Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2014 Ran by abc (administrator) on XXX on 05-05-2014 22:35:52 Running from C:\Users\abc\Desktop\FRST Windows 8 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Arcabit) C:\Program Files\ArcaBit\Common\ArcaConfSV.exe (Arcabit) C:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe (Arcabit) C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Arcabit) C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (LogMeIn Inc.) D:\Picasa3\LoL\MineCraft\hamachi-2-ui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (LogMeIn, Inc.) D:\Picasa3\LoL\MineCraft\LMIGuardianSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Arcabit) C:\Program Files\ArcaBit\ArcaUpdate\update.exe (LogMeIn Inc.) D:\Picasa3\LoL\MineCraft\hamachi-2.exe (LogMeIn, Inc.) D:\Picasa3\LoL\MineCraft\LMIGuardianSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe (ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Picasa3\LoL\MineCraft\hamachi-2-ui.exe [3814736 2014-04-15] (LogMeIn Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [fst_pl_14] => [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\RunOnce: [Application Restart #0] - C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [393416 2012-10-11] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\7vqnnva8.default FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - D:\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @g2.com/iggweb3dupdater - C:\Users\abc\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll (IGG) FF Plugin HKCU: @g2.com/joyconnectshell - C:\Users\abc\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll (IGG) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\abc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\abc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\7vqnnva8.default\searchplugins\default-search.xml FF Extension: Bazaar Friend - C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\7vqnnva8.default\Extensions\addon@bazaarfriend.com [2013-08-17] FF Extension: metacrawler.com - C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\7vqnnva8.default\Extensions\ffxtlbr@metacrawler.com [2013-07-27] FF Extension: Boston MarketOne - C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\7vqnnva8.default\Extensions\support@bostonmarketone.com [2013-08-21] FF Extension: Nuova scheda - C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\7vqnnva8.default\Extensions\{60364604-8b4c-42f4-a2ca-a76ca7b61b37} [2013-07-27] Chrome: ======= CHR HomePage: CHR Plugin: (Widevine Content Decryption Module) - C:\Users\abc\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U55) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Unity Player) - C:\Users\abc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\abc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (IGG Web3D Updater NP Plugin for Mozilla) - C:\Users\abc\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll (IGG) CHR Plugin: (JoyConnectShell NP Plugin for Mozilla) - C:\Users\abc\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll (IGG) CHR Plugin: (Picasa) - D:\Picasa3\npPicasa3.dll (Google, Inc.) CHR Extension: (Dokumenty Google) - C:\Users\abc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-17] CHR Extension: (Dysk Google) - C:\Users\abc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-05] CHR Extension: (YouTube) - C:\Users\abc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-05] CHR Extension: (Szukaj w Google) - C:\Users\abc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-05] CHR Extension: (Google Wallet) - C:\Users\abc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01] CHR Extension: (Gmail) - C:\Users\abc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-05] ==================== Services (Whitelisted) ================= R3 ABConfSV; C:\Program Files\ArcaBit\Common\ArcaConfSV.exe [206304 2014-03-07] (Arcabit) R3 ABMainSV; C:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe [237704 2014-03-07] (Arcabit) R3 ArcaRemoteService; C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe [985008 2014-04-08] (Arcabit) R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) R3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) S3 AVBackup; C:\Program Files\ArcaBit\ArcaTools\ArcaBackup\ArcaBackupService.exe [257304 2014-03-07] (Arcabit) S3 AVTasks2; C:\Program Files\ArcaBit\Common\ArcaTasksService.exe [200136 2014-03-07] (ArcaBit) R3 AVUpdate; C:\Program Files\ArcaBit\ArcaUpdate\update.exe [307232 2014-04-17] (Arcabit) R3 Hamachi2Svc; D:\Picasa3\LoL\MineCraft\hamachi-2.exe [2227536 2014-04-15] (LogMeIn Inc.) R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R3 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [42336 2012-11-16] (ASUSTek Computer Inc.) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation) R3 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) ==================== Drivers (Whitelisted) ==================== R3 ABFLT; C:\Program Files\ArcaBit\ArcaVir\ABFLT.sys [85232 2013-03-27] (ArcaBit) R1 arcawfp; C:\Windows\System32\drivers\arcawfp.sys [46184 2014-05-05] (NetFilterSDK.com) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros) R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-06-01] (Microsoft Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [64512 2012-07-26] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-29] (Disc Soft Ltd) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-04-15] (LogMeIn Inc.) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) S3 ABWFP; \??\C:\Program Files\ArcaBit\ArcaVir\ABWFP8.sys [X] U0 msahci; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-05 22:33 - 2014-05-05 22:33 - 00016270 _____ () C:\Users\abc\Desktop\AdwCleaner[S0].txt 2014-05-05 22:29 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-05 22:27 - 2014-05-05 22:31 - 00000000 ____D () C:\AdwCleaner 2014-05-05 22:27 - 2014-05-05 22:27 - 01316991 _____ () C:\Users\abc\Downloads\adwcleaner.exe 2014-05-05 22:00 - 2014-05-05 22:33 - 00000401 _____ () C:\Users\abc\AppData\Roaming\sp_data.sys 2014-05-05 21:57 - 2014-05-05 21:55 - 00013539 _____ () C:\fixlist.txt 2014-05-05 21:54 - 2014-05-05 22:35 - 00000000 ____D () C:\Users\abc\Desktop\FRST 2014-05-05 20:58 - 2014-05-05 20:58 - 00000000 ____D () C:\Users\abc\Desktop\Pliki Przeciwko Reklamom 2014-05-05 20:25 - 2014-05-05 20:25 - 00079414 _____ () C:\Users\abc\Downloads\Extras.Txt 2014-05-05 20:23 - 2014-05-05 20:23 - 00154928 _____ () C:\Users\abc\Downloads\OTL.Txt 2014-05-05 20:10 - 2014-05-05 20:10 - 00029454 _____ () C:\Users\abc\Downloads\Shortcut.txt 2014-05-05 20:08 - 2014-05-05 20:10 - 00031817 _____ () C:\Users\abc\Downloads\Addition.txt 2014-05-05 20:06 - 2014-05-05 20:10 - 00052309 _____ () C:\Users\abc\Downloads\FRST.txt 2014-05-05 20:04 - 2014-05-05 22:35 - 00000000 ____D () C:\FRST 2014-05-05 20:03 - 2014-05-05 20:03 - 02063872 _____ (Farbar) C:\Users\abc\Downloads\FRST64.exe 2014-05-05 19:58 - 2014-05-05 19:58 - 00602112 _____ (OldTimer Tools) C:\Users\abc\Downloads\OTL.exe 2014-05-05 18:35 - 2014-05-05 19:01 - 00000000 ____D () C:\Users\abc\Desktop\Piccassa 2014-05-05 18:33 - 2014-05-05 19:01 - 00000000 ____D () C:\Users\abc\Desktop\18-stka 2014-05-01 21:59 - 2014-05-01 21:59 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-05-01 21:59 - 2014-05-01 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-01 21:59 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-05-01 21:59 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-05-01 21:59 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-05-01 21:59 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-30 18:38 - 2014-05-02 14:38 - 00000000 ____D () C:\Users\abc\Documents\FIFA World 2014-04-30 17:21 - 2014-04-30 17:22 - 23516512 _____ (Electronic Arts, Inc.) C:\Users\abc\Downloads\EASportsFIFAWorld.exe 2014-04-30 17:04 - 2014-04-30 17:04 - 00255780 _____ () C:\Users\abc\Downloads\TorrentCity.pl_payday_2_2013_multi5eng_flt_dvd9__iso_rabbit_203035.torrent 2014-04-30 15:05 - 2014-04-30 15:05 - 00000000 ____D () C:\Users\abc\AppData\Roaming\vlc 2014-04-29 21:42 - 2014-04-29 21:42 - 00290439 _____ () C:\Users\abc\Downloads\Papers-Please-PL-v1.2 (2).rar 2014-04-29 21:40 - 2014-04-29 21:40 - 00290439 _____ () C:\Users\abc\Downloads\Papers-Please-PL-v1.2 (1).rar 2014-04-29 21:34 - 2014-04-29 21:34 - 00290439 _____ () C:\Users\abc\Downloads\Papers-Please-PL-v1.2.rar 2014-04-29 21:30 - 2014-04-29 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Papers, Please [GOG.com] 2014-04-29 21:30 - 2014-04-29 21:30 - 00000000 ____D () C:\GOG Games 2014-04-29 21:20 - 2014-04-29 21:20 - 00004085 _____ () C:\Users\abc\Downloads\[TorrentDownloads.me]_Papers, Please [GOG] (+ v1 0 37 Update & Extras).torrent 2014-04-29 18:53 - 2014-04-29 19:21 - 00000000 ____D () C:\Users\abc\AppData\Local\Arma 3 2014-04-29 18:53 - 2014-04-29 19:07 - 00000000 ____D () C:\Users\abc\Documents\Arma 3 2014-04-29 18:53 - 2014-04-29 18:53 - 00000000 ____D () C:\ProgramData\Steam 2014-04-29 18:53 - 2014-04-29 18:53 - 00000000 ____D () C:\ProgramData\Bohemia Interactive 2014-04-29 18:10 - 2014-05-01 21:57 - 00000000 ____D () C:\Program Files (x86)\Arma 3 2014-04-29 18:02 - 2014-04-29 18:04 - 00000000 ____D () C:\Users\abc\AppData\Roaming\DAEMON Tools Lite 2014-04-29 18:02 - 2014-04-29 18:02 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2014-04-29 18:01 - 2014-04-29 18:04 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-04-29 18:00 - 2014-04-29 18:00 - 13429504 _____ (Disc Soft Ltd) C:\Users\abc\Downloads\DTLite4491-0356.exe 2014-04-28 15:21 - 2014-04-28 15:21 - 00086124 _____ () C:\Users\abc\Downloads\TorrentCity.pl_arma_3_2013_reloaded_dvd9__iso_multi10pl_rabbit_205004.torrent 2014-04-28 15:16 - 2014-04-28 15:16 - 00205396 _____ () C:\Users\abc\Downloads\TorrentCity.pl_arma_iii_-_complete_campaign_edition_2013_multipl_reloaded_dvd9__iso_224345.torrent 2014-04-28 15:14 - 2014-04-28 15:14 - 00002902 _____ () C:\Users\abc\Downloads\[Limetorrents.com]_Papers Please GOG.torrent 2014-04-25 14:09 - 2014-04-25 15:00 - 00000000 ____D () C:\Users\abc\AppData\Roaming\Curse Client 2014-04-25 14:09 - 2014-04-25 14:09 - 00001011 _____ () C:\Users\abc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk 2014-04-25 14:09 - 2014-04-25 14:09 - 00000000 ____D () C:\Users\abc\AppData\Roaming\Curse Advertising 2014-04-25 14:08 - 2014-04-25 14:08 - 00000000 ____D () C:\Users\abc\AppData\Roaming\Curse 2014-04-25 14:05 - 2014-04-25 14:08 - 37439696 _____ (Curse) C:\Users\abc\Downloads\CurseClientSetup.exe 2014-04-17 17:03 - 2014-04-17 17:03 - 00005950 _____ () C:\Users\abc\Downloads\LOL_OPGG_Observer_812898976.bat 2014-04-17 11:25 - 2014-04-17 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games 2014-04-17 11:23 - 2014-04-17 11:24 - 07548928 _____ () C:\Users\abc\Downloads\PathOfExileInstaller (1).msi 2014-04-17 11:13 - 2014-04-17 11:14 - 07553024 _____ () C:\Users\abc\Downloads\PathOfExileInstaller.msi 2014-04-17 10:20 - 2014-04-17 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-04-15 10:46 - 2014-04-15 10:46 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys 2014-04-14 00:01 - 2014-04-14 00:01 - 00052024 _____ () C:\Users\abc\Downloads\[www.tnt24.info] ARMA III Complete Campaign Edition -2013- [Multi9-PL] [RELOADED] [ISO].torrent 2014-04-13 22:32 - 2014-04-13 22:32 - 00031390 _____ () C:\Users\abc\Downloads\ARMA+3+Complete+Campaign+Edition+%5BMULTI9%5D%5BPCDVD%5D%5BRELOADED%5D (1).torrent 2014-04-13 22:28 - 2014-04-13 22:28 - 00021066 _____ () C:\Users\abc\Downloads\[kickass.to]arma.iii.compaign.multiplayer.repack.by.infamous.torrent 2014-04-06 12:24 - 2014-04-06 12:44 - 00000000 ____D () C:\Program Files (x86)\Counter Strike 1.6 v43 2014-04-06 12:05 - 2014-04-06 12:16 - 280944071 _____ (n/a) C:\Users\abc\Downloads\Counter Strike 1.6 v43.exe 2014-04-05 18:43 - 2014-04-05 18:43 - 00000000 ____D () C:\Users\abc\AppData\Roaming\Wargaming.net 2014-04-05 14:32 - 2014-04-05 14:33 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-04-05 14:31 - 2014-04-05 14:31 - 09304408 _____ (Wargaming.net ) C:\Users\abc\Downloads\WoT_internet_install_eu.exe ==================== One Month Modified Files and Folders ======= 2014-05-05 22:35 - 2014-05-05 21:54 - 00000000 ____D () C:\Users\abc\Desktop\FRST 2014-05-05 22:35 - 2014-05-05 20:04 - 00000000 ____D () C:\FRST 2014-05-05 22:35 - 2014-03-07 12:27 - 00046184 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\arcawfp.sys 2014-05-05 22:34 - 2014-01-31 16:05 - 00000000 ____D () C:\Users\abc\AppData\Local\LogMeIn Hamachi 2014-05-05 22:34 - 2013-12-27 17:55 - 00003788 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-05 22:34 - 2013-12-27 17:55 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-05 22:34 - 2013-01-22 04:41 - 00003024 _____ () C:\Windows\System32\Tasks\ASUS USB Charger Plus 2014-05-05 22:34 - 2013-01-22 04:31 - 00003542 _____ () C:\Windows\System32\Tasks\ASUS Touchpad Launcher (x64) 2014-05-05 22:33 - 2014-05-05 22:33 - 00016270 _____ () C:\Users\abc\Desktop\AdwCleaner[S0].txt 2014-05-05 22:33 - 2014-05-05 22:00 - 00000401 _____ () C:\Users\abc\AppData\Roaming\sp_data.sys 2014-05-05 22:33 - 2013-09-12 20:21 - 00000000 ____D () C:\Users\abc\AppData\Roaming\ipla 2014-05-05 22:33 - 2013-01-22 04:43 - 00003052 _____ () C:\Windows\System32\Tasks\ASUS P4G 2014-05-05 22:33 - 2013-01-22 04:40 - 00003114 _____ () C:\Windows\System32\Tasks\ASUS Live Update 2014-05-05 22:32 - 2012-08-02 15:24 - 00431380 _____ () C:\Windows\PFRO.log 2014-05-05 22:32 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-05 22:31 - 2014-05-05 22:27 - 00000000 ____D () C:\AdwCleaner 2014-05-05 22:31 - 2013-07-10 19:09 - 00000000 ____D () C:\Users\abc 2014-05-05 22:27 - 2014-05-05 22:27 - 01316991 _____ () C:\Users\abc\Downloads\adwcleaner.exe 2014-05-05 22:24 - 2013-12-27 17:55 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-05 22:08 - 2013-12-27 17:57 - 00002191 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-05-05 21:59 - 2012-07-26 07:26 - 00000226 _____ () C:\Windows\win.ini 2014-05-05 21:58 - 2013-12-27 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-05 21:55 - 2014-05-05 21:57 - 00013539 _____ () C:\fixlist.txt 2014-05-05 21:23 - 2013-07-27 13:49 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3301075831-2015216863-3812331416-1001UA.job 2014-05-05 21:14 - 2013-08-20 13:32 - 00000000 ____D () C:\ProgramData\Origin 2014-05-05 21:06 - 2012-11-23 15:07 - 00062649 _____ () C:\Windows\DirectX.log 2014-05-05 21:00 - 2013-08-20 13:32 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-05-05 21:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru 2014-05-05 20:58 - 2014-05-05 20:58 - 00000000 ____D () C:\Users\abc\Desktop\Pliki Przeciwko Reklamom 2014-05-05 20:32 - 2013-07-10 19:08 - 02084146 _____ () C:\Windows\WindowsUpdate.log 2014-05-05 20:25 - 2014-05-05 20:25 - 00079414 _____ () C:\Users\abc\Downloads\Extras.Txt 2014-05-05 20:23 - 2014-05-05 20:23 - 00154928 _____ () C:\Users\abc\Downloads\OTL.Txt 2014-05-05 20:10 - 2014-05-05 20:10 - 00029454 _____ () C:\Users\abc\Downloads\Shortcut.txt 2014-05-05 20:10 - 2014-05-05 20:08 - 00031817 _____ () C:\Users\abc\Downloads\Addition.txt 2014-05-05 20:10 - 2014-05-05 20:06 - 00052309 _____ () C:\Users\abc\Downloads\FRST.txt 2014-05-05 20:03 - 2014-05-05 20:03 - 02063872 _____ (Farbar) C:\Users\abc\Downloads\FRST64.exe 2014-05-05 19:58 - 2014-05-05 19:58 - 00602112 _____ (OldTimer Tools) C:\Users\abc\Downloads\OTL.exe 2014-05-05 19:46 - 2013-07-28 15:32 - 01609728 ___SH () C:\Users\abc\Desktop\Thumbs.db 2014-05-05 19:01 - 2014-05-05 18:35 - 00000000 ____D () C:\Users\abc\Desktop\Piccassa 2014-05-05 19:01 - 2014-05-05 18:33 - 00000000 ____D () C:\Users\abc\Desktop\18-stka 2014-05-05 18:39 - 2012-08-02 20:02 - 00794946 _____ () C:\Windows\system32\perfh015.dat 2014-05-05 18:39 - 2012-08-02 20:02 - 00159530 _____ () C:\Windows\system32\perfc015.dat 2014-05-05 18:39 - 2012-07-26 09:28 - 01793398 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-05 18:36 - 2014-02-21 00:15 - 00000000 ____D () C:\Users\abc\Desktop\My Shared Folder 2014-05-03 19:02 - 2013-07-10 19:10 - 00000000 ____D () C:\Users\abc\AppData\Roaming\Atheros 2014-05-03 15:38 - 2013-09-12 20:21 - 00000000 ____D () C:\ProgramData\ipla 2014-05-03 14:23 - 2013-07-30 00:42 - 01740288 ___SH () C:\Users\abc\Downloads\Thumbs.db 2014-05-02 23:54 - 2014-03-24 16:05 - 00000000 ____D () C:\Users\Default\AppData\Local\LogMeIn Hamachi 2014-05-02 23:54 - 2014-03-24 16:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\LogMeIn Hamachi 2014-05-02 17:03 - 2014-03-24 16:18 - 00000000 ____D () C:\Users\abc\AppData\Local\Battle.net 2014-05-02 17:02 - 2013-07-25 15:06 - 00000000 ____D () C:\Users\abc\AppData\Local\CrashDumps 2014-05-02 14:38 - 2014-04-30 18:38 - 00000000 ____D () C:\Users\abc\Documents\FIFA World 2014-05-02 00:23 - 2013-07-27 13:49 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3301075831-2015216863-3812331416-1001Core.job 2014-05-01 21:59 - 2014-05-01 21:59 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-05-01 21:59 - 2014-05-01 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-01 21:59 - 2014-01-31 16:11 - 00000000 ____D () C:\ProgramData\Oracle 2014-05-01 21:59 - 2014-01-31 16:10 - 00000000 ____D () C:\Program Files (x86)\Java 2014-05-01 21:57 - 2014-04-29 18:10 - 00000000 ____D () C:\Program Files (x86)\Arma 3 2014-05-01 15:14 - 2013-01-22 04:51 - 00003549 _____ () C:\Windows\system32\ServiceFilter.ini 2014-04-30 17:30 - 2013-08-20 13:37 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-04-30 17:26 - 2013-08-20 13:35 - 00000000 ____D () C:\Users\abc\AppData\Roaming\Origin 2014-04-30 17:22 - 2014-04-30 17:21 - 23516512 _____ (Electronic Arts, Inc.) C:\Users\abc\Downloads\EASportsFIFAWorld.exe 2014-04-30 17:04 - 2014-04-30 17:04 - 00255780 _____ () C:\Users\abc\Downloads\TorrentCity.pl_payday_2_2013_multi5eng_flt_dvd9__iso_rabbit_203035.torrent 2014-04-30 15:05 - 2014-04-30 15:05 - 00000000 ____D () C:\Users\abc\AppData\Roaming\vlc 2014-04-29 21:42 - 2014-04-29 21:42 - 00290439 _____ () C:\Users\abc\Downloads\Papers-Please-PL-v1.2 (2).rar 2014-04-29 21:40 - 2014-04-29 21:40 - 00290439 _____ () C:\Users\abc\Downloads\Papers-Please-PL-v1.2 (1).rar 2014-04-29 21:34 - 2014-04-29 21:34 - 00290439 _____ () C:\Users\abc\Downloads\Papers-Please-PL-v1.2.rar 2014-04-29 21:30 - 2014-04-29 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Papers, Please [GOG.com] 2014-04-29 21:30 - 2014-04-29 21:30 - 00000000 ____D () C:\GOG Games 2014-04-29 21:20 - 2014-04-29 21:20 - 00004085 _____ () C:\Users\abc\Downloads\[TorrentDownloads.me]_Papers, Please [GOG] (+ v1 0 37 Update & Extras).torrent 2014-04-29 19:21 - 2014-04-29 18:53 - 00000000 ____D () C:\Users\abc\AppData\Local\Arma 3 2014-04-29 19:07 - 2014-04-29 18:53 - 00000000 ____D () C:\Users\abc\Documents\Arma 3 2014-04-29 18:53 - 2014-04-29 18:53 - 00000000 ____D () C:\ProgramData\Steam 2014-04-29 18:53 - 2014-04-29 18:53 - 00000000 ____D () C:\ProgramData\Bohemia Interactive 2014-04-29 18:06 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-04-29 18:04 - 2014-04-29 18:02 - 00000000 ____D () C:\Users\abc\AppData\Roaming\DAEMON Tools Lite 2014-04-29 18:04 - 2014-04-29 18:01 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-04-29 18:02 - 2014-04-29 18:02 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2014-04-29 18:00 - 2014-04-29 18:00 - 13429504 _____ (Disc Soft Ltd) C:\Users\abc\Downloads\DTLite4491-0356.exe 2014-04-28 15:21 - 2014-04-28 15:21 - 00086124 _____ () C:\Users\abc\Downloads\TorrentCity.pl_arma_3_2013_reloaded_dvd9__iso_multi10pl_rabbit_205004.torrent 2014-04-28 15:16 - 2014-04-28 15:16 - 00205396 _____ () C:\Users\abc\Downloads\TorrentCity.pl_arma_iii_-_complete_campaign_edition_2013_multipl_reloaded_dvd9__iso_224345.torrent 2014-04-28 15:14 - 2014-04-28 15:14 - 00002902 _____ () C:\Users\abc\Downloads\[Limetorrents.com]_Papers Please GOG.torrent 2014-04-26 19:48 - 2014-02-20 18:38 - 00000000 ___RD () C:\Users\abc\Desktop\Zdjęcia i filmy 2014-04-25 17:28 - 2013-09-06 15:55 - 00000000 ____D () C:\Users\abc\AppData\Roaming\TS3Client 2014-04-25 15:19 - 2013-07-10 19:12 - 00000000 ___RD () C:\Users\abc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-25 15:00 - 2014-04-25 14:09 - 00000000 ____D () C:\Users\abc\AppData\Roaming\Curse Client 2014-04-25 14:09 - 2014-04-25 14:09 - 00001011 _____ () C:\Users\abc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk 2014-04-25 14:09 - 2014-04-25 14:09 - 00000000 ____D () C:\Users\abc\AppData\Roaming\Curse Advertising 2014-04-25 14:08 - 2014-04-25 14:08 - 00000000 ____D () C:\Users\abc\AppData\Roaming\Curse 2014-04-25 14:08 - 2014-04-25 14:05 - 37439696 _____ (Curse) C:\Users\abc\Downloads\CurseClientSetup.exe 2014-04-23 16:50 - 2013-07-31 18:13 - 00000000 ____D () C:\Users\abc\AppData\Local\Windows Live 2014-04-17 17:03 - 2014-04-17 17:03 - 00005950 _____ () C:\Users\abc\Downloads\LOL_OPGG_Observer_812898976.bat 2014-04-17 11:25 - 2014-04-17 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games 2014-04-17 11:25 - 2013-08-13 16:13 - 00000000 ____D () C:\Users\abc\Documents\My Games 2014-04-17 11:24 - 2014-04-17 11:23 - 07548928 _____ () C:\Users\abc\Downloads\PathOfExileInstaller (1).msi 2014-04-17 11:14 - 2014-04-17 11:13 - 07553024 _____ () C:\Users\abc\Downloads\PathOfExileInstaller.msi 2014-04-17 10:20 - 2014-04-17 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-04-15 10:46 - 2014-04-15 10:46 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys 2014-04-14 20:13 - 2014-05-01 21:59 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-14 20:05 - 2014-05-01 21:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-14 20:05 - 2014-05-01 21:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-14 20:04 - 2014-05-01 21:59 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-14 17:23 - 2013-08-29 18:29 - 00000000 ____D () C:\Users\abc\AppData\Local\Ares 2014-04-14 00:01 - 2014-04-14 00:01 - 00052024 _____ () C:\Users\abc\Downloads\[www.tnt24.info] ARMA III Complete Campaign Edition -2013- [Multi9-PL] [RELOADED] [ISO].torrent 2014-04-13 22:32 - 2014-04-13 22:32 - 00031390 _____ () C:\Users\abc\Downloads\ARMA+3+Complete+Campaign+Edition+%5BMULTI9%5D%5BPCDVD%5D%5BRELOADED%5D (1).torrent 2014-04-13 22:28 - 2014-04-13 22:28 - 00021066 _____ () C:\Users\abc\Downloads\[kickass.to]arma.iii.compaign.multiplayer.repack.by.infamous.torrent 2014-04-09 18:26 - 2014-01-31 16:44 - 00000000 ____D () C:\Users\abc\AppData\Roaming\.minecraft 2014-04-09 17:06 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-07 21:01 - 2013-07-12 18:54 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3301075831-2015216863-3812331416-1001 2014-04-06 20:09 - 2012-07-26 09:21 - 00059026 _____ () C:\Windows\setupact.log 2014-04-06 12:44 - 2014-04-06 12:24 - 00000000 ____D () C:\Program Files (x86)\Counter Strike 1.6 v43 2014-04-06 12:16 - 2014-04-06 12:05 - 280944071 _____ (n/a) C:\Users\abc\Downloads\Counter Strike 1.6 v43.exe 2014-04-05 18:43 - 2014-04-05 18:43 - 00000000 ____D () C:\Users\abc\AppData\Roaming\Wargaming.net 2014-04-05 14:33 - 2014-04-05 14:32 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-04-05 14:31 - 2014-04-05 14:31 - 09304408 _____ (Wargaming.net ) C:\Users\abc\Downloads\WoT_internet_install_eu.exe Files to move or delete: ==================== C:\ProgramData\SetStretch.exe C:\ProgramData\SetStretch.VBS ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-27 18:12 ==================== End Of Log ============================