () C:\Users\p\AppData\Local\Game Updater
2014-03-28 23:11 - 2014-03-28 23:11 - 00000000 ____D () C:\Users\p\AppData\Local\Setup Integrity Check
2014-03-28 16:20 - 2013-02-24 20:42 - 00000000 ____D () C:\Users\p\AppData\Local\GG
2014-03-27 19:26 - 2014-03-27 19:26 - 00000845 _____ () C:\Users\Public\Desktop\Elsword.lnk
2014-03-27 19:25 - 2014-03-27 19:25 - 01920192 _____ (Gameforge4D ) C:\Users\p\Downloads\Elsword_PL_3.0807.8.2.exe
2014-03-27 19:25 - 2014-03-27 19:25 - 00569645 _____ (Gameforge 4D ) C:\Users\p\Downloads\Downloader_Elsword_PL.exe
2014-03-26 20:34 - 2013-03-02 00:18 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-03-26 20:34 - 2013-02-07 18:33 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-03-26 20:33 - 2013-02-07 18:33 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-03-26 20:27 - 2014-03-26 20:27 - 03822704 _____ () C:\Users\p\Downloads\battlelog-web-plugins_2.3.2_133.exe
2014-03-26 20:27 - 2013-03-02 00:16 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-03-19 22:11 - 2014-03-19 22:11 - 00000000 ____D () C:\Users\p\AppData\Local\Skype
2014-03-19 22:11 - 2013-02-28 20:29 - 00000000 ____D () C:\ProgramData\Skype
2014-03-19 22:10 - 2014-03-19 22:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 23:49 - 2013-09-25 15:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 23:47 - 2013-02-24 08:40 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-16 09:34 - 2014-03-16 09:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-15 15:06 - 2013-08-12 11:38 - 00000000 ____D () C:\Instalki
2014-03-15 14:11 - 2013-11-24 10:28 - 00000000 ____D () C:\Users\p\Downloads\Splinter Cell Blacklist [REVENANTS]
2014-03-15 14:09 - 2013-05-02 18:01 - 00000000 ____D () C:\Users\p\AppData\Roaming\DAEMON Tools Lite
2014-03-12 19:34 - 2013-03-08 16:50 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 19:34 - 2013-03-08 16:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 18:22 - 2014-01-21 21:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 18:02 - 2013-12-20 14:03 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 18:02 - 2013-02-07 14:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 18:02 - 2013-02-07 14:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 16:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-03-10 20:18 - 2014-03-10 20:18 - 00267000 _____ () C:\Users\p\Downloads\NS2014129079582.zip
2014-03-09 21:27 - 2013-02-07 17:56 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-03-08 23:32 - 2014-03-08 23:32 - 00000808 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-03-08 23:32 - 2014-03-08 23:32 - 00000000 ____D () C:\Users\p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-03-08 23:32 - 2014-03-08 23:32 - 00000000 ____D () C:\Users\p\AppData\Local\WarThunder
2014-03-08 23:32 - 2014-03-08 23:32 - 00000000 ____D () C:\ProgramData\WarThunder
2014-03-08 23:32 - 2013-02-25 19:26 - 00000000 ____D () C:\Users\p\Documents\My Games
2014-03-08 23:31 - 2014-03-08 23:31 - 04083168 _____ (Gaijin Entertainment ) C:\Users\p\Downloads\wt_launcher_1.0.1.330.exe
2014-03-08 01:38 - 2013-10-20 12:06 - 00003246 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-2112952637-360388262-2101993964-1000
2014-03-08 01:38 - 2013-10-20 12:06 - 00000433 _____ () C:\Users\p\AppData\Local\UserProducts.xml
2014-03-08 01:38 - 2013-10-20 12:06 - 00000000 ____D () C:\Users\p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot

Some content of TEMP:
====================
C:\Users\p\AppData\Local\Temp\Batios.pl.Klient.Gry.zip__4607_i538333467_il105.exe
C:\Users\p\AppData\Local\Temp\EslWireSetup-1.17.3.7977-x64.exe
C:\Users\p\AppData\Local\Temp\EslWireSetup-1.17.3.8001-x64.exe
C:\Users\p\AppData\Local\Temp\ggdrive-menu.exe
C:\Users\p\AppData\Local\Temp\ggdrive-overlay.exe
C:\Users\p\AppData\Local\Temp\installstats.exe
C:\Users\p\AppData\Local\Temp\sonarinst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-01 09:38