Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by zby (administrator) on ZBY-PC on 20-10-2013 18:46:45
Running from D:\
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: Polish
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Facebook Inc.) C:\Users\zby\AppData\Local\Facebook\Update\FacebookUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Andrea Electronics Corporation) C:\Windows\system32\AEADISRV.EXE
() C:\Program Files\Dokan\DokanLibrary\mounter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\system32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) D:\Hamachi\hamachi-2.exe
(LogMeIn, Inc.) D:\Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Valve Corporation) D:\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352 2006-12-19] (Analog Devices, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [LogMeIn Hamachi Ui] - D:\Hamachi\hamachi-2-ui.exe [2345296 2013-10-12] (LogMeIn Inc.)
HKLM\...\Runonce: [] - [x]
HKCU\...\Run: [Facebook Update] - C:\Users\zby\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-27] (Facebook Inc.)
HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [401272 2013-10-12] (BitTorrent, Inc.)
HKCU\...\Run: [AshSnap] - D:\Ashampoo Snap 5\ashsnap.exe [3400600 2012-08-03] (ashampoo GmbH & Co. KG)
HKCU\...\Run: [DAEMON Tools Lite] - D:\Daemon\DAEMON Tools Lite\DTLite.exe [3672640 2013-07-18] (Disc Soft Ltd)
HKCU\...\Run: [AlcoholAutomount] - D:\Alcohol 120\AxAutoMntSrv.exe [75624 2013-10-12] (Alcohol Soft Development Team)
HKCU\...\Run: [GG] - C:\Users\zby\AppData\Local\GG\Application\gghub.exe [4009024 2013-09-02] (GG Network S.A.)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\Users\zby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_61350312.lnk
ShortcutTarget: _uninst_61350312.lnk -> C:\Users\zby\AppData\Local\temp\_uninst_61350312.bat (No File)
AlternateShell: 

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page Before = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office12\GRA8E1~1.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MI1933~1\Office12\GR99D3~1.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MI1933~1\Office12\GRA8E1~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome: 
=======
CHR Extension: (From Dust) - C:\Users\zby\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj\0.0.0.23_0
CHR Extension: (Battlefield Heroes) - C:\Users\zby\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0
CHR Extension: (Tampermonkey) - C:\Users\zby\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.5.3630.44_0
CHR Extension: (Stylish) - C:\Users\zby\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2_0
CHR Extension: (Itaku Twitch Chat.) - C:\Users\zby\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdnidodmidifoacnnchcckomafiojblb\1.1.1_0
CHR Extension: (Skype Click to Call) - C:\Users\zby\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\zby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Battlefield Play4Free) - C:\Users\zby\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

S2 AxAutoMntSrv; D:\Alcohol 120\AxAutoMntSrv.exe [75624 2013-10-12] (Alcohol Soft Development Team)
R2 DokanMounter; C:\Program Files\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
R2 Hamachi2Svc; D:\Hamachi\hamachi-2.exe [1612112 2013-10-01] (LogMeIn Inc.)
S4 lxcz_device; C:\Windows\system32\lxczcoms.exe [537520 2007-02-08] ( )
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-06-03] ()
S2 RPCER; C:\Program Files\Common Files\ODBC\comp.exe [12801736 2006-03-28] (Microsoft Corporation)
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 StarWindServiceAE; D:\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
S4 UserAccess7; C:\Windows\system32\UAService7.exe [126976 2011-03-05] ()

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R1 AsUpIO; C:\Windows\System32\drivers\AsUpIO.sys [11448 2009-07-06] ()
R2 athsgt; C:\Windows\System32\DRIVERS\athsgt.sys [164992 2011-03-19] ()
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [95744 2011-01-10] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-18] (DT Soft Ltd)
R2 EIO; C:\Windows\system32\drivers\EIO.sys [11264 2006-02-08] (ASUSTeK Computer Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14216 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [8456 2011-07-29] ()
R3 FET5X86V; C:\Windows\System32\DRIVERS\fetnd5bv.sys [45568 2007-01-24] (VIA Technologies, Inc.              )
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc.              )
S1 FmAvMFD; C:\Windows\System32\DRIVERS\fmavmfd.sys [22616 2012-09-14] (FileMedic Sp. z o.o.)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [20712 2012-11-28] (REALiX(tm))
R2 hwpsgt; C:\Windows\System32\DRIVERS\hwpsgt.sys [137344 2010-12-29] ()
R2 lemsgt; C:\Windows\System32\DRIVERS\lemsgt.sys [9472 2010-12-29] ()
R2 limsgt; C:\Windows\System32\DRIVERS\limsgt.sys [12544 2011-03-19] ()
S3 MCfilt; C:\Windows\System32\drivers\MCfilt32.sys [17920 2010-07-03] (Creative Technology Ltd.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PAC7311; C:\Windows\System32\DRIVERS\PA707UCM.SYS [530304 2006-11-08] (PixArt Imaging Inc.)
S3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10502784 2010-08-10] (Sonix Co. Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-07-25] (Duplex Secure Ltd.)
S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [104448 2010-04-27] (MCCI Corporation)
S3 ssm_mdfl; C:\Windows\System32\DRIVERS\ssm_mdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ssm_mdm; C:\Windows\System32\DRIVERS\ssm_mdm.sys [132608 2010-04-27] (MCCI Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R1 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5632 2006-07-24] ()
U3 amqelxd0; C:\Windows\System32\Drivers\amqelxd0.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 taphss6; system32\DRIVERS\taphss6.sys [x]
U5 UnlockerDriver5; D:\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()
U3 uwldypow; \??\C:\Users\zby\AppData\Local\Temp\uwldypow.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-19 14:19 - 2013-10-19 14:19 - 00001859 _____ C:\Users\zby\Desktop\UsbFix Faire un Don.lnk
2013-10-19 13:56 - 2013-10-19 13:56 - 00000000 ___DC C:\FRST
2013-10-19 13:54 - 2013-10-19 14:22 - 00008300 ____C C:\UsbFix [Scan 1] ZBY-PC.txt
2013-10-19 13:33 - 2013-10-19 13:33 - 00000302 _____ C:\Windows\PFRO.log
2013-10-18 23:39 - 2013-10-18 23:39 - 00000368 _____ C:\Windows\Tasks\{B1FBC455-7764-49CB-8AF1-58B5FFFED121}.job
2013-10-18 23:39 - 2013-10-18 23:39 - 00000368 _____ C:\Windows\Tasks\{8C9208A0-977D-4379-B4BD-E1559ED51E0E}.job
2013-10-18 23:39 - 2013-10-18 23:39 - 00000368 _____ C:\Windows\Tasks\{1345F37E-44DF-48C7-B547-63933041E0EF}.job
2013-10-11 20:41 - 2013-10-11 20:41 - 00000934 _____ C:\Users\zby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
2013-10-11 20:41 - 2013-10-11 20:41 - 00000926 _____ C:\Users\zby\Desktop\GG.lnk
2013-10-09 17:17 - 2013-10-12 10:04 - 00025316 _RSHC C:\sury.pif
2013-10-08 20:50 - 2013-10-08 20:50 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec457504a0470.job
2013-10-06 07:04 - 2013-10-06 07:04 - 00000201 _____ C:\Users\zby\Desktop\Magicka.url
2013-10-05 20:16 - 2013-10-05 20:16 - 00000000 ____D C:\Users\zby\AppData\Local\NeoSmart_Technologies
2013-10-05 20:15 - 2013-10-05 20:15 - 00000370 ____H C:\Windows\Tasks\User_Feed_Synchronization-{36E3C813-E304-4588-9CCD-B3E7A02E554E}.job
2013-10-04 15:43 - 2013-10-04 15:43 - 00000000 ____D C:\Users\zby\AppData\Local\LogMeIn
2013-10-04 15:43 - 2013-10-04 15:43 - 00000000 ____D C:\ProgramData\LogMeIn
2013-09-29 16:10 - 2013-09-29 16:10 - 00000537 _____ C:\Users\zby\Desktop\samp — skrót.lnk
2013-09-29 16:09 - 2013-09-29 16:09 - 00000000 ____D C:\Users\zby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2013-09-29 16:07 - 2013-09-29 16:07 - 00000523 _____ C:\Users\zby\Desktop\GTA San Andreas.lnk
2013-09-23 16:21 - 2013-09-23 16:21 - 00000004 _____ C:\Windows\system32\wnsm2i.rdb
2013-09-20 21:26 - 2013-09-24 15:42 - 00000000 ____D C:\ProgramData\Codemasters
2013-09-20 21:22 - 2013-09-20 21:22 - 00000000 ____D C:\Program Files\BRS
2013-09-20 21:22 - 2010-07-28 19:10 - 01380352 _____ (Blue Ripple Sound Limited) C:\Windows\system32\rapture3d_oal.dll
2013-09-20 21:22 - 2010-03-01 20:51 - 17686528 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\system32\mkl_blueripple.dll

==================== One Month Modified Files and Folders =======

2013-10-20 18:44 - 2010-04-03 15:32 - 00000000 ____D C:\Users\zby\AppData\Roaming\Skype
2013-10-20 18:21 - 2006-11-02 14:45 - 00003776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-20 18:21 - 2006-11-02 14:45 - 00003776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-20 17:36 - 2013-02-24 15:04 - 00000000 ____D C:\Users\zby\AppData\Roaming\TS3Client
2013-10-20 00:07 - 2013-07-23 13:19 - 00033300 ____C C:\lxcz.log
2013-10-19 22:54 - 2013-03-13 15:35 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-10-19 14:22 - 2013-10-19 13:54 - 00008300 ____C C:\UsbFix [Scan 1] ZBY-PC.txt
2013-10-19 14:19 - 2013-10-19 14:19 - 00001859 _____ C:\Users\zby\Desktop\UsbFix Faire un Don.lnk
2013-10-19 14:19 - 2013-07-20 10:58 - 00000000 ___DC C:\UsbFix
2013-10-19 13:56 - 2013-10-19 13:56 - 00000000 ___DC C:\FRST
2013-10-19 13:55 - 2011-06-07 16:36 - 01657562 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-19 13:55 - 2006-12-05 07:19 - 00729444 _____ C:\Windows\system32\perfh015.dat
2013-10-19 13:55 - 2006-12-05 07:19 - 00158764 _____ C:\Windows\system32\perfc015.dat
2013-10-19 13:39 - 2013-07-15 15:07 - 00134335 _____ C:\Windows\WindowsUpdate.log
2013-10-19 13:35 - 2013-07-10 08:38 - 00000000 ____D C:\Users\zby\AppData\Local\LogMeIn Hamachi
2013-10-19 13:35 - 2012-08-28 16:45 - 00000000 ____D C:\Users\zby\AppData\Roaming\GG
2013-10-19 13:34 - 2010-04-27 15:15 - 00000000 ____D C:\Users\zby\AppData\Roaming\uTorrent
2013-10-19 13:33 - 2013-10-19 13:33 - 00000302 _____ C:\Windows\PFRO.log
2013-10-19 13:29 - 2006-11-02 12:23 - 00000229 ____C C:\Windows\system.ini
2013-10-19 00:07 - 2013-03-27 08:08 - 00000000 ____D C:\Users\zby\AppData\Local\CrashDumps
2013-10-18 23:39 - 2013-10-18 23:39 - 00000368 _____ C:\Windows\Tasks\{B1FBC455-7764-49CB-8AF1-58B5FFFED121}.job
2013-10-18 23:39 - 2013-10-18 23:39 - 00000368 _____ C:\Windows\Tasks\{8C9208A0-977D-4379-B4BD-E1559ED51E0E}.job
2013-10-18 23:39 - 2013-10-18 23:39 - 00000368 _____ C:\Windows\Tasks\{1345F37E-44DF-48C7-B547-63933041E0EF}.job
2013-10-18 23:39 - 2012-02-27 20:59 - 00002339 _____ C:\Users\Public\Desktop\Skype.lnk
2013-10-18 23:39 - 2010-04-03 15:32 - 00000000 ____D C:\ProgramData\Skype
2013-10-18 19:47 - 2013-02-15 21:42 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-14 13:44 - 2012-08-25 21:52 - 00000000 ____D C:\Users\zby\AppData\Roaming\Winamp
2013-10-12 10:10 - 2013-07-25 05:34 - 10344000 _____ (Alcohol Soft Development Team) C:\Users\zby\Downloads\Alcohol120_trial_2.0.2.4713(dobreprogramy.pl).exe
2013-10-12 10:10 - 2013-02-24 10:10 - 01338984 _____ (Skype Technologies S.A.) C:\Users\zby\Documents\SkypeSetup.exe
2013-10-12 10:04 - 2013-10-09 17:17 - 00025316 _RSHC C:\sury.pif
2013-10-12 09:36 - 2012-11-27 22:52 - 00000000 ____D C:\ProgramData\FileMedic
2013-10-12 09:28 - 2010-11-30 15:44 - 00000000 ____D C:\Users\zby\AppData\Roaming\DAEMON Tools Lite
2013-10-12 09:28 - 2010-04-09 07:58 - 00000000 ____D C:\Users\zby\AppData\Roaming\Media Player Classic
2013-10-11 20:42 - 2012-09-01 17:50 - 00001485 _____ C:\Users\zby\Desktop\GG dysk (8733887).lnk
2013-10-11 20:42 - 2012-08-28 16:50 - 00001415 _____ C:\Users\zby\Desktop\GG dysk.lnk
2013-10-11 20:41 - 2013-10-11 20:41 - 00000934 _____ C:\Users\zby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
2013-10-11 20:41 - 2013-10-11 20:41 - 00000926 _____ C:\Users\zby\Desktop\GG.lnk
2013-10-11 20:41 - 2012-08-28 16:45 - 00000000 ____D C:\Users\zby\AppData\Local\GG
2013-10-11 18:16 - 2012-09-01 12:09 - 00000000 ____D C:\Users\zby\Documents\My Games
2013-10-11 18:12 - 2012-11-28 16:22 - 00000000 ____D C:\ProgramData\KSPlus
2013-10-09 17:17 - 2010-04-02 21:56 - 00000000 ____D C:\Users\zby
2013-10-08 20:50 - 2013-10-08 20:50 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec457504a0470.job
2013-10-06 07:04 - 2013-10-06 07:04 - 00000201 _____ C:\Users\zby\Desktop\Magicka.url
2013-10-05 20:16 - 2013-10-05 20:16 - 00000000 ____D C:\Users\zby\AppData\Local\NeoSmart_Technologies
2013-10-05 20:15 - 2013-10-05 20:15 - 00000370 ____H C:\Windows\Tasks\User_Feed_Synchronization-{36E3C813-E304-4588-9CCD-B3E7A02E554E}.job
2013-10-04 15:43 - 2013-10-04 15:43 - 00000000 ____D C:\Users\zby\AppData\Local\LogMeIn
2013-10-04 15:43 - 2013-10-04 15:43 - 00000000 ____D C:\ProgramData\LogMeIn
2013-09-29 16:10 - 2013-09-29 16:10 - 00000537 _____ C:\Users\zby\Desktop\samp — skrót.lnk
2013-09-29 16:09 - 2013-09-29 16:09 - 00000000 ____D C:\Users\zby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2013-09-29 16:09 - 2013-06-02 08:41 - 00000000 ____D C:\Users\zby\Documents\GTA San Andreas User Files
2013-09-29 16:07 - 2013-09-29 16:07 - 00000523 _____ C:\Users\zby\Desktop\GTA San Andreas.lnk
2013-09-29 16:07 - 2013-01-03 16:25 - 00000523 _____ C:\Users\UpdatusUser\Desktop\GTA San Andreas.lnk
2013-09-26 09:49 - 2010-04-05 19:32 - 00175616 _____ C:\Users\zby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-24 15:42 - 2013-09-20 21:26 - 00000000 ____D C:\ProgramData\Codemasters
2013-09-23 16:21 - 2013-09-23 16:21 - 00000004 _____ C:\Windows\system32\wnsm2i.rdb
2013-09-23 16:18 - 2010-04-04 20:15 - 00000000 ____D C:\Users\zby\AppData\Roaming\ipla
2013-09-20 21:22 - 2013-09-20 21:22 - 00000000 ____D C:\Program Files\BRS
2013-09-20 21:22 - 2011-06-30 09:07 - 00445016 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2013-09-20 21:22 - 2011-06-30 09:07 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-09-20 21:22 - 2011-06-30 09:07 - 00000000 ____D C:\Program Files\OpenAL

Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Windows\Tasks\{1345F37E-44DF-48C7-B547-63933041E0EF}.job
C:\Windows\Tasks\{8C9208A0-977D-4379-B4BD-E1559ED51E0E}.job
C:\Windows\Tasks\{B1FBC455-7764-49CB-8AF1-58B5FFFED121}.job


Some content of TEMP:
====================
C:\Users\zby\AppData\Local\temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-19 13:41

==================== End Of Log ============================