Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014
Ran by Wojtek (administrator) on WOJTEK-PC on 13-07-2014 18:37:47
Running from C:\Users\Wojtek\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Angielski (Stany Zjednoczone)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Hi-Rez Studios) E:\Smite\HiPatchService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mentor Graphics Corporation) E:\Solid Works\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Mentor Graphics Corporation) E:\Solid Works\SolidWorks Flow Simulation\binCFW\dispatcher.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [6325936 2012-11-26] (ESET)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-1866769861-2938320490-3187735495-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-1866769861-2938320490-3187735495-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-1866769861-2938320490-3187735495-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-1866769861-2938320490-3187735495-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-1866769861-2938320490-3187735495-1002\...\Run: [Facebook Update] => C:\Users\Wojtek\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-01] (Facebook Inc.)
HKU\S-1-5-21-1866769861-2938320490-3187735495-1002\...\Policies\Explorer: [] 
HKU\S-1-5-21-1866769861-2938320490-3187735495-1002\...\MountPoints2: {19a24834-1ad4-11e3-8647-dc0ea195b40a} - H:\Setup.exe
HKU\S-1-5-21-1866769861-2938320490-3187735495-1002\...\MountPoints2: {4efaf5b5-22a6-11e3-912f-dc0ea195b40a} - G:\LaunchU3.exe
HKU\S-1-5-21-1866769861-2938320490-3187735495-1002\...\MountPoints2: {802214df-1aca-11e3-8c23-806e6f6e6963} - F:\setup.exe
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-12] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - E:\PerfectWorld\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - E:\PerfectWorld\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Wojtek\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Wojtek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\Wojtek\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-09-11]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-09-11]

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Extension: (Dokumenty Google) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-11]
CHR Extension: (Dysk Google) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-11]
CHR Extension: (YouTube) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-11]
CHR Extension: (Szukaj w Google) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-11]
CHR Extension: (AdBlock) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-11]
CHR Extension: (Twitch.tv Europe Lag Fix) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkoehmlkhjgaboegkondkciclminpjof [2013-12-08]
CHR Extension: (Wolfram|Alpha (Official)) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp [2013-09-11]
CHR Extension: (Batman Dark Knight Rises theme 1280x800) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jahiecoaghpdhddabdjmgmghglhnfmdo [2013-09-11]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-05-05]
CHR Extension: (Plants vs Zombies) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2013-09-11]
CHR Extension: (Google Wallet) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR Extension: (Mini Ninjas) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijfbknbncemokdnlboeabbcfhobechi [2013-09-11]
CHR Extension: (Gmail) - C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-11]

==================== Services (Whitelisted) =================

S3 ArcService; E:\PerfectWorld\Arc\ArcService.exe [88400 2014-02-24] (Perfect World Entertainment Inc)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
S3 CoordinatorServiceHost; E:\Solid Works\SolidWorks\swScheduler\DTSCoordinatorService.exe [77352 2013-03-28] (Dassault Systèmes SolidWorks Corp.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1329304 2012-11-26] (ESET)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-13] (Garmin Ltd or its subsidiaries)
U2 HiPatchService; E:\Smite\HiPatchService.exe [9216 2014-02-03] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 RemoteSolverDispatcher; E:\Solid Works\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [218248 2013-02-22] (Mentor Graphics Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-03-31] (SolidWorks) [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-11] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [211344 2012-10-08] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [149592 2012-10-08] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [189208 2012-10-08] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2012-10-08] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [57904 2012-11-28] (ESET)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
U0 Partizan; system32\drivers\Partizan.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-13 18:37 - 2014-07-13 18:39 - 00015851 _____ () C:\Users\Wojtek\Desktop\FRST.txt
2014-07-13 18:36 - 2014-07-13 18:37 - 00000000 ____D () C:\FRST
2014-07-13 18:28 - 2014-07-13 18:28 - 00082616 _____ () C:\Users\Wojtek\Desktop\Extras.Txt
2014-07-13 18:23 - 2014-07-13 18:23 - 00092348 _____ () C:\Users\Wojtek\Desktop\OTL.Txt
2014-07-13 18:16 - 2014-07-13 18:20 - 02086912 _____ (Farbar) C:\Users\Wojtek\Desktop\FRST64.exe
2014-07-13 18:16 - 2014-07-13 18:17 - 00380416 _____ () C:\Users\Wojtek\Desktop\r0s0xozc.exe
2014-07-13 18:13 - 2014-07-13 18:13 - 00623224 _____ (Duplex Secure Ltd.) C:\Users\Wojtek\Desktop\SPTDinst-v186-x64 (1).exe
2014-07-13 18:12 - 2014-07-13 18:12 - 00602112 _____ (OldTimer Tools) C:\Users\Wojtek\Desktop\OTL.exe
2014-07-13 18:09 - 2014-07-13 18:09 - 00087288 _____ () C:\Users\Wojtek\Desktop\SPTDinst-v186-x64.exe
2014-07-13 17:36 - 2014-07-13 17:37 - 00448512 _____ (OldTimer Tools) C:\Users\Wojtek\Desktop\TFC.exe
2014-07-13 17:11 - 2014-07-13 17:11 - 00020359 _____ () C:\ComboFix.txt
2014-07-13 16:42 - 2014-07-13 17:24 - 00000000 ____D () C:\Windows\erdnt
2014-07-13 16:00 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-13 16:00 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-13 16:00 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-13 15:54 - 2014-07-13 16:16 - 11187534 _____ (PortableAppZ.blogspot.com) C:\Users\Wojtek\Desktop\Ad-Aware_Portable_8.0.7_Multilingual.paf.exe
2014-07-13 15:54 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-13 15:54 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-13 15:54 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-13 15:42 - 2014-07-13 18:34 - 00000840 _____ () C:\Windows\setupact.log
2014-07-13 15:42 - 2014-07-13 17:15 - 00002158 _____ () C:\Windows\PFRO.log
2014-07-13 15:42 - 2014-07-13 15:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-13 15:39 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-13 15:39 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-13 15:39 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-13 15:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-13 15:34 - 2014-07-13 15:40 - 01707144 _____ () C:\Users\Wojtek\Desktop\Adaware_Installer.exe
2014-07-13 15:33 - 2014-07-13 15:35 - 01348263 _____ () C:\Users\Wojtek\Desktop\AdwCleaner.pl 3.215.exe
2014-07-13 15:04 - 2014-07-13 15:04 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-10 22:39 - 2014-07-13 15:28 - 00000000 ____D () C:\Users\Wojtek\Desktop\Genesis_Rohan_Launcher
2014-07-09 17:54 - 2014-07-09 17:54 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-02 12:45 - 2014-07-02 12:45 - 00000000 ____D () C:\ProgramData\Orbit
2014-07-02 12:44 - 2014-07-02 12:44 - 00000662 _____ () C:\Users\Wojtek\Desktop\Valiant Hearts The Great War.lnk
2014-07-02 12:44 - 2014-07-02 12:44 - 00000000 ____D () C:\Users\Wojtek\AppData\Roaming\Valiant Hearts The Great War
2014-07-02 12:44 - 2014-07-02 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-06-24 13:37 - 2014-06-24 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-24 13:37 - 2014-06-24 13:37 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-17 16:32 - 2014-03-06 18:44 - 00000000 ____D () C:\Users\Wojtek\Desktop\Podstawy konstrukcji maszyn
2014-06-14 18:19 - 2014-06-14 18:19 - 00000000 ____D () C:\Users\Wojtek\Desktop\PKM - prof. dr hab. inż. K.M
2014-06-14 18:19 - 2014-06-14 18:19 - 00000000 ____D () C:\Users\Wojtek\Desktop\PKM - (Wszystke prezentacje Magnuckiego)

==================== One Month Modified Files and Folders =======

2014-07-13 18:39 - 2014-07-13 18:37 - 00015851 _____ () C:\Users\Wojtek\Desktop\FRST.txt
2014-07-13 18:38 - 2013-09-11 12:14 - 01100761 _____ () C:\Windows\WindowsUpdate.log
2014-07-13 18:37 - 2014-07-13 18:36 - 00000000 ____D () C:\FRST
2014-07-13 18:35 - 2014-03-25 23:30 - 00000000 ____D () C:\Users\Wojtek\AppData\Local\LogMeIn Hamachi
2014-07-13 18:34 - 2014-07-13 15:42 - 00000840 _____ () C:\Windows\setupact.log
2014-07-13 18:34 - 2013-09-11 12:58 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-13 18:34 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-13 18:31 - 2009-07-14 06:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-13 18:31 - 2009-07-14 06:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-13 18:28 - 2014-07-13 18:28 - 00082616 _____ () C:\Users\Wojtek\Desktop\Extras.Txt
2014-07-13 18:26 - 2013-12-04 13:08 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef0e1390ffbe6.job
2014-07-13 18:23 - 2014-07-13 18:23 - 00092348 _____ () C:\Users\Wojtek\Desktop\OTL.Txt
2014-07-13 18:20 - 2014-07-13 18:16 - 02086912 _____ (Farbar) C:\Users\Wojtek\Desktop\FRST64.exe
2014-07-13 18:17 - 2014-07-13 18:16 - 00380416 _____ () C:\Users\Wojtek\Desktop\r0s0xozc.exe
2014-07-13 18:13 - 2014-07-13 18:13 - 00623224 _____ (Duplex Secure Ltd.) C:\Users\Wojtek\Desktop\SPTDinst-v186-x64 (1).exe
2014-07-13 18:12 - 2014-07-13 18:12 - 00602112 _____ (OldTimer Tools) C:\Users\Wojtek\Desktop\OTL.exe
2014-07-13 18:09 - 2014-07-13 18:09 - 00087288 _____ () C:\Users\Wojtek\Desktop\SPTDinst-v186-x64.exe
2014-07-13 17:54 - 2014-02-28 20:57 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-13 17:50 - 2009-07-14 06:45 - 00460976 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-13 17:49 - 2010-11-21 09:16 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-13 17:40 - 2013-09-11 13:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-13 17:39 - 2013-09-12 23:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-13 17:39 - 2013-09-11 13:59 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-13 17:37 - 2014-07-13 17:36 - 00448512 _____ (OldTimer Tools) C:\Users\Wojtek\Desktop\TFC.exe
2014-07-13 17:24 - 2014-07-13 16:42 - 00000000 ____D () C:\Windows\erdnt
2014-07-13 17:15 - 2014-07-13 15:42 - 00002158 _____ () C:\Windows\PFRO.log
2014-07-13 17:11 - 2014-07-13 17:11 - 00020359 _____ () C:\ComboFix.txt
2014-07-13 17:07 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-13 16:37 - 2014-02-01 20:32 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1866769861-2938320490-3187735495-1000UA.job
2014-07-13 16:16 - 2014-07-13 15:54 - 11187534 _____ (PortableAppZ.blogspot.com) C:\Users\Wojtek\Desktop\Ad-Aware_Portable_8.0.7_Multilingual.paf.exe
2014-07-13 15:48 - 2014-01-09 19:20 - 00000000 ____D () C:\AdwCleaner
2014-07-13 15:42 - 2014-07-13 15:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-13 15:40 - 2014-07-13 15:34 - 01707144 _____ () C:\Users\Wojtek\Desktop\Adaware_Installer.exe
2014-07-13 15:35 - 2014-07-13 15:33 - 01348263 _____ () C:\Users\Wojtek\Desktop\AdwCleaner.pl 3.215.exe
2014-07-13 15:35 - 2013-09-11 14:04 - 00000000 ____D () C:\Users\Wojtek\AppData\Roaming\uTorrent
2014-07-13 15:28 - 2014-07-10 22:39 - 00000000 ____D () C:\Users\Wojtek\Desktop\Genesis_Rohan_Launcher
2014-07-13 15:28 - 2013-09-11 12:26 - 00000000 ____D () C:\Users\Wojtek
2014-07-13 15:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-13 15:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-07-13 15:27 - 2013-09-11 17:00 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-13 15:27 - 2013-09-11 17:00 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-13 15:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-07-13 15:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-13 15:26 - 2013-10-21 20:37 - 00000000 ____D () C:\Users\Wojtek\AppData\Local\Adobe
2014-07-13 15:04 - 2014-07-13 15:04 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-13 14:34 - 2013-09-11 13:40 - 00000000 ____D () C:\Users\Wojtek\AppData\Roaming\Media Player Classic
2014-07-10 22:36 - 2013-10-10 20:32 - 00000000 ____D () C:\Users\Wojtek\AppData\Roaming\Skype
2014-07-10 19:37 - 2014-02-01 20:32 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1866769861-2938320490-3187735495-1000Core.job
2014-07-09 17:54 - 2014-07-09 17:54 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-09 17:54 - 2014-02-28 20:57 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 17:54 - 2014-02-28 20:57 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 17:54 - 2013-11-12 16:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 17:44 - 2014-03-04 00:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-08 17:44 - 2013-10-10 20:32 - 00000000 ____D () C:\ProgramData\Skype
2014-07-03 22:03 - 2014-05-12 22:44 - 00000000 ____D () C:\Users\Wojtek\Desktop\natunianaszakochana
2014-07-02 12:45 - 2014-07-02 12:45 - 00000000 ____D () C:\ProgramData\Orbit
2014-07-02 12:44 - 2014-07-02 12:44 - 00000662 _____ () C:\Users\Wojtek\Desktop\Valiant Hearts The Great War.lnk
2014-07-02 12:44 - 2014-07-02 12:44 - 00000000 ____D () C:\Users\Wojtek\AppData\Roaming\Valiant Hearts The Great War
2014-07-02 12:44 - 2014-07-02 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-06-27 16:22 - 2014-03-25 20:28 - 00000000 ____D () C:\Users\Wojtek\AppData\Local\Battle.net
2014-06-26 21:52 - 2013-09-11 14:23 - 00806828 _____ () C:\Windows\system32\perfh015.dat
2014-06-26 21:52 - 2013-09-11 14:23 - 00181460 _____ () C:\Windows\system32\perfc015.dat
2014-06-26 21:52 - 2009-07-14 07:13 - 01857244 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-24 14:21 - 2013-12-04 13:08 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cef0e1390ffbe6
2014-06-24 14:21 - 2013-09-11 12:58 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-24 13:37 - 2014-06-24 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-24 13:37 - 2014-06-24 13:37 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-18 06:43 - 2014-03-27 19:59 - 00000000 ____D () C:\Users\Wojtek\AppData\Local\ChomikBox
2014-06-18 06:29 - 2014-03-27 19:59 - 00000000 ____D () C:\Users\Wojtek\.gstreamer-0.10
2014-06-18 04:18 - 2014-07-13 16:00 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-13 16:00 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-13 16:00 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-14 18:19 - 2014-06-14 18:19 - 00000000 ____D () C:\Users\Wojtek\Desktop\PKM - prof. dr hab. inż. K.M
2014-06-14 18:19 - 2014-06-14 18:19 - 00000000 ____D () C:\Users\Wojtek\Desktop\PKM - (Wszystke prezentacje Magnuckiego)
2014-06-14 18:19 - 2014-04-10 12:46 - 00000000 ____D () C:\Users\Wojtek\Desktop\szymonek

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 20:17

==================== End Of Log ============================