Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-05-2013 02
Ran by Ponczi (administrator) on 04-05-2013 22:20:41
Running from D:\Pobierane
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve Corporation) D:\Gry\Steam.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Samsung) D:\Kies\Kies\Kies.exe
(Samsung) D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Spotify Ltd) C:\Users\Ponczi\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\Ponczi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Creative Technology Ltd) C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Samsung Electronics Co., Ltd.) D:\Kies\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Macrovision Europe Ltd.) C:\Users\Ponczi\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Creative Labs) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
(Raptr, Inc) C:\PROGRA~2\Raptr\raptr.exe
(Raptr, Inc) C:\PROGRA~2\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) D:\Pobierane\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11663976 2010-12-09] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry [17920 2009-02-26] (Creative Technology Ltd.)
HKCU\...\Run: [ASRockXTU]  [x]
HKCU\...\Run: [zASRockInstantBoot]  [x]
HKCU\...\Run: [Steam] "D:\Gry\steam.exe" -silent [x]
HKCU\...\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [393216 2011-09-14] (AMD)
HKCU\...\Run: [KiesPreload] D:\Kies\Kies\Kies.exe /preload [x]
HKCU\...\Run: [] D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [x]
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18642024 2013-02-28] (Skype Technologies S.A.)
HKCU\...\Run: [Spotify] "C:\Users\Ponczi\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart [4573184 2013-05-03] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] "C:\Users\Ponczi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1105408 2013-05-03] (Spotify Ltd)
HKCU\...\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup [55360 2013-04-18] (Raptr, Inc)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CTSyncService] C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe /StartRunKey [1233195 2009-07-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r [241789 2009-05-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4394032 2013-03-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] D:\Kies\Kies\KiesTrayAgent.exe [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks-x32:  - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 95.160.170.92 88.156.222.92 82.139.8.40

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
CHR Extension: (Google Docs) - C:\Users\Ponczi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Ponczi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Ponczi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Ponczi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Ponczi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0
CHR Extension: (Auto Replay for YouTube) - C:\Users\Ponczi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.26_0
CHR Extension: (Gmail) - C:\Users\Ponczi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-02-28] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [282624 2013-02-19] (AVG Technologies CZ, s.r.o.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-03-29] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-02-27] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [239416 2013-02-14] (AVG Technologies CZ, s.r.o.)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S1 SASDIFSV; \??\C:\Users\Ponczi\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASDIFSV.SYS [x]
S1 SASKUTIL; \??\C:\Users\Ponczi\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASKUTIL.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-04 22:20 - 2013-05-04 22:20 - 00000000 ____D C:\FRST
2013-05-04 22:11 - 2013-05-04 22:11 - 00000056 ____A C:\Windows\setupact.log
2013-05-04 22:11 - 2013-05-04 22:11 - 00000000 ____A C:\Windows\setuperr.log
2013-05-02 10:57 - 2013-05-02 10:57 - 00000670 ____A C:\Users\Ponczi\Desktop\Neverwinter.lnk
2013-04-28 14:20 - 2013-04-28 14:20 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\Carbon
2013-04-27 10:33 - 2013-04-27 10:33 - 00000000 ____D C:\Users\Ponczi\Documents\RIFT
2013-04-27 10:01 - 2013-05-04 22:13 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\Raptr
2013-04-27 10:01 - 2013-04-27 10:01 - 00000000 ____D C:\Program Files (x86)\Raptr
2013-04-27 09:57 - 2013-04-27 10:44 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\RIFT
2013-04-27 09:57 - 2013-04-27 09:57 - 00000593 ____A C:\Users\Ponczi\Desktop\RIFT.lnk
2013-04-25 18:01 - 2013-04-30 18:51 - 00000000 ____D C:\Users\Ponczi\Desktop\Originals
2013-04-25 17:45 - 2013-04-25 18:01 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\PhotoScape
2013-04-25 17:44 - 2013-04-25 17:45 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-04-25 17:44 - 2013-04-25 17:44 - 00001035 ____A C:\Users\Ponczi\Desktop\PhotoScape.lnk
2013-04-25 17:43 - 2013-04-25 17:43 - 21322864 ____A (Mooii) C:\Users\Ponczi\Downloads\PhotoScape_V3.6.3(dobreprogramy.pl).exe
2013-04-25 17:41 - 2013-05-04 22:13 - 00000000 ____D C:\Users\Ponczi\AppData\Local\Spotify
2013-04-25 17:41 - 2013-04-25 17:41 - 00001772 ____A C:\Users\Ponczi\Desktop\Spotify.lnk
2013-04-25 17:40 - 2013-05-04 22:13 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\Spotify
2013-04-25 16:07 - 2013-04-26 21:49 - 00000000 ____D C:\Download
2013-04-25 16:06 - 2013-05-01 09:46 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-04-25 16:06 - 2013-04-25 16:06 - 00000000 ____D C:\Users\Ponczi\.swt
2013-04-24 18:09 - 2013-04-24 18:09 - 00000000 ____D C:\Users\Ponczi\Documents\My Games
2013-04-24 17:09 - 2013-04-24 17:10 - 00695296 ____A (AnjoCaido) C:\Users\Ponczi\Documents\MinecraftSP.exe
2013-04-24 17:04 - 2013-05-03 21:42 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\.minecraft
2013-04-24 17:04 - 2013-04-24 17:04 - 00000000 ____D C:\Windows\Sun
2013-04-24 17:04 - 2013-04-24 17:04 - 00000000 ____D C:\ProgramData\Sun
2013-04-24 17:03 - 2013-04-24 17:03 - 00866720 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-04-24 17:03 - 2013-04-24 17:03 - 00788896 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-04-24 17:03 - 2013-04-24 17:03 - 00263584 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-04-24 17:03 - 2013-04-24 17:03 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-04-24 17:03 - 2013-04-24 17:03 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-04-24 17:03 - 2013-04-24 17:03 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-04-24 17:03 - 2013-04-24 17:03 - 00000000 ____D C:\Program Files (x86)\Java
2013-04-24 16:53 - 2013-04-30 18:50 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2013-04-24 16:51 - 2013-05-04 22:19 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\Skype
2013-04-24 16:51 - 2013-04-24 16:51 - 00002517 ____A C:\Users\Public\Desktop\Skype.lnk
2013-04-24 16:51 - 2013-04-24 16:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-04-24 16:51 - 2013-04-24 16:51 - 00000000 ____D C:\ProgramData\Skype
2013-04-14 23:46 - 2013-04-14 23:46 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-04-14 23:46 - 2013-04-14 23:46 - 00000000 ____D C:\Program Files (x86)\MyFree Codec
2013-04-14 23:45 - 2013-02-22 09:16 - 00188232 ____A (MCCI Corporation) C:\Windows\System32\Drivers\ssadmdm.sys
2013-04-14 23:45 - 2013-02-22 09:16 - 00169288 ____A (MCCI Corporation) C:\Windows\System32\Drivers\ssadbus.sys
2013-04-14 23:45 - 2013-02-22 09:16 - 00021320 ____A (MCCI Corporation) C:\Windows\System32\Drivers\ssadmdfl.sys
2013-04-14 23:45 - 2013-02-22 09:16 - 00017736 ____A (MCCI Corporation) C:\Windows\System32\Drivers\ssadwhnt.sys
2013-04-14 23:45 - 2013-02-22 09:16 - 00017736 ____A (MCCI Corporation) C:\Windows\System32\Drivers\ssadwh.sys
2013-04-14 23:45 - 2013-02-22 09:16 - 00017224 ____A (MCCI Corporation) C:\Windows\System32\Drivers\ssadcmnt.sys
2013-04-14 23:45 - 2013-02-22 09:16 - 00017224 ____A (MCCI Corporation) C:\Windows\System32\Drivers\ssadcm.sys
2013-04-14 23:43 - 2013-04-14 23:43 - 00000000 ____D C:\Program Files (x86)\MarkAny
2013-04-14 23:42 - 2013-04-14 23:42 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-04-14 23:42 - 2013-04-14 23:42 - 00000000 ____D C:\Users\Ponczi\Documents\samsung
2013-04-14 23:42 - 2013-04-14 23:42 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\Samsung
2013-04-14 23:42 - 2013-04-14 23:42 - 00000000 ____D C:\Users\Ponczi\AppData\Local\Samsung
2013-04-14 23:41 - 2013-02-05 17:53 - 04659712 ____A (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2013-04-14 23:40 - 2013-04-14 23:41 - 00000000 ____D C:\ProgramData\Samsung
2013-04-14 23:40 - 2013-02-05 17:52 - 00821824 ____A (Devguru Co., Ltd.) C:\Windows\SysWOW64\dgderapi.dll
2013-04-14 23:39 - 2013-04-14 23:39 - 00000000 ____D C:\Users\Ponczi\AppData\Local\Downloaded Installations
2013-04-11 16:14 - 2013-04-11 16:14 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-04-11 12:30 - 2013-04-11 12:57 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\SUPERAntiSpyware.com
2013-04-11 12:30 - 2013-04-11 12:30 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-04-11 11:47 - 2013-05-04 17:55 - 00149625 ____A C:\Windows\WindowsUpdate.log
2013-04-11 11:45 - 2013-04-11 11:45 - 00000000 ____D C:\ProgramData\ATI
2013-04-05 14:40 - 2013-04-05 14:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-04-05 14:40 - 2013-04-05 14:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software

==================== One Month Modified Files and Folders =======

2013-05-04 22:20 - 2013-05-04 22:20 - 00000000 ____D C:\FRST
2013-05-04 22:19 - 2013-04-24 16:51 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\Skype
2013-05-04 22:18 - 2011-04-12 15:21 - 00804658 ____A C:\Windows\System32\perfh015.dat
2013-05-04 22:18 - 2011-04-12 15:21 - 00182098 ____A C:\Windows\System32\perfc015.dat
2013-05-04 22:18 - 2009-07-14 07:13 - 01840230 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-04 22:15 - 2013-04-11 11:47 - 00149625 ____A C:\Windows\WindowsUpdate.log
2013-05-04 22:13 - 2013-04-27 10:01 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\Raptr
2013-05-04 22:13 - 2013-04-25 17:41 - 00000000 ____D C:\Users\Ponczi\AppData\Local\Spotify
2013-05-04 22:13 - 2013-04-25 17:40 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\Spotify
2013-05-04 22:11 - 2013-05-04 22:11 - 00000056 ____A C:\Windows\setupact.log
2013-05-04 22:11 - 2013-05-04 22:11 - 00000000 ____A C:\Windows\setuperr.log
2013-05-04 22:11 - 2013-03-29 20:21 - 00001044 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-04 22:11 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-04 17:36 - 2013-03-29 20:17 - 00000930 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-04 17:32 - 2013-03-29 20:39 - 00000000 ____D C:\ProgramData\MFAData
2013-05-04 17:26 - 2013-03-29 20:21 - 00001048 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-03 21:42 - 2013-04-24 17:04 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\.minecraft
2013-05-02 10:57 - 2013-05-02 10:57 - 00000670 ____A C:\Users\Ponczi\Desktop\Neverwinter.lnk
2013-05-01 23:07 - 2010-11-21 05:24 - 01008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
2013-05-01 23:07 - 2010-11-21 05:24 - 00833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2013-05-01 23:07 - 2010-11-21 05:24 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\systemcpl.dll
2013-05-01 23:07 - 2010-11-21 05:24 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2013-05-01 23:07 - 2010-11-21 05:23 - 00013824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2013-05-01 23:07 - 2009-07-14 06:45 - 00016640 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-01 23:07 - 2009-07-14 06:45 - 00016640 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-01 09:46 - 2013-04-25 16:06 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-04-30 18:51 - 2013-04-25 18:01 - 00000000 ____D C:\Users\Ponczi\Desktop\Originals
2013-04-30 18:50 - 2013-04-24 16:53 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2013-04-30 18:50 - 2013-03-29 20:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-04-28 14:20 - 2013-04-28 14:20 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\Carbon
2013-04-27 10:44 - 2013-04-27 09:57 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\RIFT
2013-04-27 10:33 - 2013-04-27 10:33 - 00000000 ____D C:\Users\Ponczi\Documents\RIFT
2013-04-27 10:01 - 2013-04-27 10:01 - 00000000 ____D C:\Program Files (x86)\Raptr
2013-04-27 09:57 - 2013-04-27 09:57 - 00000593 ____A C:\Users\Ponczi\Desktop\RIFT.lnk
2013-04-27 09:35 - 2013-03-29 20:05 - 00000000 ____D C:\ProgramData\Adobe
2013-04-27 09:31 - 2013-03-29 20:17 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-04-27 09:31 - 2013-03-29 20:17 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-04-26 21:49 - 2013-04-25 16:07 - 00000000 ____D C:\Download
2013-04-25 18:01 - 2013-04-25 17:45 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\PhotoScape
2013-04-25 17:45 - 2013-04-25 17:44 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-04-25 17:44 - 2013-04-25 17:44 - 00001035 ____A C:\Users\Ponczi\Desktop\PhotoScape.lnk
2013-04-25 17:43 - 2013-04-25 17:43 - 21322864 ____A (Mooii) C:\Users\Ponczi\Downloads\PhotoScape_V3.6.3(dobreprogramy.pl).exe
2013-04-25 17:41 - 2013-04-25 17:41 - 00001772 ____A C:\Users\Ponczi\Desktop\Spotify.lnk
2013-04-25 16:06 - 2013-04-25 16:06 - 00000000 ____D C:\Users\Ponczi\.swt
2013-04-25 16:06 - 2013-03-29 18:49 - 00000000 ____D C:\users\Ponczi
2013-04-24 18:09 - 2013-04-24 18:09 - 00000000 ____D C:\Users\Ponczi\Documents\My Games
2013-04-24 17:10 - 2013-04-24 17:09 - 00695296 ____A (AnjoCaido) C:\Users\Ponczi\Documents\MinecraftSP.exe
2013-04-24 17:04 - 2013-04-24 17:04 - 00000000 ____D C:\Windows\Sun
2013-04-24 17:04 - 2013-04-24 17:04 - 00000000 ____D C:\ProgramData\Sun
2013-04-24 17:03 - 2013-04-24 17:03 - 00866720 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-04-24 17:03 - 2013-04-24 17:03 - 00788896 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-04-24 17:03 - 2013-04-24 17:03 - 00263584 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-04-24 17:03 - 2013-04-24 17:03 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-04-24 17:03 - 2013-04-24 17:03 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-04-24 17:03 - 2013-04-24 17:03 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-04-24 17:03 - 2013-04-24 17:03 - 00000000 ____D C:\Program Files (x86)\Java
2013-04-24 16:51 - 2013-04-24 16:51 - 00002517 ____A C:\Users\Public\Desktop\Skype.lnk
2013-04-24 16:51 - 2013-04-24 16:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-04-24 16:51 - 2013-04-24 16:51 - 00000000 ____D C:\ProgramData\Skype
2013-04-20 10:09 - 2013-03-29 23:11 - 00281288 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-04-20 10:09 - 2013-03-29 22:38 - 00281288 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-04-20 10:05 - 2013-03-29 22:38 - 00281288 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-04-14 23:46 - 2013-04-14 23:46 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-04-14 23:46 - 2013-04-14 23:46 - 00000000 ____D C:\Program Files (x86)\MyFree Codec
2013-04-14 23:43 - 2013-04-14 23:43 - 00000000 ____D C:\Program Files (x86)\MarkAny
2013-04-14 23:42 - 2013-04-14 23:42 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-04-14 23:42 - 2013-04-14 23:42 - 00000000 ____D C:\Users\Ponczi\Documents\samsung
2013-04-14 23:42 - 2013-04-14 23:42 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\Samsung
2013-04-14 23:42 - 2013-04-14 23:42 - 00000000 ____D C:\Users\Ponczi\AppData\Local\Samsung
2013-04-14 23:41 - 2013-04-14 23:40 - 00000000 ____D C:\ProgramData\Samsung
2013-04-14 23:39 - 2013-04-14 23:39 - 00000000 ____D C:\Users\Ponczi\AppData\Local\Downloaded Installations
2013-04-13 20:21 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-04-11 16:14 - 2013-04-11 16:14 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-04-11 12:57 - 2013-04-11 12:30 - 00000000 ____D C:\Users\Ponczi\AppData\Roaming\SUPERAntiSpyware.com
2013-04-11 12:30 - 2013-04-11 12:30 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-04-11 11:45 - 2013-04-11 11:45 - 00000000 ____D C:\ProgramData\ATI
2013-04-11 11:41 - 2013-03-30 10:42 - 01812132 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-04-10 15:26 - 2013-03-29 20:22 - 00002183 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-04-08 16:36 - 2013-03-29 20:29 - 00000866 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-04-07 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-04-05 14:40 - 2013-04-05 14:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-04-05 14:40 - 2013-04-05 14:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-04-05 14:40 - 2013-03-29 20:42 - 00000995 ____A C:\Users\Public\Desktop\AVG 2013.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-04-14 20:18

==================== End Of Log ============================