Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02 Ran by kamil (administrator) on KAMIL-KOMPUTER on 01-09-2014 03:58:49 Running from C:\Users\kamil\Downloads Platform: Windows 7 Home Premium (X64) OS Language: Polski (Polska) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Binary Fortress Software) E:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Gadu-Gadu Sp. z o.o.) C:\Users\kamil\Downloads\Gadu-Gadu\Gadu-Gadu\gg.exe (Binary Fortress Software) E:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Dropbox, Inc.) C:\Users\kamil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe (Binary Fortress Software) E:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe (Binary Fortress Software) E:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-29] (Realtek Semiconductor) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation) HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [BCSSync] => D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKU\S-1-5-21-1489977599-3856847887-3318751311-1000\...\Run: [Gadu-Gadu] => C:\Users\kamil\Downloads\Gadu-Gadu\Gadu-Gadu\gg.exe [1672904 2006-09-08] (Gadu-Gadu Sp. z o.o.) HKU\S-1-5-21-1489977599-3856847887-3318751311-1000\...\Run: [DisplayFusion] => e:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [7952224 2013-11-27] (Binary Fortress Software) HKU\S-1-5-21-1489977599-3856847887-3318751311-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.) HKU\S-1-5-21-1489977599-3856847887-3318751311-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.) HKU\S-1-5-21-1489977599-3856847887-3318751311-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6462744 2014-08-21] (Piriform Ltd) HKU\S-1-5-21-1489977599-3856847887-3318751311-1000\...\MountPoints2: {00258097-e95b-11e3-b4d1-d43d7ebe12c1} - J:\AutoRun.exe HKU\S-1-5-21-1489977599-3856847887-3318751311-1000\...\MountPoints2: {09bfb298-3f48-11e3-925b-d43d7ebe12c1} - J:\AutoRun.exe HKU\S-1-5-21-1489977599-3856847887-3318751311-1000\...\MountPoints2: {69f0697e-4187-11e3-babd-d43d7ebe12c1} - H:\setup.exe HKU\S-1-5-21-1489977599-3856847887-3318751311-1000\...\MountPoints2: {847ad22f-310b-11e4-8fbc-d43d7ebe12c1} - J:\AutoRun.exe HKU\S-1-5-21-1489977599-3856847887-3318751311-1000\...\MountPoints2: {861ab8d2-3150-11e4-8bec-d43d7ebe12c1} - J:\AutoRun.exe HKU\S-1-5-21-1489977599-3856847887-3318751311-1000\...\MountPoints2: {d40ad18a-3f27-11e3-a559-d43d7ebe12c1} - H:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dual Smart Solution.lnk ShortcutTarget: Dual Smart Solution.lnk -> C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe (LG Electronics) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) Startup: C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\kamil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Profiles\zkmxi1r7.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll (Cisco WebEx LLC) Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 DisplayFusionService; e:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [1375600 2013-11-27] (Binary Fortress Software) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S3 Microsoft SharePoint Workspace Audit Service; D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [31124344 2010-12-28] (Microsoft Corporation) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI) R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-04-18] (MICRO-STAR INTERNATIONAL CO., LTD.) S2 SIMUL8Parallel; E:\Program Files (x86)\SIMUL8Student\SIMUL8_ParallelSVC.exe [497152 2013-11-11] (SIMUL8 Corporation) R2 postgresql-x64-9.3; C:/Program Files/PostgreSQL/9.3/bin/pg_ctl.exe runservice -N "postgresql-x64-9.3" -D "C:/Program Files/PostgreSQL/9.3/data" -w [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] () S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [226048 2013-06-28] (MBB Technologies Co., Ltd.) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] () S3 LGDDCDevice; C:\Windows\SysWOW64\LGI2CDriver.sys [16384 2012-10-17] (LG Soft India) [File not signed] S3 LGII2CDevice; C:\Windows\SysWOW64\LGPII2CDriver.sys [10752 2012-11-23] (LG Soft India) [File not signed] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-01] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-10-30] (Duplex Secure Ltd.) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-09-01] () S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] S3 MSICDSetup; \??\G:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\G:\NTIOLib_X64.sys [X] U3 awddykob; \??\D:\TEMP\awddykob.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-01 03:58 - 2014-09-01 03:58 - 00015549 _____ () C:\Users\kamil\Downloads\FRST.txt 2014-09-01 03:57 - 2014-09-01 03:58 - 00000000 ____D () C:\FRST 2014-09-01 03:55 - 2014-09-01 03:56 - 00029642 _____ () C:\Users\kamil\Desktop\gmer.txt.txt 2014-09-01 03:34 - 2014-09-01 03:34 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2014-09-01 03:34 - 2014-09-01 03:34 - 00001452 _____ () C:\Windows\PFRO.log 2014-09-01 03:34 - 2014-09-01 03:34 - 00000056 _____ () C:\Windows\setupact.log 2014-09-01 03:34 - 2014-09-01 03:34 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-01 03:32 - 2014-09-01 03:32 - 00380416 _____ () C:\Users\kamil\Downloads\7e1muly2.exe 2014-09-01 03:31 - 2014-09-01 03:32 - 00602112 _____ (OldTimer Tools) C:\Users\kamil\Downloads\OTL.exe 2014-09-01 03:31 - 2014-09-01 03:31 - 02104832 _____ (Farbar) C:\Users\kamil\Downloads\FRST64.exe 2014-09-01 03:19 - 2014-09-01 03:19 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-09-01 03:19 - 2014-09-01 03:19 - 00000000 ____D () C:\Program Files\CCleaner 2014-09-01 03:18 - 2014-09-01 03:18 - 04902336 _____ (Piriform Ltd) C:\Users\kamil\Downloads\ccsetup417pro.exe 2014-09-01 03:04 - 2014-09-01 03:09 - 00000000 ____D () C:\AdwCleaner 2014-09-01 03:04 - 2014-09-01 03:04 - 01364531 _____ () C:\Users\kamil\Downloads\adwcleaner_3.308.exe 2014-09-01 01:05 - 2014-09-01 01:05 - 00003384 _____ () C:\Windows\System32\Tasks\{047C8FDE-D78A-4121-B70A-77F5D3894784} 2014-09-01 01:01 - 2014-09-01 01:01 - 00003386 _____ () C:\Windows\System32\Tasks\{9C8F8CC4-237F-4B15-BFE9-A8F68B4EE321} 2014-09-01 01:01 - 2013-06-28 17:10 - 00455680 _____ (MBB Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2014-09-01 01:01 - 2013-03-09 13:41 - 00014976 _____ (MBB Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2014-09-01 01:01 - 2013-03-09 11:18 - 00244736 _____ (MBB Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2014-09-01 01:01 - 2013-03-09 11:17 - 00110592 _____ (MBB Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2014-09-01 01:01 - 2013-03-09 11:17 - 00091648 _____ (MBB Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2014-09-01 01:01 - 2013-03-09 11:17 - 00077312 _____ (MBB Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2014-09-01 01:01 - 2013-03-09 11:17 - 00030720 _____ (MBB Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2014-09-01 01:01 - 2012-08-20 08:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2014-09-01 01:01 - 2012-08-20 08:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll 2014-09-01 00:24 - 2014-09-01 01:08 - 00000406 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job 2014-09-01 00:24 - 2014-09-01 00:24 - 00003810 _____ () C:\Windows\System32\Tasks\DriverEasy Scheduled Scan 2014-09-01 00:24 - 2014-09-01 00:24 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\Easeware 2014-09-01 00:06 - 2014-09-01 00:06 - 00000000 ____D () C:\Users\kamil\Downloads\top_netinfo 2014-09-01 00:05 - 2014-09-01 00:05 - 02429172 _____ () C:\Users\kamil\Downloads\top_netinfo.zip 2014-08-31 23:55 - 2014-08-31 23:55 - 00001011 _____ () C:\Users\Public\Desktop\PLAY ONLINE.lnk 2014-08-31 23:55 - 2014-08-31 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PLAY ONLINE 2014-08-31 23:55 - 2013-06-28 17:04 - 00226048 _____ (MBB Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2014-08-31 17:03 - 2014-08-31 21:39 - 00000000 ____D () C:\Users\kamil\Desktop\aukcje 2014-08-31 16:17 - 2014-08-31 16:17 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\Ahead 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\ProgramData\Nero 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2014-08-31 16:16 - 2003-03-19 06:20 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll 2014-08-31 16:16 - 2003-03-19 06:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2014-08-31 16:16 - 2003-03-18 20:12 - 01047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll 2014-08-31 16:16 - 2003-02-21 14:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2014-08-31 16:15 - 2014-08-31 16:15 - 29400322 _____ (UpdatePack.nl ) C:\Users\kamil\Downloads\Nero-7.11.10.0_english_lite.exe 2014-08-31 16:08 - 2014-08-31 16:15 - 288608256 _____ () C:\Users\kamil\Downloads\drweb-livecd-602.iso 2014-08-31 16:07 - 2014-08-31 16:10 - 306016256 _____ () C:\Users\kamil\Downloads\kav_rescue_10.iso 2014-08-31 12:57 - 2014-08-31 12:57 - 00000000 ____D () C:\ProgramData\Doctor Web 2014-08-31 02:26 - 2014-08-31 02:26 - 13156120 _____ (Opera Software ASA) C:\Users\kamil\Downloads\Opera_1216_int_Setup.exe 2014-08-31 02:26 - 2014-08-31 02:26 - 00001845 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 12.16 1860.lnk 2014-08-31 02:26 - 2014-08-31 02:26 - 00001833 _____ () C:\Users\Public\Desktop\Opera 12.16 1860.lnk 2014-08-31 02:26 - 2014-08-31 02:26 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\Opera 2014-08-31 02:15 - 2014-08-31 03:10 - 00000000 ____D () C:\Users\kamil\Doctor Web 2014-08-31 02:10 - 2014-08-31 02:14 - 155366128 _____ () C:\Users\kamil\Downloads\9wl5f9x9.exe 2014-08-31 02:07 - 2014-08-31 02:07 - 29421992 _____ (Oracle Corporation) C:\Users\kamil\Downloads\jre-7u67-windows-i586.exe 2014-08-29 18:16 - 2014-08-29 18:16 - 01560408 _____ (Redbet ) C:\Users\kamil\Downloads\Installredbetpoker.exe 2014-08-29 18:16 - 2014-08-29 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redbet Poker 2014-08-28 03:49 - 2014-08-28 03:52 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\TableNinja.v2 2014-08-28 03:49 - 2014-08-28 03:49 - 00003029 _____ () C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk 2014-08-28 03:49 - 2014-08-28 03:49 - 00000000 ____D () C:\Program Files (x86)\PASG 2014-08-28 03:48 - 2014-08-28 03:48 - 04259840 _____ () C:\Users\kamil\Downloads\TN2Update2.3.89.msi 2014-08-26 21:47 - 2014-08-26 21:47 - 16349982 _____ (Sharkystrator ) C:\Users\kamil\Downloads\Sharkystrator_ins.exe 2014-08-26 21:47 - 2014-08-26 21:47 - 00000104 _____ () C:\Windows\SysWOW64\winopsys.dat 2014-08-26 21:47 - 2014-08-26 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sharkystrator 2014-08-26 21:47 - 2014-08-26 21:47 - 00000000 ____D () C:\Program Files (x86)\Sharkystrator 2014-08-25 22:19 - 2014-08-25 22:19 - 01141892 _____ () C:\Users\kamil\Downloads\TableNinja (1).zip 2014-08-25 21:15 - 2014-09-01 03:19 - 00000000 ____D () C:\Windows\Minidump 2014-08-25 16:19 - 2014-08-25 16:19 - 00005020 _____ () C:\ProgramData\lrbivjdu.eai 2014-08-25 16:03 - 2014-08-30 15:00 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4 2014-08-25 16:03 - 2014-08-25 16:03 - 00005044 _____ () C:\ProgramData\flwjycbm.bab 2014-08-25 16:03 - 2014-08-25 16:03 - 00001088 _____ () C:\Users\postgres\Desktop\PokerTracker 4.lnk 2014-08-25 16:03 - 2014-08-25 16:03 - 00001088 _____ () C:\Users\kamil\Desktop\PokerTracker 4.lnk 2014-08-25 16:03 - 2014-08-25 16:03 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2014-08-25 16:03 - 2014-08-25 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2014-08-25 16:00 - 2014-08-25 16:01 - 63697776 _____ () C:\Users\kamil\Downloads\PT-Install-v4.11.11.exe 2014-08-25 15:45 - 2014-08-25 15:45 - 00814875 _____ () C:\Users\kamil\Desktop\simple-waffles4.0.rar 2014-08-24 00:40 - 2014-08-24 00:41 - 00000000 ____D () C:\Users\kamil\Desktop\plecaki 2014-08-20 10:35 - 2014-08-20 10:37 - 97543375 _____ () C:\Users\kamil\Downloads\8175_Hm2AutoUpdate.exe 2014-08-20 10:34 - 2014-08-20 10:35 - 63600111 _____ (Hold'em Manager, support@holdemmanager.com) C:\Users\kamil\Downloads\HmUpdate_Release_1.14.02.exe 2014-08-20 03:13 - 2014-08-20 03:25 - 22584649 _____ () C:\Users\kamil\Downloads\3_big_blind_play.mp4 2014-08-20 03:08 - 2014-08-20 03:19 - 20254299 _____ () C:\Users\kamil\Downloads\2_small_blind_play.mp4 2014-08-18 13:14 - 2014-08-30 15:59 - 00020912 _____ () C:\rusherr.txt 2014-08-18 13:11 - 2014-08-18 13:11 - 00000000 ____D () C:\Users\kamil\.swt 2014-08-18 13:08 - 2014-08-29 18:19 - 00000000 ____D () C:\Users\kamil\P5JavaClientSettings 2014-08-18 13:08 - 2014-08-18 13:08 - 00000581 _____ () C:\Users\Public\Desktop\Betsafe Poker.lnk 2014-08-18 13:08 - 2014-08-18 13:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betsafe Poker 2014-08-18 13:07 - 2014-08-18 13:07 - 01976088 _____ (betsafe ) C:\Users\kamil\Downloads\BetsafePokerInstall.exe 2014-08-18 12:33 - 2014-08-20 11:42 - 00005312 _____ () C:\speederr.txt 2014-08-18 12:26 - 2014-08-25 18:44 - 00000000 ____D () C:\Program Files (x86)\William Hill Poker 2014-08-18 12:26 - 2014-08-18 12:26 - 00001676 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\William Hill Poker.lnk 2014-08-18 12:26 - 2014-08-18 12:26 - 00001664 _____ () C:\Users\Public\Desktop\William Hill Poker.lnk 2014-08-18 02:54 - 2014-08-18 02:54 - 00000000 ____D () C:\Users\kamil\Documents\Lightshot 2014-08-13 15:55 - 2014-08-13 15:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\kamil\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-10 19:19 - 2014-08-10 20:01 - 00000000 ____D () C:\Users\kamil\Desktop\Grown Ups 2 (2013) [1080p] 2014-08-10 19:13 - 2014-08-10 19:29 - 00000000 ____D () C:\Users\kamil\Desktop\This Is the End (2013) [1080p] 2014-08-06 23:47 - 2014-08-06 23:47 - 00027102 _____ () C:\Users\kamil\Downloads\hasla (2).odt 2014-08-06 23:45 - 2014-08-06 23:45 - 00027102 _____ () C:\Users\kamil\Downloads\hasla (1).odt 2014-08-06 20:41 - 2014-08-06 20:41 - 00000000 ____D () C:\Users\kamil\Desktop\ber 2014-08-05 22:31 - 2014-08-05 22:31 - 00002729 _____ () C:\Users\kamil\Desktop\Skype.lnk 2014-08-03 19:09 - 2014-08-03 19:10 - 00001889 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BetSafe Poker Black.lnk 2014-08-03 19:09 - 2014-08-03 19:10 - 00001883 _____ () C:\Users\Public\Desktop\BetSafe Poker Black.lnk 2014-08-03 19:09 - 2014-08-03 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BetSafe Poker Black 2014-08-03 19:09 - 2014-08-03 19:09 - 00688520 _____ () C:\Users\kamil\Downloads\BetSafePokerBlack.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-01 03:58 - 2014-09-01 03:58 - 00015549 _____ () C:\Users\kamil\Downloads\FRST.txt 2014-09-01 03:58 - 2014-09-01 03:57 - 00000000 ____D () C:\FRST 2014-09-01 03:56 - 2014-09-01 03:55 - 00029642 _____ () C:\Users\kamil\Desktop\gmer.txt.txt 2014-09-01 03:38 - 2009-07-14 19:55 - 00740590 _____ () C:\Windows\system32\perfh015.dat 2014-09-01 03:38 - 2009-07-14 19:55 - 00155186 _____ () C:\Windows\system32\perfc015.dat 2014-09-01 03:38 - 2009-07-14 07:13 - 01669980 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-01 03:37 - 2013-10-26 17:19 - 01324267 _____ () C:\Windows\WindowsUpdate.log 2014-09-01 03:35 - 2013-11-10 04:32 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\Skype 2014-09-01 03:34 - 2014-09-01 03:34 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2014-09-01 03:34 - 2014-09-01 03:34 - 00001452 _____ () C:\Windows\PFRO.log 2014-09-01 03:34 - 2014-09-01 03:34 - 00000056 _____ () C:\Windows\setupact.log 2014-09-01 03:34 - 2014-09-01 03:34 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-01 03:34 - 2014-07-11 12:05 - 00002756 _____ () C:\Windows\System32\Tasks\AutoKMSDaily 2014-09-01 03:34 - 2014-07-11 12:05 - 00000218 _____ () C:\Windows\Tasks\AutoKMSDaily.job 2014-09-01 03:34 - 2014-04-22 13:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-01 03:34 - 2014-04-06 00:09 - 00000000 ___RD () C:\Users\kamil\Dropbox 2014-09-01 03:34 - 2014-04-06 00:08 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\Dropbox 2014-09-01 03:34 - 2013-12-01 01:37 - 00151552 _____ () C:\Windows\KMSEmulator.exe 2014-09-01 03:34 - 2013-10-30 22:13 - 00000216 _____ () C:\Windows\Tasks\AutoKMS.job 2014-09-01 03:34 - 2013-10-30 21:57 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2014-09-01 03:34 - 2013-10-26 23:46 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys 2014-09-01 03:34 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-01 03:33 - 2009-07-14 06:45 - 00013776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-01 03:33 - 2009-07-14 06:45 - 00013776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-01 03:32 - 2014-09-01 03:32 - 00380416 _____ () C:\Users\kamil\Downloads\7e1muly2.exe 2014-09-01 03:32 - 2014-09-01 03:31 - 00602112 _____ (OldTimer Tools) C:\Users\kamil\Downloads\OTL.exe 2014-09-01 03:31 - 2014-09-01 03:31 - 02104832 _____ (Farbar) C:\Users\kamil\Downloads\FRST64.exe 2014-09-01 03:19 - 2014-09-01 03:19 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-09-01 03:19 - 2014-09-01 03:19 - 00000000 ____D () C:\Program Files\CCleaner 2014-09-01 03:19 - 2014-08-25 21:15 - 00000000 ____D () C:\Windows\Minidump 2014-09-01 03:19 - 2013-11-09 16:57 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\uTorrent 2014-09-01 03:19 - 2013-10-30 21:57 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\DAEMON Tools Lite 2014-09-01 03:19 - 2013-10-26 18:10 - 00000000 ____D () C:\Windows\Panther 2014-09-01 03:18 - 2014-09-01 03:18 - 04902336 _____ (Piriform Ltd) C:\Users\kamil\Downloads\ccsetup417pro.exe 2014-09-01 03:09 - 2014-09-01 03:04 - 00000000 ____D () C:\AdwCleaner 2014-09-01 03:04 - 2014-09-01 03:04 - 01364531 _____ () C:\Users\kamil\Downloads\adwcleaner_3.308.exe 2014-09-01 02:59 - 2013-10-26 17:16 - 00000000 ____D () C:\Users\kamil 2014-09-01 01:08 - 2014-09-01 00:24 - 00000406 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job 2014-09-01 01:05 - 2014-09-01 01:05 - 00003384 _____ () C:\Windows\System32\Tasks\{047C8FDE-D78A-4121-B70A-77F5D3894784} 2014-09-01 01:01 - 2014-09-01 01:01 - 00003386 _____ () C:\Windows\System32\Tasks\{9C8F8CC4-237F-4B15-BFE9-A8F68B4EE321} 2014-09-01 00:24 - 2014-09-01 00:24 - 00003810 _____ () C:\Windows\System32\Tasks\DriverEasy Scheduled Scan 2014-09-01 00:24 - 2014-09-01 00:24 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\Easeware 2014-09-01 00:20 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-09-01 00:06 - 2014-09-01 00:06 - 00000000 ____D () C:\Users\kamil\Downloads\top_netinfo 2014-09-01 00:05 - 2014-09-01 00:05 - 02429172 _____ () C:\Users\kamil\Downloads\top_netinfo.zip 2014-08-31 23:56 - 2013-10-28 03:55 - 00000000 ____D () C:\Program Files (x86)\PLAY ONLINE 2014-08-31 23:55 - 2014-08-31 23:55 - 00001011 _____ () C:\Users\Public\Desktop\PLAY ONLINE.lnk 2014-08-31 23:55 - 2014-08-31 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PLAY ONLINE 2014-08-31 22:51 - 2013-10-26 17:35 - 00000000 ____D () C:\ProgramData\Norton 2014-08-31 21:39 - 2014-08-31 17:03 - 00000000 ____D () C:\Users\kamil\Desktop\aukcje 2014-08-31 16:17 - 2014-08-31 16:17 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\Ahead 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\ProgramData\Nero 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2014-08-31 16:15 - 2014-08-31 16:15 - 29400322 _____ (UpdatePack.nl ) C:\Users\kamil\Downloads\Nero-7.11.10.0_english_lite.exe 2014-08-31 16:15 - 2014-08-31 16:08 - 288608256 _____ () C:\Users\kamil\Downloads\drweb-livecd-602.iso 2014-08-31 16:10 - 2014-08-31 16:07 - 306016256 _____ () C:\Users\kamil\Downloads\kav_rescue_10.iso 2014-08-31 12:57 - 2014-08-31 12:57 - 00000000 ____D () C:\ProgramData\Doctor Web 2014-08-31 03:16 - 2013-10-27 01:52 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\HoldemManager 2014-08-31 03:10 - 2014-08-31 02:15 - 00000000 ____D () C:\Users\kamil\Doctor Web 2014-08-31 02:27 - 2014-03-07 22:33 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-08-31 02:26 - 2014-08-31 02:26 - 13156120 _____ (Opera Software ASA) C:\Users\kamil\Downloads\Opera_1216_int_Setup.exe 2014-08-31 02:26 - 2014-08-31 02:26 - 00001845 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 12.16 1860.lnk 2014-08-31 02:26 - 2014-08-31 02:26 - 00001833 _____ () C:\Users\Public\Desktop\Opera 12.16 1860.lnk 2014-08-31 02:26 - 2014-08-31 02:26 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\Opera 2014-08-31 02:14 - 2014-08-31 02:10 - 155366128 _____ () C:\Users\kamil\Downloads\9wl5f9x9.exe 2014-08-31 02:07 - 2014-08-31 02:07 - 29421992 _____ (Oracle Corporation) C:\Users\kamil\Downloads\jre-7u67-windows-i586.exe 2014-08-31 00:00 - 2013-10-27 22:45 - 00000000 ____D () C:\Program Files (x86)\TableNinja 2014-08-30 17:10 - 2014-07-30 14:37 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker.Eu 2014-08-30 15:59 - 2014-08-18 13:14 - 00020912 _____ () C:\rusherr.txt 2014-08-30 15:00 - 2014-08-25 16:03 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4 2014-08-30 14:53 - 2013-10-28 03:26 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-08-30 14:25 - 2013-10-27 01:52 - 00001104 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk 2014-08-30 14:25 - 2013-10-27 01:52 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2 2014-08-29 18:19 - 2014-08-18 13:08 - 00000000 ____D () C:\Users\kamil\P5JavaClientSettings 2014-08-29 18:16 - 2014-08-29 18:16 - 01560408 _____ (Redbet ) C:\Users\kamil\Downloads\Installredbetpoker.exe 2014-08-29 18:16 - 2014-08-29 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redbet Poker 2014-08-29 03:58 - 2013-11-10 04:32 - 00000000 ____D () C:\ProgramData\Skype 2014-08-28 03:52 - 2014-08-28 03:49 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\TableNinja.v2 2014-08-28 03:49 - 2014-08-28 03:49 - 00003029 _____ () C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk 2014-08-28 03:49 - 2014-08-28 03:49 - 00000000 ____D () C:\Program Files (x86)\PASG 2014-08-28 03:48 - 2014-08-28 03:48 - 04259840 _____ () C:\Users\kamil\Downloads\TN2Update2.3.89.msi 2014-08-28 00:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-08-26 21:47 - 2014-08-26 21:47 - 16349982 _____ (Sharkystrator ) C:\Users\kamil\Downloads\Sharkystrator_ins.exe 2014-08-26 21:47 - 2014-08-26 21:47 - 00000104 _____ () C:\Windows\SysWOW64\winopsys.dat 2014-08-26 21:47 - 2014-08-26 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sharkystrator 2014-08-26 21:47 - 2014-08-26 21:47 - 00000000 ____D () C:\Program Files (x86)\Sharkystrator 2014-08-26 00:59 - 2013-10-30 22:25 - 03585965 _____ () C:\Users\kamil\Desktop\habahabahaba.xlsx 2014-08-25 22:19 - 2014-08-25 22:19 - 01141892 _____ () C:\Users\kamil\Downloads\TableNinja (1).zip 2014-08-25 18:44 - 2014-08-18 12:26 - 00000000 ____D () C:\Program Files (x86)\William Hill Poker 2014-08-25 16:19 - 2014-08-25 16:19 - 00005020 _____ () C:\ProgramData\lrbivjdu.eai 2014-08-25 16:18 - 2013-12-29 06:27 - 00000000 ____D () C:\Users\kamil\Documents\888poker 2014-08-25 16:06 - 2014-07-17 21:38 - 00000882 _____ () C:\Users\kamil\Documents\pgadmin.log 2014-08-25 16:03 - 2014-08-25 16:03 - 00005044 _____ () C:\ProgramData\flwjycbm.bab 2014-08-25 16:03 - 2014-08-25 16:03 - 00001088 _____ () C:\Users\postgres\Desktop\PokerTracker 4.lnk 2014-08-25 16:03 - 2014-08-25 16:03 - 00001088 _____ () C:\Users\kamil\Desktop\PokerTracker 4.lnk 2014-08-25 16:03 - 2014-08-25 16:03 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2014-08-25 16:03 - 2014-08-25 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 2014-08-25 16:01 - 2014-08-25 16:00 - 63697776 _____ () C:\Users\kamil\Downloads\PT-Install-v4.11.11.exe 2014-08-25 15:45 - 2014-08-25 15:45 - 00814875 _____ () C:\Users\kamil\Desktop\simple-waffles4.0.rar 2014-08-24 00:41 - 2014-08-24 00:40 - 00000000 ____D () C:\Users\kamil\Desktop\plecaki 2014-08-21 15:35 - 2014-02-24 23:11 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\DisplayFusion 2014-08-20 11:57 - 2013-10-27 01:08 - 00068924 _____ () C:\blitzerr.txt 2014-08-20 11:42 - 2014-08-18 12:33 - 00005312 _____ () C:\speederr.txt 2014-08-20 10:37 - 2014-08-20 10:35 - 97543375 _____ () C:\Users\kamil\Downloads\8175_Hm2AutoUpdate.exe 2014-08-20 10:35 - 2014-08-20 10:34 - 63600111 _____ (Hold'em Manager, support@holdemmanager.com) C:\Users\kamil\Downloads\HmUpdate_Release_1.14.02.exe 2014-08-20 03:25 - 2014-08-20 03:13 - 22584649 _____ () C:\Users\kamil\Downloads\3_big_blind_play.mp4 2014-08-20 03:19 - 2014-08-20 03:08 - 20254299 _____ () C:\Users\kamil\Downloads\2_small_blind_play.mp4 2014-08-19 22:28 - 2013-10-27 01:54 - 00000000 ____D () C:\HM2Archive 2014-08-19 11:47 - 2013-12-29 06:27 - 00001736 _____ () C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.lnk 2014-08-19 11:46 - 2013-12-29 06:27 - 00000000 ____D () C:\Program Files (x86)\PacificPoker 2014-08-18 20:43 - 2014-02-05 21:18 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\Microgaming 2014-08-18 13:11 - 2014-08-18 13:11 - 00000000 ____D () C:\Users\kamil\.swt 2014-08-18 13:08 - 2014-08-18 13:08 - 00000581 _____ () C:\Users\Public\Desktop\Betsafe Poker.lnk 2014-08-18 13:08 - 2014-08-18 13:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betsafe Poker 2014-08-18 13:07 - 2014-08-18 13:07 - 01976088 _____ (betsafe ) C:\Users\kamil\Downloads\BetsafePokerInstall.exe 2014-08-18 12:26 - 2014-08-18 12:26 - 00001676 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\William Hill Poker.lnk 2014-08-18 12:26 - 2014-08-18 12:26 - 00001664 _____ () C:\Users\Public\Desktop\William Hill Poker.lnk 2014-08-18 02:54 - 2014-08-18 02:54 - 00000000 ____D () C:\Users\kamil\Documents\Lightshot 2014-08-14 21:00 - 2014-04-06 00:09 - 00000979 _____ () C:\Users\kamil\Desktop\Dropbox.lnk 2014-08-14 21:00 - 2014-04-06 00:08 - 00000000 ____D () C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-08-13 15:55 - 2014-08-13 15:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\kamil\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-13 15:55 - 2014-04-22 13:52 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-08-13 15:55 - 2014-04-22 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-08-13 15:55 - 2014-04-22 13:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-08-10 20:01 - 2014-08-10 19:19 - 00000000 ____D () C:\Users\kamil\Desktop\Grown Ups 2 (2013) [1080p] 2014-08-10 19:29 - 2014-08-10 19:13 - 00000000 ____D () C:\Users\kamil\Desktop\This Is the End (2013) [1080p] 2014-08-07 17:04 - 2013-10-27 19:34 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU 2014-08-06 23:47 - 2014-08-06 23:47 - 00027102 _____ () C:\Users\kamil\Downloads\hasla (2).odt 2014-08-06 23:45 - 2014-08-06 23:45 - 00027102 _____ () C:\Users\kamil\Downloads\hasla (1).odt 2014-08-06 20:55 - 2013-11-11 03:47 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk 2014-08-06 20:41 - 2014-08-06 20:41 - 00000000 ____D () C:\Users\kamil\Desktop\ber 2014-08-05 22:31 - 2014-08-05 22:31 - 00002729 _____ () C:\Users\kamil\Desktop\Skype.lnk 2014-08-03 19:10 - 2014-08-03 19:09 - 00001889 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BetSafe Poker Black.lnk 2014-08-03 19:10 - 2014-08-03 19:09 - 00001883 _____ () C:\Users\Public\Desktop\BetSafe Poker Black.lnk 2014-08-03 19:10 - 2014-08-03 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BetSafe Poker Black 2014-08-03 19:09 - 2014-08-03 19:09 - 00688520 _____ () C:\Users\kamil\Downloads\BetSafePokerBlack.exe Files to move or delete: ==================== C:\Users\kamil\postgis_2_1_pg93.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-27 13:20 ==================== End Of Log ============================