Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2013 01
Ran by Przemek (administrator) on PRZEMEK-PC on 13-12-2013 08:56:10
Running from C:\Users\Przemek\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(H+H Software GmbH) C:\Program Files\Phantom Drive\VBurnSecs64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(H+H Software GmbH) C:\Program Files\Phantom Drive\vbtray64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
() C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1860496 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [VBTray] - C:\Program Files\Phantom Drive\vbtray64.exe [1064280 2010-12-07] (H+H Software GmbH)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1734848 2013-11-28] (Bitdefender)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [7074088 2013-10-23] (O&O Software GmbH)
HKLM\...\Run: [Usługa Seagate Scheduler2] - C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [395792 2011-06-30] (Seagate)
HKCU\...\Run: [Google Update] - C:\Users\Przemek\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-09] (Google Inc.)
HKCU\...\Run: [Bitdefender Wallet Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [560648 2013-11-28] (Bitdefender)
HKCU\...\Run: [Bitdefender Wallet Application Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [612696 2013-11-28] (Bitdefender)
HKCU\...\Run: [CyberGhost] - C:\Program Files\CyberGhost 5\CyberGhost.exe [344552 2013-10-08] (CyberGhost S.R.L.)
HKCU\...\Run: [Kryptel Shredder] - C:\Program Files (x86)\Silver Key\Shredder.exe [292368 2013-09-23] (Inv Softworks LLC)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0xFF000000
HKCU\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DiscWizardMonitor.exe] - C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe [2671248 2011-06-30] ()
IFEO\taskmgr.exe: [Debugger] "C:\PROGRAMY\PROCEXP.EXE"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
BHO-x32: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\q25gd0md.default-1372251732014
FF Homepage: hxxp://www.fixitpc.pl/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Przemek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Przemek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wolnelektury-pl.xml
FF Extension: Flagfox - C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\q25gd0md.default-1372251732014\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: WOT - C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\q25gd0md.default-1372251732014\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: noscript - C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\q25gd0md.default-1372251732014\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: googtrans - C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\q25gd0md.default-1372251732014\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi
FF Extension: Adblock Plus - C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\q25gd0md.default-1372251732014\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: bprivacyprefs - C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\q25gd0md.default-1372251732014\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext

Chrome: 
=======
CHR HomePage: hxxp://www.fixitpc.pl/
CHR RestoreOnStartup: "hxxp://www.fixitpc.pl/"
CHR DefaultSearchKeyword: google.pl
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Przemek\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Przemek\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Przemek\AppData\Local\Google\Chrome\Application\31.0.1650.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U4) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.40.20) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Panda ActiveScan 2.0) - C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll No File
CHR Plugin: (Google Update) - C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Extension: (WOT) - C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.0.18_0
CHR Extension: (YouTube) - C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Bitdefender Wallet) - C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.23.0_0
CHR Extension: (Adblock Plus) - C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Google Search) - C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx

==================== Services (Whitelisted) =================

S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-28] (Bitdefender)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [26600 2013-10-08] (CyberGhost S.R.L)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [11776 2010-07-05] ()
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2572072 2013-10-23] (O&O Software GmbH)
S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [292736 2013-01-17] (Puran Software)
R2 Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2009-07-10] (Realtek)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-16] (Bitdefender)
R2 VBurnSecs; C:\Program Files\Phantom Drive\VBurnSecs64.exe [397144 2010-12-07] (H+H Software GmbH)
R2 vsserv; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1507248 2013-11-28] (Bitdefender)

==================== Drivers (Whitelisted) ====================

S3 adiusbaw; C:\Windows\System32\DRIVERS\adiusbawx64.sys [169496 2007-02-07] (Analog Devices Inc.)
S3 adiusbaw; C:\Windows\SysWow64\DRIVERS\adiusbawx64.sys [169496 2007-02-07] (Analog Devices Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] ()
S3 ampa; C:\Windows\SysWow64\ampa.sys [17008 2013-11-29] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-08-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-08-02] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-09-26] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-28] (BitDefender SRL)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [106888 2010-07-06] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-14] (DT Soft Ltd)
S2 ELOADER; C:\Windows\System32\Drivers\adildrx64.sys [58264 2007-02-07] (Analog Deivces)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWow64\epmntdrv.sys [14920 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWow64\EuGdiDrv.sys [9160 2013-03-07] ()
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [55960 2012-06-02] ()
R1 GSVDRIVE; C:\Windows\System32\DRIVERS\GSVDRIVE.sys [30816 2012-11-15] (GiliSoft International LLC.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-09-26] (BitDefender LLC)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37456 2012-02-02] (Paragon Software Group)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2013-10-29] (Highresolution Enterprises [www.highrez.co.uk])
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-02] (Logitech Inc.)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2012-11-16] (CACE Technologies, Inc.)
R2 SCDEmu; C:\Windows\SysWOW64\drivers\scdemu.sys [125376 2012-02-09] (Power Software Ltd)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [99392 2010-11-14] (Ray Hinchliffe)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola)
S4 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-09-26] (BitDefender S.R.L.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2012-10-31] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633552 2012-10-31] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390224 2012-10-31] (Paragon)
R1 usedisk; C:\Windows\System32\DRIVERS\usedisk.sys [29208 2013-10-13] (Gili Soft INC.)
R1 vburn1000; C:\Windows\System32\DRIVERS\vburn1000.sys [221720 2012-06-24] (H+H Software GmbH)
R3 vburnbus; C:\Windows\System32\DRIVERS\vburnbus.sys [40464 2012-06-24] (H+H Software GmbH)
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2013-12-09] (Acronis)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [223744 2013-03-19] (VIA Technologies, Inc.)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-11-28] (WinISO.com)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [301256 2013-01-03] (VIA Technologies, Inc.)
U3 usbaudio; 
U3 UsbScan; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-13 08:56 - 2013-12-13 08:56 - 00019033 _____ C:\Users\Przemek\Desktop\FRST.txt
2013-12-13 08:55 - 2013-12-13 08:55 - 00000000 ____D C:\FRST
2013-12-13 08:53 - 2013-12-13 08:53 - 00602112 _____ (OldTimer Tools) C:\Users\Przemek\Desktop\OTL.exe
2013-12-13 08:52 - 2013-12-13 08:52 - 01927462 _____ (Farbar) C:\Users\Przemek\Desktop\FRST64.exe
2013-12-13 08:20 - 2009-07-21 10:56 - 00094208 _____ C:\Users\Przemek\Desktop\Unassoc.exe
2013-12-13 00:43 - 2013-12-13 08:45 - 00000224 _____ C:\Windows\setupact.log
2013-12-13 00:43 - 2013-12-13 00:43 - 00000000 _____ C:\Windows\setuperr.log
2013-12-12 17:49 - 2013-12-12 17:49 - 00000000 ____D C:\Program Files\A-FF Find and Mount
2013-12-12 11:37 - 2013-12-12 22:30 - 00001024 ____H C:\AMTAG.BIN
2013-12-12 11:36 - 2013-12-12 22:30 - 00000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Pro Edition 5.5
2013-12-12 11:36 - 2013-12-12 11:36 - 00001282 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant Pro Edition 5.5.lnk
2013-12-12 11:36 - 2013-11-29 20:42 - 01806960 _____ C:\Windows\ampa.exe
2013-12-12 11:36 - 2013-11-29 10:31 - 00017008 _____ C:\Windows\SysWOW64\ampa.sys
2013-12-12 11:36 - 2013-11-29 10:31 - 00017008 _____ C:\Windows\system32\ampa.sys
2013-12-12 11:29 - 2013-12-12 11:31 - 00000000 ____D C:\Program Files (x86)\Data Recovery Professional
2013-12-12 11:29 - 2013-12-12 11:29 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery Professional
2013-12-11 12:45 - 2013-12-11 12:45 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO
2013-12-11 06:59 - 2013-12-13 08:48 - 00071558 _____ C:\Windows\WindowsUpdate.log
2013-12-10 19:51 - 2013-12-10 19:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-10 19:40 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-10 19:40 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-10 19:40 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-10 19:40 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-10 19:39 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-10 19:39 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-10 19:39 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-10 19:39 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-10 19:39 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-10 19:39 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-10 19:39 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-10 19:39 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-10 19:39 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-10 19:39 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 19:38 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-10 19:38 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-10 19:38 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-10 19:38 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-10 19:38 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-10 19:38 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-10 19:38 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-10 19:38 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-10 13:36 - 2013-12-10 13:37 - 25647320 _____ (Microsoft Corporation) C:\Windows-KB890830-x64-V5.7.exe
2013-12-10 12:23 - 2013-12-10 12:23 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-12-09 23:54 - 2013-12-09 23:54 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-09 23:53 - 2013-12-10 00:03 - 00000000 ____D C:\Users\Przemek\Desktop\mbar
2013-12-09 23:53 - 2013-12-09 23:53 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-09 20:56 - 2013-12-09 21:21 - 00000000 ____D C:\ProgramData\Seagate
2013-12-09 20:56 - 2013-12-09 20:56 - 00001279 _____ C:\Users\Przemek\Desktop\Seagate DiscWizard.lnk
2013-12-09 20:55 - 2013-12-09 20:56 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\5B0D79E3-8A7E-4026-B700-D79196136B02
2013-12-09 20:55 - 2013-12-09 20:55 - 00275552 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2013-12-09 20:55 - 2013-12-09 20:55 - 00141920 _____ (Acronis) C:\Windows\system32\Drivers\vsflt53.sys
2013-12-09 20:55 - 2013-12-09 20:55 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Seagate
2013-12-09 20:55 - 2013-12-09 20:55 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\3024D19A-6F4C-4415-ABE3-79992CBD70E1
2013-12-09 20:55 - 2013-12-09 20:55 - 00000000 ____D C:\Program Files (x86)\Seagate
2013-12-09 20:01 - 2013-12-09 20:01 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Seagate
2013-12-09 20:00 - 2013-12-09 20:00 - 00210016 _____ (Acronis) C:\Windows\system32\Drivers\vididr.sys
2013-12-09 20:00 - 2013-12-09 20:00 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\51157208-EFAB-41C5-92E8-D952AE36F0A3
2013-12-05 14:53 - 2013-12-05 14:53 - 00000000 ____D C:\Program Files (x86)\Dokan
2013-12-05 12:34 - 2013-12-05 12:34 - 00000000 ____D C:\Users\Przemek\AppData\Local\Inv Softworks
2013-12-05 12:32 - 2013-12-05 12:32 - 00001145 _____ C:\Users\Przemek\Desktop\Silver Key.lnk
2013-12-05 12:32 - 2013-12-05 12:32 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Silver Key
2013-12-05 12:32 - 2013-12-05 12:32 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Inv Softworks
2013-12-05 12:32 - 2013-12-05 12:32 - 00000000 ____D C:\Program Files (x86)\Silver Key
2013-12-05 02:02 - 2013-12-05 02:02 - 00001355 _____ C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk
2013-12-05 02:02 - 2013-10-09 15:34 - 03381832 _____ C:\Windows\system32\BootMan.exe
2013-12-05 02:02 - 2013-10-09 15:24 - 02499656 _____ C:\Windows\SysWOW64\BootMan.exe
2013-12-05 02:02 - 2013-03-07 09:49 - 00100936 _____ C:\Windows\system32\setupempdrvx64.exe
2013-12-05 02:02 - 2013-03-07 09:49 - 00087112 _____ C:\Windows\SysWOW64\setupempdrv03.exe
2013-12-05 02:02 - 2013-03-07 09:49 - 00019840 _____ C:\Windows\SysWOW64\EuEpmGdi.dll
2013-12-05 02:02 - 2013-03-07 09:49 - 00017480 _____ C:\Windows\system32\epmntdrv.sys
2013-12-05 02:02 - 2013-03-07 09:49 - 00016256 _____ C:\Windows\system32\EuEpmGdi.dll
2013-12-05 02:02 - 2013-03-07 09:49 - 00014920 _____ C:\Windows\SysWOW64\epmntdrv.sys
2013-12-05 02:02 - 2013-03-07 09:49 - 00009800 _____ C:\Windows\system32\EuGdiDrv.sys
2013-12-05 02:02 - 2013-03-07 09:49 - 00009160 _____ C:\Windows\SysWOW64\EuGdiDrv.sys
2013-12-04 10:21 - 2013-12-04 10:21 - 00000000 ____D C:\Users\Przemek\AppData\Local\ShamurShamur
2013-12-03 09:09 - 2013-12-03 09:10 - 00000000 ____D C:\Program Files (x86)\iCare Data Recovery
2013-12-03 09:09 - 2013-12-03 09:09 - 00001128 _____ C:\Users\Public\Desktop\iCare data Recovery Software.lnk
2013-12-02 15:40 - 2013-12-02 15:52 - 00000000 ____D C:\Users\Przemek\AppData\Local\CyberGhost
2013-12-02 15:39 - 2013-12-02 15:40 - 00000000 ____D C:\Program Files\TAP-Windows
2013-12-02 15:39 - 2013-12-02 15:40 - 00000000 ____D C:\Program Files\CyberGhost 5
2013-12-02 15:39 - 2013-12-02 15:39 - 00001734 _____ C:\Users\Przemek\Desktop\CyberGhost 5.lnk
2013-12-02 14:08 - 2013-12-09 09:08 - 00000000 ____D C:\Users\Przemek\Desktop\od_NirSofer
2013-12-02 00:48 - 2013-12-02 00:48 - 00001242 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 7.0.lnk
2013-11-30 22:04 - 2013-11-30 22:04 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Yandex
2013-11-30 22:04 - 2013-11-30 22:04 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex
2013-11-30 22:04 - 2013-11-30 22:04 - 00000000 ____D C:\Users\Przemek\AppData\Local\Yandex
2013-11-28 23:30 - 2013-11-05 19:47 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-11-28 23:30 - 2013-11-05 18:54 - 38385664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-11-28 23:30 - 2013-11-05 15:48 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-11-28 23:30 - 2013-11-04 19:26 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-11-28 23:30 - 2013-11-04 11:11 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-11-28 23:30 - 2013-10-30 16:31 - 00929080 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2013-11-28 23:30 - 2013-10-28 17:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-11-28 23:30 - 2013-10-25 10:49 - 05751576 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2013-11-28 23:30 - 2013-10-09 20:13 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-11-28 23:30 - 2013-10-09 20:13 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-11-28 23:30 - 2013-10-09 20:13 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2013-11-28 23:30 - 2013-10-09 20:12 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-11-28 23:30 - 2013-10-09 20:12 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-11-28 23:30 - 2013-10-09 20:12 - 03714304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2013-11-28 23:30 - 2013-10-09 20:12 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-11-28 23:30 - 2013-10-09 20:12 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-11-28 23:30 - 2013-10-09 20:12 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-11-28 23:11 - 2013-08-27 07:08 - 00883928 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys
2013-11-28 23:11 - 2013-08-27 07:08 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-11-28 22:39 - 2013-11-28 22:40 - 00006501 _____ C:\Windows\system32\oodbs.lor
2013-11-28 16:56 - 2013-11-28 16:37 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2013-11-28 16:41 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-28 16:41 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-28 16:41 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-28 16:41 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-28 16:41 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-28 16:41 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-28 16:41 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-28 16:41 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-28 16:41 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-28 16:41 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-28 16:41 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-28 16:41 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-28 16:41 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-28 16:41 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-28 16:41 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-28 16:41 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-28 16:41 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-28 16:40 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-28 16:40 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-28 16:40 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-28 16:40 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-28 16:40 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-28 16:40 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-28 16:40 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-28 16:40 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-28 16:40 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-28 16:40 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-28 16:40 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-28 16:40 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-28 16:40 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-28 16:37 - 2013-11-28 16:37 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2013-11-28 16:37 - 2013-11-28 16:37 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2013-11-28 16:37 - 2013-11-28 16:37 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2013-11-28 16:36 - 2013-11-28 16:36 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll

==================== One Month Modified Files and Folders =======

2013-12-13 08:56 - 2013-12-13 08:56 - 00019033 _____ C:\Users\Przemek\Desktop\FRST.txt
2013-12-13 08:55 - 2013-12-13 08:55 - 00000000 ____D C:\FRST
2013-12-13 08:53 - 2013-12-13 08:53 - 00602112 _____ (OldTimer Tools) C:\Users\Przemek\Desktop\OTL.exe
2013-12-13 08:52 - 2013-12-13 08:52 - 01927462 _____ (Farbar) C:\Users\Przemek\Desktop\FRST64.exe
2013-12-13 08:52 - 2009-07-14 05:45 - 00022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-13 08:52 - 2009-07-14 05:45 - 00022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-13 08:51 - 2013-04-25 17:02 - 00001050 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-13 08:51 - 2013-04-25 17:02 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-13 08:50 - 2009-07-14 18:55 - 00740890 _____ C:\Windows\system32\perfh015.dat
2013-12-13 08:50 - 2009-07-14 18:55 - 00156206 _____ C:\Windows\system32\perfc015.dat
2013-12-13 08:50 - 2009-07-14 06:13 - 01672142 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-13 08:49 - 2012-10-31 08:17 - 00000000 ____D C:\Users\Przemek\Desktop\TEXT
2013-12-13 08:48 - 2013-12-11 06:59 - 00071558 _____ C:\Windows\WindowsUpdate.log
2013-12-13 08:45 - 2013-12-13 00:43 - 00000224 _____ C:\Windows\setupact.log
2013-12-13 08:45 - 2013-06-26 15:16 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-13 08:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-13 08:31 - 2011-06-27 10:55 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1487543532-575357134-2409244344-1000UA.job
2013-12-13 07:52 - 2013-04-25 17:02 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-13 00:43 - 2013-12-13 00:43 - 00000000 _____ C:\Windows\setuperr.log
2013-12-12 23:34 - 2013-04-02 09:27 - 00000000 ____D C:\TWEAKING_com
2013-12-12 23:33 - 2012-03-26 17:47 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-12-12 23:26 - 2011-11-20 00:09 - 00000000 ____D C:\Users\Przemek\Desktop\skroty programow
2013-12-12 22:30 - 2013-12-12 11:37 - 00001024 ____H C:\AMTAG.BIN
2013-12-12 22:30 - 2013-12-12 11:36 - 00000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Pro Edition 5.5
2013-12-12 17:49 - 2013-12-12 17:49 - 00000000 ____D C:\Program Files\A-FF Find and Mount
2013-12-12 11:36 - 2013-12-12 11:36 - 00001282 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant Pro Edition 5.5.lnk
2013-12-12 11:31 - 2013-12-12 11:29 - 00000000 ____D C:\Program Files (x86)\Data Recovery Professional
2013-12-12 11:31 - 2011-06-27 10:55 - 00001014 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1487543532-575357134-2409244344-1000Core.job
2013-12-12 11:29 - 2013-12-12 11:29 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery Professional
2013-12-11 23:17 - 2012-12-04 07:10 - 00000000 ____D C:\Users\Przemek\Desktop\SMAILIKI_koty
2013-12-11 20:58 - 2011-07-01 19:29 - 00000000 ____D C:\PROGRAMY
2013-12-11 12:45 - 2013-12-11 12:45 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO
2013-12-11 12:45 - 2012-02-29 10:00 - 00001256 _____ C:\Users\Przemek\Desktop\WinISO.lnk
2013-12-11 06:57 - 2012-04-23 07:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-10 19:51 - 2013-12-10 19:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-10 13:37 - 2013-12-10 13:36 - 25647320 _____ (Microsoft Corporation) C:\Windows-KB890830-x64-V5.7.exe
2013-12-10 13:28 - 2013-02-07 22:50 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 13:28 - 2013-02-07 22:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 12:23 - 2013-12-10 12:23 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-12-10 12:23 - 2011-06-03 19:04 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-12-10 12:17 - 2013-06-11 14:46 - 00000000 ____D C:\Users\Przemek\AppData\Local\Adobe
2013-12-10 12:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-10 00:03 - 2013-12-09 23:53 - 00000000 ____D C:\Users\Przemek\Desktop\mbar
2013-12-10 00:03 - 2013-08-09 23:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-09 23:54 - 2013-12-09 23:54 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-09 23:53 - 2013-12-09 23:53 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-09 21:21 - 2013-12-09 20:56 - 00000000 ____D C:\ProgramData\Seagate
2013-12-09 20:56 - 2013-12-09 20:56 - 00001279 _____ C:\Users\Przemek\Desktop\Seagate DiscWizard.lnk
2013-12-09 20:56 - 2013-12-09 20:55 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\5B0D79E3-8A7E-4026-B700-D79196136B02
2013-12-09 20:55 - 2013-12-09 20:55 - 00275552 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2013-12-09 20:55 - 2013-12-09 20:55 - 00141920 _____ (Acronis) C:\Windows\system32\Drivers\vsflt53.sys
2013-12-09 20:55 - 2013-12-09 20:55 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Seagate
2013-12-09 20:55 - 2013-12-09 20:55 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\3024D19A-6F4C-4415-ABE3-79992CBD70E1
2013-12-09 20:55 - 2013-12-09 20:55 - 00000000 ____D C:\Program Files (x86)\Seagate
2013-12-09 20:01 - 2013-12-09 20:01 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Seagate
2013-12-09 20:00 - 2013-12-09 20:00 - 00210016 _____ (Acronis) C:\Windows\system32\Drivers\vididr.sys
2013-12-09 20:00 - 2013-12-09 20:00 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\51157208-EFAB-41C5-92E8-D952AE36F0A3
2013-12-09 09:08 - 2013-12-02 14:08 - 00000000 ____D C:\Users\Przemek\Desktop\od_NirSofer
2013-12-09 08:46 - 2013-04-25 17:02 - 00004046 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-09 08:46 - 2013-04-25 17:02 - 00003794 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-07 11:10 - 2011-07-01 13:40 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Mozilla
2013-12-06 15:02 - 2012-01-01 08:07 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\AIMP3
2013-12-06 02:33 - 2012-02-16 16:53 - 00002344 _____ C:\Users\Przemek\Desktop\Google Chrome.lnk
2013-12-05 22:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-12-05 14:53 - 2013-12-05 14:53 - 00000000 ____D C:\Program Files (x86)\Dokan
2013-12-05 12:34 - 2013-12-05 12:34 - 00000000 ____D C:\Users\Przemek\AppData\Local\Inv Softworks
2013-12-05 12:32 - 2013-12-05 12:32 - 00001145 _____ C:\Users\Przemek\Desktop\Silver Key.lnk
2013-12-05 12:32 - 2013-12-05 12:32 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Silver Key
2013-12-05 12:32 - 2013-12-05 12:32 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Inv Softworks
2013-12-05 12:32 - 2013-12-05 12:32 - 00000000 ____D C:\Program Files (x86)\Silver Key
2013-12-05 11:26 - 2011-06-27 10:55 - 00004040 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1487543532-575357134-2409244344-1000UA
2013-12-05 11:26 - 2011-06-27 10:55 - 00003644 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1487543532-575357134-2409244344-1000Core
2013-12-05 02:02 - 2013-12-05 02:02 - 00001355 _____ C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk
2013-12-05 02:02 - 2012-12-30 20:09 - 00000000 ____D C:\Program Files (x86)\EaseUS
2013-12-04 17:02 - 2013-05-10 12:57 - 00001130 ____H C:\Windows\EPMBatch.ept
2013-12-04 11:03 - 2012-08-23 09:24 - 00000000 ____D C:\Program Files (x86)\iCare Card Recovery Pro
2013-12-04 10:21 - 2013-12-04 10:21 - 00000000 ____D C:\Users\Przemek\AppData\Local\ShamurShamur
2013-12-04 01:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-03 09:52 - 2012-03-14 14:04 - 00000266 __RSH C:\ProgramData\ntuser.pol
2013-12-03 09:10 - 2013-12-03 09:09 - 00000000 ____D C:\Program Files (x86)\iCare Data Recovery
2013-12-03 09:09 - 2013-12-03 09:09 - 00001128 _____ C:\Users\Public\Desktop\iCare data Recovery Software.lnk
2013-12-02 15:52 - 2013-12-02 15:40 - 00000000 ____D C:\Users\Przemek\AppData\Local\CyberGhost
2013-12-02 15:52 - 2011-06-03 17:39 - 00000000 ____D C:\Users\Przemek\AppData\Local\VirtualStore
2013-12-02 15:40 - 2013-12-02 15:39 - 00000000 ____D C:\Program Files\TAP-Windows
2013-12-02 15:40 - 2013-12-02 15:39 - 00000000 ____D C:\Program Files\CyberGhost 5
2013-12-02 15:39 - 2013-12-02 15:39 - 00001734 _____ C:\Users\Przemek\Desktop\CyberGhost 5.lnk
2013-12-02 09:31 - 2012-07-06 10:45 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\KC Softwares
2013-12-02 00:48 - 2013-12-02 00:48 - 00001242 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 7.0.lnk
2013-12-01 14:42 - 2011-06-04 09:19 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-30 22:04 - 2013-11-30 22:04 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Yandex
2013-11-30 22:04 - 2013-11-30 22:04 - 00000000 ____D C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex
2013-11-30 22:04 - 2013-11-30 22:04 - 00000000 ____D C:\Users\Przemek\AppData\Local\Yandex
2013-11-30 13:40 - 2012-06-24 20:14 - 00000000 ____D C:\Users\Public\Phantom Drive Images
2013-11-30 12:55 - 2012-01-01 08:07 - 00000905 _____ C:\Users\Public\Desktop\AIMP3.lnk
2013-11-30 12:55 - 2012-01-01 08:07 - 00000000 ____D C:\Program Files (x86)\AIMP3
2013-11-30 11:16 - 2011-07-02 08:55 - 00000000 ____D C:\Users\Przemek\Desktop\USBDeview
2013-11-29 20:42 - 2013-12-12 11:36 - 01806960 _____ C:\Windows\ampa.exe
2013-11-29 10:31 - 2013-12-12 11:36 - 00017008 _____ C:\Windows\SysWOW64\ampa.sys
2013-11-29 10:31 - 2013-12-12 11:36 - 00017008 _____ C:\Windows\system32\ampa.sys
2013-11-28 23:33 - 2013-02-13 00:14 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-11-28 23:25 - 2013-10-24 17:50 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-28 23:25 - 2011-06-04 09:11 - 00000000 ____D C:\Program Files\CCleaner
2013-11-28 22:40 - 2013-11-28 22:39 - 00006501 _____ C:\Windows\system32\oodbs.lor
2013-11-28 22:25 - 2013-07-15 20:15 - 00002541 _____ C:\Users\Public\Desktop\O&O Defrag.lnk
2013-11-28 18:56 - 2012-05-10 09:40 - 00204032 _____ (WinISO.com) C:\Windows\system32\Drivers\WinisoCDBus.sys
2013-11-28 16:52 - 2013-09-10 18:55 - 00000000 ____D C:\Windows\system32\MRT
2013-11-28 16:37 - 2013-11-28 16:56 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2013-11-28 16:37 - 2013-11-28 16:37 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2013-11-28 16:37 - 2013-11-28 16:37 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2013-11-28 16:37 - 2013-11-28 16:37 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2013-11-28 16:36 - 2013-11-28 16:36 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2013-11-23 19:26 - 2013-12-10 19:39 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 18:47 - 2013-12-10 19:39 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

Some content of TEMP:
====================
C:\Users\Przemek\AppData\Local\Temp\PROCEXP64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-04 01:48

==================== End Of Log ============================