Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01 Ran by Grzesiek (administrator) on GRZESIEK-LAPTOP on 23-06-2015 18:34:22 Running from C:\Users\Grzesiek\Desktop\do naprawiania Loaded Profiles: Grzesiek (Available Profiles: Grzesiek & UpdatusUser & internet) Platform: Windows 7 Ultimate (X64) OS Language: Polski (Polska) Internet Explorer Version 8 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (BitTorrent Inc.) C:\Users\Grzesiek\AppData\Roaming\uTorrent\uTorrent.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Nullsoft) C:\Program Files (x86)\Winamp\winampa.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.) HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-29] () HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2014-11-16] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2014-11-16] (Lenovo(beijing) Limited) HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2011-12-01] (Intel® Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508144 2012-07-25] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation) HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [39424 2009-12-21] (Nullsoft) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-05-01] (Electronic Arts) HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\Run: [uTorrent] => C:\Users\Grzesiek\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-15] (BitTorrent Inc.) HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2874048 2015-02-19] (Valve Corporation) HKU\S-1-5-21-592060492-1902354033-4240126978-1000\...\MountPoints2: {99446fc6-6da5-11e4-8a05-806e6f6e6963} - F:\Autorun.exe HKU\S-1-5-21-592060492-1902354033-4240126978-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-11-06] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [203112 2012-11-06] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-29] (Qualcomm Atheros Commnucations) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2014-11-16] (Sun Microsystems, Inc.) BHO-x32: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll [2010-05-04] (GG Network S.A.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Grzesiek\AppData\Roaming\Mozilla\Firefox\Profiles\kdxrja3a.default FF SearchEngineOrder.3: Bing FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2014-11-16] (Sun Microsystems, Inc.) FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2105 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2005-06-17] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1212 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2005-06-17] (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2014-11-16] (mozilla.org) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2003-07-15] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2010-11-15] (Adobe Systems Inc.) FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] FF Extension: No Name - C:\Users\Grzesiek\AppData\Roaming\Mozilla\Firefox\Profiles\kdxrja3a.default\extensions\quick_searchff@gmail.com [not found] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2014-11-16] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2014-11-16] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2014-11-16] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2014-11-16] Chrome: ======= CHR Profile: C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-16] CHR Extension: (Google Docs) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-16] CHR Extension: (Google Drive) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-22] CHR Extension: (YouTube) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-22] CHR Extension: (Google Search) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-22] CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-06-23] CHR Extension: (Google Sheets) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-16] CHR Extension: (Skype Click to Call) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-11-16] CHR Extension: (Google Wallet) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-16] CHR Extension: (Gmail) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22] CHR HKU\S-1-5-21-592060492-1902354033-4240126978-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] Opera: ======= OPR Extension: (AdBlock) - C:\Users\Grzesiek\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2015-04-28] OPR Extension: (Adblock Plus) - C:\Users\Grzesiek\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-04-28] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations) [File not signed] S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-01-13] (BitRaider, LLC) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2011-11-30] (Red Bend Ltd.) [File not signed] R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-01] (Electronic Arts) R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2011-11-30] (Intel(R) Corporation) [File not signed] S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros) [File not signed] R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-01-13] (BitRaider) R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-09-29] (Qualcomm Atheros) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [27456 2012-08-16] (Intel Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.) R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation) S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [101840 2012-07-05] ("CyberLink) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-23 18:30 - 2015-06-23 18:30 - 00000000 ____D C:\ProgramData\WindowsMangerProtect 2015-06-22 20:50 - 2015-06-23 18:34 - 00000000 ____D C:\FRST 2015-06-22 20:29 - 2015-06-23 18:31 - 00000000 ____D C:\Users\Grzesiek\Desktop\do naprawiania 2015-06-22 18:59 - 2015-06-22 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-06-22 18:54 - 2015-06-22 18:54 - 18797980 _____ C:\Users\Grzesiek\Downloads\Malwarebytes Anti-Malware Premium 2.0.2.1012 + Key.rar 2015-06-21 20:24 - 2015-06-21 20:24 - 00000000 ____D C:\Windows\system32\appmgmt 2015-06-21 19:44 - 2015-06-22 20:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-06-21 19:44 - 2015-06-21 19:44 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-06-21 19:44 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-06-21 19:43 - 2015-06-21 19:43 - 00000000 ____D C:\Users\Grzesiek\Downloads\Malwarebytes Anti-Malware Premium 2.0.2.1012 + Key ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-23 18:33 - 2014-11-16 17:48 - 00000000 ____D C:\Users\Grzesiek\AppData\Roaming\Skype 2015-06-23 18:32 - 2015-05-09 17:59 - 00003886 _____ C:\Windows\PFRO.log 2015-06-23 18:32 - 2015-05-09 17:59 - 00001234 _____ C:\Windows\setupact.log 2015-06-23 18:32 - 2015-03-16 18:49 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-23 18:32 - 2015-02-17 11:39 - 00000000 ____D C:\Program Files (x86)\Steam 2015-06-23 18:32 - 2014-12-29 11:15 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-06-23 18:32 - 2014-12-27 21:19 - 00000000 ____D C:\Users\Grzesiek\AppData\Roaming\uTorrent 2015-06-23 18:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-23 18:31 - 2014-11-16 17:05 - 00647841 _____ C:\Windows\WindowsUpdate.log 2015-06-23 18:30 - 2015-03-30 14:39 - 00001427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-06-23 18:30 - 2015-03-30 14:39 - 00001415 _____ C:\Users\Public\Desktop\Opera.lnk 2015-06-23 18:30 - 2015-03-16 18:49 - 00002493 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-06-23 18:30 - 2015-03-16 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-06-23 18:30 - 2014-11-16 17:52 - 00002149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-06-23 18:30 - 2014-11-16 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox 2015-06-23 18:30 - 2014-11-16 17:11 - 00001639 _____ C:\Users\Grzesiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2015-06-23 18:30 - 2014-11-16 17:10 - 00001661 _____ C:\Users\Grzesiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-06-23 18:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\GroupPolicy 2015-06-23 18:25 - 2009-07-14 19:55 - 00688866 _____ C:\Windows\system32\perfh015.dat 2015-06-23 18:25 - 2009-07-14 19:55 - 00131918 _____ C:\Windows\system32\perfc015.dat 2015-06-23 18:25 - 2009-07-14 07:13 - 01526834 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-23 18:24 - 2015-03-16 18:49 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-23 18:22 - 2015-04-06 18:33 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-23 04:46 - 2009-07-14 04:34 - 00000601 _____ C:\Windows\win.ini 2015-06-22 21:57 - 2015-04-06 18:33 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-06-22 20:57 - 2015-04-06 18:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-06-22 20:57 - 2015-04-06 18:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-22 20:29 - 2014-11-16 17:55 - 00000000 ____D C:\Program Files (x86)\Opera 2015-06-22 20:27 - 2009-07-14 06:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-22 20:27 - 2009-07-14 06:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-22 20:25 - 2014-11-17 20:52 - 00000000 ____D C:\ProgramData\Origin 2015-06-22 20:19 - 2015-01-01 18:52 - 00000000 ____D C:\Program Files\Bonjour 2015-06-22 20:19 - 2015-01-01 18:52 - 00000000 ____D C:\Program Files (x86)\Bonjour 2015-06-22 20:19 - 2014-11-16 17:10 - 00000000 ____D C:\Users\Grzesiek 2015-06-22 20:18 - 2015-04-06 18:33 - 00000000 ____D C:\Windows\system32\Macromed 2015-06-22 20:18 - 2015-02-24 17:16 - 00000000 ____D C:\Users\internet\Desktop\tak 2015-06-22 20:18 - 2015-02-24 17:15 - 00000000 ___RD C:\Users\internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-06-22 20:18 - 2015-02-24 17:15 - 00000000 ___RD C:\Users\internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-06-22 20:18 - 2015-02-24 17:15 - 00000000 ____D C:\Users\internet 2015-06-22 20:18 - 2015-01-15 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-06-22 20:18 - 2015-01-15 21:15 - 00000000 ____D C:\Program Files (x86)\GameforgeLive 2015-06-22 20:18 - 2015-01-13 21:04 - 00000000 ____D C:\ProgramData\BitRaider 2015-06-22 20:18 - 2015-01-01 14:37 - 00000000 ____D C:\Users\Grzesiek\Desktop\Fotki 2015-06-22 20:18 - 2014-11-17 20:52 - 00000000 ____D C:\Program Files (x86)\Origin 2015-06-22 20:18 - 2014-11-16 18:18 - 00000000 ___RD C:\Users\Grzesiek\Desktop\pierdoły 2015-06-22 20:18 - 2014-11-16 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-06-22 20:18 - 2014-11-16 17:56 - 00000000 ____D C:\Program Files\CCleaner 2015-06-22 20:18 - 2014-11-16 17:55 - 00000000 ____D C:\Users\Grzesiek\AppData\Roaming\RHEng 2015-06-22 20:18 - 2014-11-16 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-22 20:18 - 2014-11-16 17:31 - 00000000 ____D C:\Windows\SysWOW64\NV 2015-06-22 20:18 - 2014-11-16 17:31 - 00000000 ____D C:\Windows\system32\NV 2015-06-22 20:18 - 2009-07-14 20:09 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-06-22 20:18 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries 2015-06-22 20:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat 2015-06-22 20:17 - 2015-05-15 19:50 - 00000000 ____D C:\Users\internet\Documents\Electronic Arts 2015-06-22 20:17 - 2015-02-24 17:15 - 00000000 ____D C:\Users\internet\AppData\Roaming\Intel 2015-06-22 20:17 - 2015-01-13 21:04 - 00000000 ____D C:\Users\Public\Documents\BitRaider 2015-06-22 20:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2015-06-22 20:16 - 2015-02-24 17:15 - 00000000 ____D C:\Users\internet\AppData\Local\Google 2015-06-22 20:16 - 2014-11-16 17:46 - 00000000 ____D C:\Users\Grzesiek\AppData\Roaming\Winamp 2015-06-22 20:15 - 2014-11-16 17:20 - 00000000 ____D C:\ProgramData\NVIDIA 2015-06-22 20:15 - 2014-11-16 17:18 - 00000000 ____D C:\Program Files\Common Files\Intel 2015-06-22 20:14 - 2014-11-16 17:15 - 00000000 ____D C:\Program Files (x86)\Intel 2015-06-22 20:10 - 2014-12-06 12:37 - 00000000 ____D C:\Users\Grzesiek\AppData\Local\CrashDumps 2015-06-22 19:59 - 2015-01-16 14:03 - 00000000 ____D C:\Windows\Minidump 2015-06-09 16:02 - 2014-11-17 20:52 - 00000000 ____D C:\Users\Grzesiek\AppData\Roaming\Origin 2015-06-09 15:59 - 2015-02-24 17:17 - 00000000 ____D C:\Users\internet\Documents\Bluetooth Folder ==================== Files in the root of some directories ======= 2014-11-16 17:32 - 2014-11-16 17:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-22 22:42 ==================== End of log ============================