Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014 Ran by Kamil (administrator) on KAMIL-KOMPUTER on 20-05-2014 14:00:47 Running from D:\Downloads Platform: Windows 7 Home Premium (X64) OS Language: Polish Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (brother Industries Ltd) C:\Windows\SysWOW64\brsvc01a.exe (brother Industries Ltd) C:\Windows\SysWOW64\brss01a.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (ESET) D:\Programy\NOD32\x86\ekrn.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ESET) D:\Programy\NOD32\egui.exe (Spotify Ltd) C:\Users\Kamil\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\DFX\DFX.exe () D:\Programy\Rainmerer\Rainmeter.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe () C:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe () D:\Programy\RocketDock\RocketDock.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (BitTorrent, Inc.) D:\Programy\uTorrent\uTorrent.exe (Valve Corporation) D:\Programy\Steam\Steam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [egui] => D:\Programy\NOD32\egui.exe [6326448 2012-12-21] (ESET) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.) HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1274840 2013-06-06] () HKU\S-1-5-21-2255205191-327789475-1423911492-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2255205191-327789475-1423911492-1001\...\Run: [DAEMON Tools Lite] => D:\Programy\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\S-1-5-21-2255205191-327789475-1423911492-1001\...\Run: [Spotify Web Helper] => C:\Users\Kamil\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-15] (Spotify Ltd) HKU\S-1-5-21-2255205191-327789475-1423911492-1001\...\Run: [Google Update] => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-04-20] (Google Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Actualizar la licencia de ESET.lnk ShortcutTarget: Actualizar la licencia de ESET.lnk -> D:\Programy\MiNODLogin\launcher.exe (No File) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aggiorna ESET license.lnk ShortcutTarget: Aggiorna ESET license.lnk -> D:\Programy\MiNODLogin\launcher.exe (No File) Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk ShortcutTarget: Rainmeter.lnk -> D:\Programy\Rainmerer\Rainmeter.exe () ==================== Internet (Whitelisted) ==================== StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Pomocnik logowania za pomocą konta Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 194.204.159.1 194.204.152.34 FireFox: ======== FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\bphsuocv.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - D:\Programy\Adobe Reader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Kamil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Kamil\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Kamil\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Kamil\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Kamil\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Kamil\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - D:\Programy\NOD32\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - D:\Programy\NOD32\Mozilla Thunderbird [2013-10-13] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - D:\Programy\NOD32\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - D:\Programy\NOD32\Mozilla Thunderbird [2013-10-13] FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [] FF StartMenuInternet: FIREFOX.EXE - D:\Programy\Mozilla Firefox\firefox.exe Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://www.google.com/" CHR Extension: (Turn Off the Lights) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-10-13] CHR Extension: (Gismeteo) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfegaehidkkcfaikpaijcdahnpikhobf [2013-10-13] CHR Extension: (YouTube) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-14] CHR Extension: (Szukaj w Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-14] CHR Extension: (ShinyWhite) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ephinfdiacocejlaijpfloabbndncgdh [2013-12-15] CHR Extension: (AdBlock) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-27] CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-10-13] CHR Extension: (The Weather Channel for Chrome) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2013-10-13] CHR Extension: (WhatFont) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2013-11-03] CHR Extension: (YaTBookMeark) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkjjbcfmbbflieafpjonlehlgimajkep [2014-01-16] CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2013-12-14] CHR Extension: (Google Wallet) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-13] CHR Extension: (Bitdefender QuickScan) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-04-13] CHR Extension: (Gmail) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-14] CHR Extension: (YoutubeAdblocker) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfohjkpbdcjpnjiehodgoaabobciijb [2014-01-16] CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-02-19] ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-08] (Advanced Micro Devices, Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-12-09] () R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd) S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-01-05] (BitRaider, LLC) R2 ekrn; D:\Programy\NOD32\x86\ekrn.exe [1333424 2012-12-21] (ESET) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-13] () S2 SkypeUpdate; D:\Programy\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies) S3 TunngleService; D:\Programy\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH) ==================== Drivers (Whitelisted) ==================== S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-01-05] (BitRaider) R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-10-13] (DT Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-01-10] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET) R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) U5 UnlockerDriver5; D:\Programy\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () R3 V0260VID; C:\Windows\System32\DRIVERS\V0260Vid.sys [189664 2007-07-18] (Creative Technology Ltd.) S3 DRIVER_B; \??\C:\Windows\system32\Drivers\DRIVER_BIN64 [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 MSICDSetup; \??\E:\CDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-20 14:00 - 2014-05-20 14:00 - 00000000 ____D () C:\FRST 2014-05-20 00:57 - 2010-03-04 06:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2014-05-18 14:54 - 2014-05-20 00:36 - 332895076 _____ () C:\Windows\MEMORY.DMP 2014-05-13 13:11 - 2014-05-13 13:11 - 00275168 _____ () C:\Windows\Minidump\051314-22167-01.dmp 2014-05-09 17:19 - 2014-05-09 17:20 - 00275168 _____ () C:\Windows\Minidump\050914-28470-01.dmp 2014-05-08 20:23 - 2014-05-08 20:23 - 00262144 _____ () C:\Windows\Minidump\050814-21465-01.dmp 2014-05-08 11:54 - 2014-05-18 11:59 - 00001006 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255205191-327789475-1423911492-1001Core1cf6aa378142806.job 2014-05-08 11:54 - 2014-05-08 11:54 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2255205191-327789475-1423911492-1001Core1cf6aa378142806 ==================== One Month Modified Files and Folders ======= 2014-05-20 14:00 - 2014-05-20 14:00 - 00000000 ____D () C:\FRST 2014-05-20 14:00 - 2013-10-13 01:08 - 00000000 ____D () C:\Users\Kamil\AppData\Roaming\uTorrent 2014-05-20 13:59 - 2014-04-11 18:48 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255205191-327789475-1423911492-1001UA.job 2014-05-20 13:44 - 2014-04-03 19:33 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4f62df1c9af2.job 2014-05-20 13:23 - 2013-10-13 06:49 - 00613335 _____ () C:\Windows\DirectX.log 2014-05-20 13:11 - 2013-10-13 00:54 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-20 12:35 - 2013-10-13 00:55 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-20 12:11 - 2013-10-12 23:56 - 01051453 _____ () C:\Windows\WindowsUpdate.log 2014-05-20 12:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-20 12:08 - 2009-07-14 06:51 - 00079749 _____ () C:\Windows\setupact.log 2014-05-20 00:36 - 2014-05-18 14:54 - 332895076 _____ () C:\Windows\MEMORY.DMP 2014-05-20 00:36 - 2013-10-15 15:57 - 00000000 ____D () C:\Windows\Minidump 2014-05-19 22:35 - 2013-12-09 18:29 - 00000000 ____D () C:\Users\Kamil\AppData\Roaming\TS3Client 2014-05-19 21:38 - 2009-07-14 06:45 - 00009808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-19 21:38 - 2009-07-14 06:45 - 00009808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-19 20:42 - 2013-10-13 00:59 - 00000000 ____D () C:\Users\Kamil\AppData\Roaming\AIMP3 2014-05-18 11:59 - 2014-05-08 11:54 - 00001006 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255205191-327789475-1423911492-1001Core1cf6aa378142806.job 2014-05-17 12:36 - 2013-10-13 00:53 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-16 18:56 - 2014-01-29 18:27 - 00000000 ____D () C:\Users\Kamil\AppData\Roaming\Spotify 2014-05-16 17:10 - 2013-10-13 01:05 - 00000000 ____D () C:\Users\Kamil\AppData\Local\Last.fm 2014-05-15 17:54 - 2014-01-29 18:29 - 00000000 ____D () C:\Users\Kamil\AppData\Local\Spotify 2014-05-15 12:15 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-05-14 16:11 - 2013-10-13 00:54 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-14 15:11 - 2013-10-13 00:54 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-14 15:11 - 2013-10-13 00:54 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-13 13:11 - 2014-05-13 13:11 - 00275168 _____ () C:\Windows\Minidump\051314-22167-01.dmp 2014-05-13 08:31 - 2009-07-14 19:55 - 00742354 _____ () C:\Windows\system32\perfh015.dat 2014-05-13 08:31 - 2009-07-14 19:55 - 00156372 _____ () C:\Windows\system32\perfc015.dat 2014-05-13 08:31 - 2009-07-14 07:13 - 01674920 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-11 22:33 - 2013-11-09 15:06 - 00000000 ____D () C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-05-11 16:59 - 2013-10-13 02:50 - 00000000 ____D () C:\ProgramData\Origin 2014-05-11 16:43 - 2013-11-23 17:25 - 00000000 ____D () C:\Users\Kamil\Documents\FIFA 13 2014-05-11 15:32 - 2013-12-20 22:32 - 00000000 ____D () C:\Users\Kamil\AppData\Local\NFS Underground 2 2014-05-10 18:28 - 2013-11-06 15:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-09 17:20 - 2014-05-09 17:19 - 00275168 _____ () C:\Windows\Minidump\050914-28470-01.dmp 2014-05-08 21:39 - 2014-04-03 19:33 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf4f62df1c9af2 2014-05-08 21:39 - 2013-10-13 00:55 - 00003790 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-08 20:23 - 2014-05-08 20:23 - 00262144 _____ () C:\Windows\Minidump\050814-21465-01.dmp 2014-05-08 20:20 - 2014-04-13 12:18 - 00000000 ____D () C:\Users\Kamil\Desktop\WIP 2014-05-08 18:47 - 2013-10-21 17:49 - 00000132 _____ () C:\Users\Kamil\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe 2014-05-08 11:54 - 2014-05-08 11:54 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2255205191-327789475-1423911492-1001Core1cf6aa378142806 2014-05-08 11:54 - 2014-04-11 18:48 - 00004032 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2255205191-327789475-1423911492-1001UA 2014-04-30 19:54 - 2013-10-13 16:26 - 00000000 ____D () C:\Users\Kamil\AppData\Roaming\Mozilla 2014-04-29 20:04 - 2014-02-20 18:56 - 00006666 _____ () C:\Users\Public\Documents\stalke~1.ltx Some content of TEMP: ==================== C:\Users\Kamil\AppData\Local\Temp\sfamcc00001.dll C:\Users\Kamil\AppData\Local\Temp\sfareca00001.dll C:\Users\Kamil\AppData\Local\Temp\TWEE_Polish_language_pack.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe [2013-10-13 10:57] - [2011-01-09 17:57] - 2870272 ____A (Microsoft Corporation) 45DFD444EA07D50EFA17277228403F85 C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-19 13:06 ==================== End Of Log ============================