Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 03 Ran by User (administrator) on USER-PC on 26-04-2014 16:23:05 Running from C:\Users\User\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe () C:\Windows\system32\PnkBstrA.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (ATI Technologies) C:\Users\User\AppData\Local\ATI Technologies\atiedxx.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Beepa P/L) D:\Program\Fraps\fraps.exe (Beepa P/L) D:\Program\Fraps\fraps64.dat (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Xfire Inc.) D:\Program\Xfire\Xfire.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKU\S-1-5-21-3098141968-229038557-363801865-1000\...\Run: [BitTorrent] => C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe [1303136 2014-01-18] (BitTorrent Inc.) HKU\S-1-5-21-3098141968-229038557-363801865-1000\...\Run: [AtiDriverStart] => C:\Users\User\AppData\Local\ATI Technologies\atidxx.exe [55296 2014-04-19] () HKU\S-1-5-21-3098141968-229038557-363801865-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\392817338.exe <===== ATTENTION Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk ShortcutTarget: Xfire.lnk -> D:\Program\Xfire\Xfire.exe (Xfire Inc.) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk ShortcutTarget: Xfire.lnk -> D:\Program\Xfire\Xfire.exe (Xfire Inc.) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk ShortcutTarget: Xfire.lnk -> D:\Program\Xfire\Xfire.exe (Xfire Inc.) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk ShortcutTarget: Xfire.lnk -> D:\Program\Xfire\Xfire.exe (Xfire Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.gazeta.pl/0,0.html?p=136 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\18svema1.default FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\18svema1.default\user.js FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF Chrome: ======= CHR Extension: (James White) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-04-24] CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-19] CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21] ==================== Services (Whitelisted) ================= R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [136704 2012-06-29] (MSI) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-04-05] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-03-17] () S3 TunngleService; D:\Program\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) ==================== Drivers (Whitelisted) ==================== S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2014-03-02] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-01-24] (DT Soft Ltd) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2014-03-01] () R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 MSICDSetup; \??\E:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] S3 XFDriver64; \??\D:\Program\Xfire2\XFDriver64.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-26 16:23 - 2014-04-26 16:23 - 00009545 _____ () C:\Users\User\Downloads\FRST.txt 2014-04-26 16:21 - 2014-04-26 16:23 - 00000000 ____D () C:\FRST 2014-04-26 16:21 - 2014-04-26 16:21 - 02061824 _____ (Farbar) C:\Users\User\Downloads\FRST64 (1).exe 2014-04-26 16:19 - 2014-04-26 16:19 - 00380416 _____ () C:\Users\User\Downloads\8f2u218c.exe 2014-04-26 16:17 - 2014-04-26 16:17 - 02061824 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2014-04-26 13:47 - 2014-04-26 13:47 - 00000141 _____ () C:\Users\User\Desktop\Wirus.url 2014-04-25 19:39 - 2014-04-25 19:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Unity 2014-04-25 19:23 - 2014-04-25 19:23 - 00000000 ____D () C:\Users\User\AppData\Local\Unity 2014-04-25 19:22 - 2014-04-25 19:22 - 01070496 _____ (Unity Technologies ApS) C:\Users\User\Downloads\UnityWebPlayer.exe 2014-04-25 19:22 - 2014-04-25 19:22 - 01070496 _____ (Unity Technologies ApS) C:\Users\User\Downloads\UnityWebPlayer(1).exe 2014-04-25 19:21 - 2014-04-25 19:21 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-25 15:46 - 2014-04-25 15:46 - 00091410 _____ () C:\Users\User\Downloads\bcfa43e9fd05a5623394d0bc92c2fd43.jpeg 2014-04-24 17:34 - 2014-04-24 17:34 - 00000000 ____D () C:\_OTL 2014-04-23 23:25 - 2014-04-24 17:41 - 00073248 _____ () C:\Users\User\Downloads\Extras.Txt 2014-04-23 23:24 - 2014-04-24 17:40 - 00066570 _____ () C:\Users\User\Downloads\OTL.Txt 2014-04-23 23:18 - 2014-04-23 23:18 - 00602112 _____ (OldTimer Tools) C:\Users\User\Downloads\OTL (2).exe 2014-04-23 21:10 - 2014-04-26 10:47 - 00000392 _____ () C:\Windows\setupact.log 2014-04-23 21:10 - 2014-04-23 21:10 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-22 23:07 - 2014-04-22 23:07 - 00001457 _____ () C:\Users\User\Desktop\Bioshock 2.lnk 2014-04-22 00:25 - 2014-04-22 00:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games 2014-04-21 22:39 - 2014-04-21 22:55 - 181222008 _____ () C:\Users\User\Downloads\cenega_poland_bioshock2-patch-v1002.zip 2014-04-21 22:36 - 2014-04-21 22:37 - 00000468 _____ () C:\Users\User\Downloads\status.htm 2014-04-21 20:57 - 2014-04-21 20:57 - 02236416 _____ () C:\Users\User\Downloads\BioShock_Patch_2_Sciagnij.pl.exe 2014-04-21 20:53 - 2014-04-21 20:55 - 14069445 _____ () C:\Users\User\Downloads\bioshock 2 SPOL LITE.zip 2014-04-21 20:48 - 2014-04-26 14:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bioshock2 2014-04-21 20:48 - 2014-04-21 20:48 - 00000000 ____D () C:\Users\User\Documents\Bioshock2 2014-04-21 20:35 - 2014-04-21 20:35 - 00000000 __SHD () C:\ProgramData\SecuROM 2014-04-20 21:37 - 2014-04-20 21:37 - 00021280 _____ () C:\Users\User\Downloads\BioShock_2_[PL]_[ iso]_[Razor1911][Torrenty.org].torrent 2014-04-20 21:35 - 2014-04-20 21:35 - 00021518 _____ () C:\Users\User\Downloads\BioShock_2_[PL][Torrenty.org].torrent 2014-04-19 22:45 - 2014-04-20 20:25 - 00000000 ____D () C:\Users\User\AppData\Local\ATI Technologies 2014-04-19 22:45 - 2014-04-19 22:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlagueInc 1.0 2014-04-19 22:25 - 2014-04-19 22:25 - 00012051 _____ () C:\Users\User\Downloads\Plague_Inc _Evolved_[ENG][Torrenty.org].torrent 2014-04-19 20:37 - 2014-04-19 20:37 - 00015369 _____ () C:\Users\User\Downloads\The_Legend_of_Hercules_ 2014 _[BDRip]_[XviD-BiDA]_[ENG]_[Napisy_PL][Torrenty.org].torrent 2014-04-15 20:44 - 2014-04-15 20:44 - 00061640 _____ () C:\Users\User\Downloads\Twierdza _Krzyzowiec_HD_-_Stronghold _Crusader_HD_ 2012 _[PL]_[MULTi2-PROPHET][Torrenty.org].torrent 2014-04-11 17:15 - 2014-04-11 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-08 16:30 - 2014-04-21 00:51 - 00000000 ____D () C:\Users\User\AppData\Roaming\DVDVideoSoft 2014-04-08 16:28 - 2014-04-08 16:28 - 00636688 _____ () C:\Users\User\Downloads\FreeYouTubeDownload.exe 2014-04-05 23:39 - 2014-04-05 23:38 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe 2014-04-05 23:35 - 2014-04-05 23:35 - 03822704 _____ () C:\Users\User\Downloads\battlelog-web-plugins_2.3.2_133.exe 2014-04-04 18:31 - 2014-04-04 18:31 - 00020789 _____ () C:\Users\User\Downloads\Assassin s Creed IV Black Flag - Freedom Cry [DLC] [PL] [3 41 3 55 4 30 ][Torrenty.org] (1).torrent 2014-04-03 20:09 - 2014-04-03 20:09 - 00020807 _____ () C:\Users\User\Downloads\Age of Wonders III [PL] [RELOADED] [ISO][Torrenty.org].torrent 2014-04-03 19:56 - 2014-04-03 19:56 - 00020789 _____ () C:\Users\User\Downloads\Assassin s Creed IV Black Flag - Freedom Cry [DLC] [PL] [3 41 3 55 4 30 ][Torrenty.org].torrent 2014-04-01 14:58 - 2014-04-01 14:58 - 00005762 _____ () C:\Users\User\Downloads\Goat Simulator 2014 [ENG] [DOGE] [ISO][Torrenty.org].torrent 2014-03-31 21:22 - 2014-03-31 21:22 - 00014998 _____ () C:\Users\User\Downloads\300 Poczatek imperium - 300 Rise of an Empire 2014 [WEBRip] [XviD-MORS] [Napisy PL][Torrenty.org].torrent ==================== One Month Modified Files and Folders ======= 2014-04-26 16:23 - 2014-04-26 16:23 - 00009545 _____ () C:\Users\User\Downloads\FRST.txt 2014-04-26 16:23 - 2014-04-26 16:21 - 00000000 ____D () C:\FRST 2014-04-26 16:21 - 2014-04-26 16:21 - 02061824 _____ (Farbar) C:\Users\User\Downloads\FRST64 (1).exe 2014-04-26 16:19 - 2014-04-26 16:19 - 00380416 _____ () C:\Users\User\Downloads\8f2u218c.exe 2014-04-26 16:17 - 2014-04-26 16:17 - 02061824 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2014-04-26 16:12 - 2013-06-25 14:41 - 00000000 ____D () C:\ProgramData\Origin 2014-04-26 16:04 - 2013-12-03 20:45 - 00000000 ____D () C:\Users\User\Documents\FIFA 14 2014-04-26 14:51 - 2014-01-16 21:12 - 00583217 _____ () C:\Windows\WindowsUpdate.log 2014-04-26 14:02 - 2013-06-25 15:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Xfire 2014-04-26 14:00 - 2014-04-21 20:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bioshock2 2014-04-26 13:47 - 2014-04-26 13:47 - 00000141 _____ () C:\Users\User\Desktop\Wirus.url 2014-04-26 13:18 - 2013-06-25 15:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client 2014-04-26 12:02 - 2013-06-25 15:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\BitTorrent 2014-04-26 10:54 - 2009-07-14 06:45 - 00028320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-26 10:54 - 2009-07-14 06:45 - 00028320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-26 10:52 - 2011-04-12 15:21 - 00737242 _____ () C:\Windows\system32\perfh015.dat 2014-04-26 10:52 - 2011-04-12 15:21 - 00153930 _____ () C:\Windows\system32\perfc015.dat 2014-04-26 10:52 - 2009-07-14 07:13 - 01661232 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-26 10:47 - 2014-04-23 21:10 - 00000392 _____ () C:\Windows\setupact.log 2014-04-26 00:05 - 2013-06-25 10:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc 2014-04-25 20:04 - 2014-01-22 16:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft 2014-04-25 19:39 - 2014-04-25 19:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Unity 2014-04-25 19:23 - 2014-04-25 19:23 - 00000000 ____D () C:\Users\User\AppData\Local\Unity 2014-04-25 19:22 - 2014-04-25 19:22 - 01070496 _____ (Unity Technologies ApS) C:\Users\User\Downloads\UnityWebPlayer.exe 2014-04-25 19:22 - 2014-04-25 19:22 - 01070496 _____ (Unity Technologies ApS) C:\Users\User\Downloads\UnityWebPlayer(1).exe 2014-04-25 19:22 - 2013-07-30 21:12 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe 2014-04-25 19:21 - 2014-04-25 19:21 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-25 19:21 - 2013-06-26 18:31 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-25 19:21 - 2013-06-26 18:31 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-25 15:46 - 2014-04-25 15:46 - 00091410 _____ () C:\Users\User\Downloads\bcfa43e9fd05a5623394d0bc92c2fd43.jpeg 2014-04-24 17:41 - 2014-04-23 23:25 - 00073248 _____ () C:\Users\User\Downloads\Extras.Txt 2014-04-24 17:40 - 2014-04-23 23:24 - 00066570 _____ () C:\Users\User\Downloads\OTL.Txt 2014-04-24 17:36 - 2013-06-25 16:00 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-24 17:34 - 2014-04-24 17:34 - 00000000 ____D () C:\_OTL 2014-04-23 23:18 - 2014-04-23 23:18 - 00602112 _____ (OldTimer Tools) C:\Users\User\Downloads\OTL (2).exe 2014-04-23 21:10 - 2014-04-23 21:10 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-22 23:08 - 2014-01-18 16:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\DAEMON Tools Pro 2014-04-22 23:07 - 2014-04-22 23:07 - 00001457 _____ () C:\Users\User\Desktop\Bioshock 2.lnk 2014-04-22 00:25 - 2014-04-22 00:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games 2014-04-21 22:55 - 2014-04-21 22:39 - 181222008 _____ () C:\Users\User\Downloads\cenega_poland_bioshock2-patch-v1002.zip 2014-04-21 22:37 - 2014-04-21 22:36 - 00000468 _____ () C:\Users\User\Downloads\status.htm 2014-04-21 20:57 - 2014-04-21 20:57 - 02236416 _____ () C:\Users\User\Downloads\BioShock_Patch_2_Sciagnij.pl.exe 2014-04-21 20:55 - 2014-04-21 20:53 - 14069445 _____ () C:\Users\User\Downloads\bioshock 2 SPOL LITE.zip 2014-04-21 20:48 - 2014-04-21 20:48 - 00000000 ____D () C:\Users\User\Documents\Bioshock2 2014-04-21 20:35 - 2014-04-21 20:35 - 00000000 __SHD () C:\ProgramData\SecuROM 2014-04-21 20:35 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-04-21 20:29 - 2013-06-25 16:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-21 17:02 - 2014-01-12 14:49 - 00008192 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-04-21 16:59 - 2013-06-26 17:17 - 00000000 ____D () C:\Users\User\Documents\My Games 2014-04-21 16:57 - 2013-12-13 21:48 - 00000000 ____D () C:\Users\User\Desktop\Śmieci 2014-04-21 15:13 - 2013-06-25 11:57 - 00110208 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-21 10:50 - 2014-02-26 16:55 - 00000000 ____D () C:\Users\User\AppData\Local\The Witcher 2014-04-21 10:12 - 2009-07-14 06:45 - 00411576 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-21 00:51 - 2014-04-08 16:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\DVDVideoSoft 2014-04-21 00:51 - 2014-03-17 19:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games 2014-04-21 00:50 - 2013-09-08 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA 2014-04-20 22:18 - 2013-10-01 20:08 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-04-20 21:37 - 2014-04-20 21:37 - 00021280 _____ () C:\Users\User\Downloads\BioShock_2_[PL]_[ iso]_[Razor1911][Torrenty.org].torrent 2014-04-20 21:35 - 2014-04-20 21:35 - 00021518 _____ () C:\Users\User\Downloads\BioShock_2_[PL][Torrenty.org].torrent 2014-04-20 20:25 - 2014-04-19 22:45 - 00000000 ____D () C:\Users\User\AppData\Local\ATI Technologies 2014-04-19 22:45 - 2014-04-19 22:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlagueInc 1.0 2014-04-19 22:25 - 2014-04-19 22:25 - 00012051 _____ () C:\Users\User\Downloads\Plague_Inc _Evolved_[ENG][Torrenty.org].torrent 2014-04-19 21:36 - 2013-06-28 23:09 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-04-19 21:36 - 2013-06-25 18:01 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-04-19 20:37 - 2014-04-19 20:37 - 00015369 _____ () C:\Users\User\Downloads\The_Legend_of_Hercules_ 2014 _[BDRip]_[XviD-BiDA]_[ENG]_[Napisy_PL][Torrenty.org].torrent 2014-04-15 20:44 - 2014-04-15 20:44 - 00061640 _____ () C:\Users\User\Downloads\Twierdza _Krzyzowiec_HD_-_Stronghold _Crusader_HD_ 2012 _[PL]_[MULTi2-PROPHET][Torrenty.org].torrent 2014-04-11 17:31 - 2014-04-11 17:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-09 15:07 - 2013-10-23 21:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-04-09 15:07 - 2013-10-23 21:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-04-08 22:51 - 2013-10-23 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-04-08 16:28 - 2014-04-08 16:28 - 00636688 _____ () C:\Users\User\Downloads\FreeYouTubeDownload.exe 2014-04-07 18:36 - 2013-06-25 14:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Origin 2014-04-06 22:40 - 2013-06-25 12:15 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla 2014-04-05 23:38 - 2014-04-05 23:39 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe 2014-04-05 23:35 - 2014-04-05 23:35 - 03822704 _____ () C:\Users\User\Downloads\battlelog-web-plugins_2.3.2_133.exe 2014-04-05 23:35 - 2013-06-28 23:04 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-04-04 18:31 - 2014-04-04 18:31 - 00020789 _____ () C:\Users\User\Downloads\Assassin s Creed IV Black Flag - Freedom Cry [DLC] [PL] [3 41 3 55 4 30 ][Torrenty.org] (1).torrent 2014-04-03 20:09 - 2014-04-03 20:09 - 00020807 _____ () C:\Users\User\Downloads\Age of Wonders III [PL] [RELOADED] [ISO][Torrenty.org].torrent 2014-04-03 19:56 - 2014-04-03 19:56 - 00020789 _____ () C:\Users\User\Downloads\Assassin s Creed IV Black Flag - Freedom Cry [DLC] [PL] [3 41 3 55 4 30 ][Torrenty.org].torrent 2014-04-02 15:07 - 2013-06-25 15:20 - 00000000 ____D () C:\ProgramData\Xfire 2014-04-01 14:58 - 2014-04-01 14:58 - 00005762 _____ () C:\Users\User\Downloads\Goat Simulator 2014 [ENG] [DOGE] [ISO][Torrenty.org].torrent 2014-03-31 21:22 - 2014-03-31 21:22 - 00014998 _____ () C:\Users\User\Downloads\300 Poczatek imperium - 300 Rise of an Empire 2014 [WEBRip] [XviD-MORS] [Napisy PL][Torrenty.org].torrent Some content of TEMP: ==================== C:\Users\User\AppData\Local\Temp\install_flashplayer13x32_mssd_aaa_aih.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-31 17:03 ==================== End Of Log ============================