Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Sebastian (administrator) on SEBASTIAN-DOM on 04-01-2014 12:52:47
Running from C:\Users\Sebastian\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\System32\atiesrxx.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Games\World_of_Tanks\Uninstal.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2894640 2012-03-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\quickset.exe [5729648 2012-02-07] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [1016992 2012-01-20] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [800416 2012-01-20] (Atheros Commnucations)
HKLM\...\Run: [Stage Remote] - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2034752 2011-08-08] ()
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [483424 2012-02-01] ()
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SA3\SACpl.exe [1654400 2012-02-21] (Conexant Systems, Inc.)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-17] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-03-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell Registration] - C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)
HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2835443 2012-02-01] ()
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] - C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-25] ()
HKCU\...\Run: [xwidget] - C:\Program Files (x86)\XWidget\xwidget.exe
HKCU\...\Run: [DellSystemDetect] - C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [370 2013-04-12] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 62.179.1.60 62.179.1.61

Chrome: 
=======
CHR HomePage: 
CHR RestoreOnStartup: "hxxp://google.pl/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (WEBZEN Browser Extension) - C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Sebastian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Bumblebee Transformers) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablploimnfndjhngijoeekcoillceikj\2_0
CHR Extension: (Google Docs) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YOUZEEK Free Music) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcgpdkighmjfjlplcighhgamlhkimce\2.0.3_0
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Kingdom Rush) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim\1.1.0.1_0
CHR Extension: (Google Search) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Pixlr-o-matic) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj\1.2_0
CHR Extension: (Twitch.tv Europe Lag Fix) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkoehmlkhjgaboegkondkciclminpjof\2.0_0
CHR Extension: (Autodesk Homestyler) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.6_0
CHR Extension: (Cargo Bridge) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn\1.5.7_0
CHR Extension: (Planner 5D) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna\1.2.0.4_0
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2013-04-13] (Conexant Systems, Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-07] (Realsil Microelectronics Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-12-15] ()
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-20] (Atheros)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2012-01-31] (Atheros)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.)
S3 PCTV340_801; C:\Windows\System32\Drivers\dvb7700all.sys [946176 2010-03-10] (DiBcom)
R0 rtcrfilt64; C:\Windows\System32\DRIVERS\rtcrfilt64.sys [19600 2012-09-04] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-04 12:52 - 2014-01-04 12:52 - 00017043 _____ C:\Users\Sebastian\Downloads\FRST.txt
2014-01-04 12:46 - 2014-01-04 12:47 - 00000040 _____ C:\Users\Sebastian\Desktop\Nowy dokument tekstowy.txt
2014-01-04 12:38 - 2014-01-04 12:38 - 00448512 _____ (OldTimer Tools) C:\Users\Sebastian\Downloads\TFC.exe
2014-01-04 12:37 - 2014-01-04 12:39 - 00000000 ____D C:\AdwCleaner
2014-01-04 12:37 - 2014-01-04 12:37 - 01233962 _____ C:\Users\Sebastian\Downloads\AdwCleaner.exe
2014-01-04 12:35 - 2014-01-04 12:35 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\newnext.me
2014-01-04 12:34 - 2014-01-04 12:34 - 01931368 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-01-04 12:34 - 2014-01-04 12:34 - 00000000 _____ C:\Users\Sebastian\Downloads\Nowy dokument tekstowy.txt
2014-01-03 23:40 - 2014-01-03 23:40 - 00005375 _____ C:\Users\Sebastian\Downloads\EK - Port Hope Crocodile.rar
2014-01-03 19:59 - 2014-01-03 19:59 - 00000000 ____D C:\FRST
2014-01-03 19:40 - 2014-01-03 19:55 - 00000054 _____ C:\Windows\SysWOW64\Partizan.RRI
2014-01-03 19:37 - 2014-01-03 19:44 - 00000000 ____D C:\Program Files (x86)\ATS2
2014-01-03 19:36 - 2014-01-03 19:49 - 00000000 ____D C:\ProgramData\RegRun
2014-01-03 19:35 - 2014-01-03 19:49 - 00000000 ____D C:\Users\Public\Documents\RegRunInfo
2014-01-03 19:33 - 2014-01-03 19:49 - 00000000 ____D C:\Users\Sebastian\Documents\RegRun2
2014-01-03 19:33 - 2014-01-03 19:33 - 00000002 RSHOT C:\Windows\winstart.bat
2014-01-03 19:33 - 2014-01-03 19:33 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2014-01-03 19:33 - 2014-01-03 19:33 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2014-01-03 19:33 - 2014-01-03 19:33 - 00000000 ____D C:\Program Files (x86)\Greatis
2014-01-03 19:13 - 2014-01-03 19:13 - 738172452 _____ C:\Windows\MEMORY.DMP
2014-01-03 19:13 - 2014-01-03 19:13 - 00281512 _____ C:\Windows\Minidump\010314-42494-01.dmp
2014-01-03 19:13 - 2014-01-03 19:13 - 00000000 ____D C:\Windows\Minidump
2014-01-02 19:07 - 2014-01-02 19:08 - 2097216048 ____C C:\RAMDisk.img
2014-01-02 19:07 - 2014-01-02 19:07 - 2097216048 ____C C:\RAMDisk.img.bak
2014-01-02 19:00 - 2014-01-02 19:00 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Dataram_Corporation
2014-01-02 18:59 - 2014-01-02 19:18 - 00000000 ____D C:\Program Files (x86)\RAMDisk
2014-01-02 18:52 - 2014-01-02 18:52 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\ProcessLasso
2013-12-31 10:26 - 2013-12-31 10:26 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-31 10:26 - 2013-12-31 10:26 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-31 10:26 - 2013-12-31 10:26 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-31 10:26 - 2013-12-31 10:26 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-28 14:36 - 2013-12-28 14:36 - 00030421 _____ C:\Users\Sebastian\Downloads\[80+ EK] Venore Dragon Lair.xbst
2013-12-28 14:09 - 2013-12-28 12:40 - 00000000 ____D C:\Users\Sebastian\Downloads\Vengoth
2013-12-25 21:59 - 2013-12-25 21:59 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Unity
2013-12-25 21:53 - 2013-12-25 21:53 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Unity
2013-12-19 17:54 - 2013-12-19 23:45 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Tibiacast
2013-12-19 17:53 - 2013-12-19 17:53 - 00002599 _____ C:\Users\Sebastian\Desktop\Tibiacast.lnk
2013-12-19 17:53 - 2013-12-19 17:53 - 00000000 ____D C:\Program Files (x86)\Tibiacast
2013-12-18 17:08 - 2013-12-18 17:08 - 00000000 ____D C:\Users\Sebastian\Downloads\Leatrix latency fix
2013-12-18 14:27 - 2014-01-02 18:52 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-12-17 12:40 - 2011-09-16 16:56 - 00042496 _____ C:\Users\Sebastian\Desktop\XenoMC.exe
2013-12-16 21:28 - 2013-12-16 21:29 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-16 13:20 - 2013-12-16 13:20 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Lost Marble
2013-12-16 00:00 - 2013-12-16 00:00 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Arktos Entertainment
2013-12-15 23:58 - 2013-12-15 23:58 - 00000000 ____D C:\Users\Sebastian\Documents\Arktos
2013-12-15 23:58 - 2013-12-15 23:58 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Arktos
2013-12-15 23:29 - 2013-12-26 00:37 - 00000000 ____D C:\Users\Sebastian\Documents\Infestation Survivor Stories
2013-12-12 15:02 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 15:02 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 15:02 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 15:02 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 15:01 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 15:01 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 15:01 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 15:01 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 15:01 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 15:01 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 15:01 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 15:01 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 15:01 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 15:01 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 15:01 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 15:01 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 15:01 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 15:01 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 15:01 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 15:01 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 15:01 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 15:01 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 15:01 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 15:01 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 15:01 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 15:01 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 15:01 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 15:01 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 15:01 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 15:01 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 15:01 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 15:01 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 15:01 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 15:01 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 15:01 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 10:35 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 10:35 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 10:35 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 10:35 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 10:35 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 10:35 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 10:35 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 10:35 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 10:35 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 10:35 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 10:35 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 10:35 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 10:35 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 10:35 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 10:35 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 10:35 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 10:35 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 10:35 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 10:35 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 17:26 - 2013-12-18 17:02 - 00000956 _____ C:\Users\Public\Desktop\Injector.exe.lnk
2013-12-11 17:26 - 2013-12-11 17:26 - 00000000 ____D C:\ProgramData\Caphyon
2013-12-09 23:36 - 2013-12-09 23:36 - 00001784 _____ C:\Users\Sebastian\Desktop\XenoBot — skrót.lnk
2013-12-09 19:16 - 2013-12-09 19:20 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-09 19:16 - 2013-12-09 19:16 - 00001284 _____ C:\Users\Gość\Desktop\Spybot - Search & Destroy.lnk
2013-12-09 19:16 - 2013-12-09 19:16 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-12-09 19:15 - 2013-12-09 19:15 - 00003208 _____ C:\Windows\System32\Tasks\{2CFD6C64-DE21-4DC3-8802-2063CDE4FEBE}
2013-12-09 19:01 - 2013-12-18 12:31 - 00000000 ____D C:\Program Files (x86)\Tibia
2013-12-09 19:01 - 2013-12-09 19:01 - 00000969 _____ C:\Users\Public\Desktop\Tibia.lnk
2013-12-09 17:58 - 2013-12-18 17:02 - 00000000 ____D C:\Program Files (x86)\XenoBot
2013-12-09 17:58 - 2013-12-09 23:21 - 00000000 ____D C:\Users\Sebastian\Documents\XenoBot
2013-12-09 17:58 - 2013-12-09 17:58 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\MSDrvCfg
2013-12-05 20:54 - 2013-12-05 20:54 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-05 20:54 - 2013-12-05 20:54 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-05 20:54 - 2013-12-05 20:54 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-05 20:54 - 2013-12-05 20:54 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-05 20:54 - 2013-12-05 20:54 - 00000000 ____D C:\Program Files\Java

==================== One Month Modified Files and Folders =======

2014-01-04 12:52 - 2014-01-04 12:52 - 00017043 _____ C:\Users\Sebastian\Downloads\FRST.txt
2014-01-04 12:49 - 2009-07-14 05:45 - 00025008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 12:49 - 2009-07-14 05:45 - 00025008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 12:47 - 2014-01-04 12:46 - 00000040 _____ C:\Users\Sebastian\Desktop\Nowy dokument tekstowy.txt
2014-01-04 12:44 - 2013-01-25 17:29 - 00000000 ____D C:\Users\Sebastian\AppData\Local\PMB Files
2014-01-04 12:44 - 2012-11-25 18:00 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Deployment
2014-01-04 12:42 - 2013-01-19 13:04 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-04 12:42 - 2013-01-19 13:04 - 00001050 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-04 12:42 - 2012-06-24 05:31 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2014-01-04 12:42 - 2012-06-24 05:31 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2014-01-04 12:42 - 2012-06-24 05:26 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2014-01-04 12:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 12:41 - 2009-07-14 05:51 - 00095111 _____ C:\Windows\setupact.log
2014-01-04 12:40 - 2012-06-23 21:55 - 01404044 _____ C:\Windows\WindowsUpdate.log
2014-01-04 12:39 - 2014-01-04 12:37 - 00000000 ____D C:\AdwCleaner
2014-01-04 12:38 - 2014-01-04 12:38 - 00448512 _____ (OldTimer Tools) C:\Users\Sebastian\Downloads\TFC.exe
2014-01-04 12:37 - 2014-01-04 12:37 - 01233962 _____ C:\Users\Sebastian\Downloads\AdwCleaner.exe
2014-01-04 12:35 - 2014-01-04 12:35 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\newnext.me
2014-01-04 12:35 - 2012-11-25 17:53 - 00000000 ____D C:\Users\Sebastian
2014-01-04 12:34 - 2014-01-04 12:34 - 01931368 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-01-04 12:34 - 2014-01-04 12:34 - 00000000 _____ C:\Users\Sebastian\Downloads\Nowy dokument tekstowy.txt
2014-01-04 12:32 - 2012-06-24 05:01 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-04 12:29 - 2012-11-28 13:38 - 00000000 ____D C:\Users\Sebastian\AppData\Local\CrashDumps
2014-01-04 08:27 - 2012-11-25 22:30 - 00000000 ____D C:\ProgramData\MFAData
2014-01-03 23:40 - 2014-01-03 23:40 - 00005375 _____ C:\Users\Sebastian\Downloads\EK - Port Hope Crocodile.rar
2014-01-03 23:12 - 2010-11-21 04:47 - 00077562 _____ C:\Windows\PFRO.log
2014-01-03 21:02 - 2012-11-25 18:14 - 00000000 ____D C:\Users\Sebastian\Desktop\Ikony
2014-01-03 19:59 - 2014-01-03 19:59 - 00000000 ____D C:\FRST
2014-01-03 19:55 - 2014-01-03 19:40 - 00000054 _____ C:\Windows\SysWOW64\Partizan.RRI
2014-01-03 19:49 - 2014-01-03 19:36 - 00000000 ____D C:\ProgramData\RegRun
2014-01-03 19:49 - 2014-01-03 19:35 - 00000000 ____D C:\Users\Public\Documents\RegRunInfo
2014-01-03 19:49 - 2014-01-03 19:33 - 00000000 ____D C:\Users\Sebastian\Documents\RegRun2
2014-01-03 19:44 - 2014-01-03 19:37 - 00000000 ____D C:\Program Files (x86)\ATS2
2014-01-03 19:33 - 2014-01-03 19:33 - 00000002 RSHOT C:\Windows\winstart.bat
2014-01-03 19:33 - 2014-01-03 19:33 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2014-01-03 19:33 - 2014-01-03 19:33 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2014-01-03 19:33 - 2014-01-03 19:33 - 00000000 ____D C:\Program Files (x86)\Greatis
2014-01-03 19:32 - 2013-11-30 21:08 - 00000000 ____D C:\Program Files (x86)\RedBot Pro
2014-01-03 19:13 - 2014-01-03 19:13 - 738172452 _____ C:\Windows\MEMORY.DMP
2014-01-03 19:13 - 2014-01-03 19:13 - 00281512 _____ C:\Windows\Minidump\010314-42494-01.dmp
2014-01-03 19:13 - 2014-01-03 19:13 - 00000000 ____D C:\Windows\Minidump
2014-01-03 19:07 - 2013-01-25 17:29 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-03 18:55 - 2013-02-15 03:29 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-02 19:20 - 2013-10-13 19:40 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2014-01-02 19:18 - 2014-01-02 18:59 - 00000000 ____D C:\Program Files (x86)\RAMDisk
2014-01-02 19:08 - 2014-01-02 19:07 - 2097216048 ____C C:\RAMDisk.img
2014-01-02 19:07 - 2014-01-02 19:07 - 2097216048 ____C C:\RAMDisk.img.bak
2014-01-02 19:00 - 2014-01-02 19:00 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Dataram_Corporation
2014-01-02 18:52 - 2014-01-02 18:52 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\ProcessLasso
2014-01-02 18:52 - 2013-12-18 14:27 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2014-01-01 20:55 - 2012-11-25 18:46 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Skype
2013-12-31 15:59 - 2012-11-25 21:32 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\TS3Client
2013-12-31 10:27 - 2013-11-16 13:25 - 00000000 ____D C:\ProgramData\Oracle
2013-12-31 10:26 - 2013-12-31 10:26 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-31 10:26 - 2013-12-31 10:26 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-31 10:26 - 2013-12-31 10:26 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-31 10:26 - 2013-12-31 10:26 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-29 23:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-28 14:36 - 2013-12-28 14:36 - 00030421 _____ C:\Users\Sebastian\Downloads\[80+ EK] Venore Dragon Lair.xbst
2013-12-28 12:40 - 2013-12-28 14:09 - 00000000 ____D C:\Users\Sebastian\Downloads\Vengoth
2013-12-28 01:01 - 2012-11-25 18:01 - 00000843 _____ C:\Users\Sebastian\Desktop\notatki.txt
2013-12-26 00:37 - 2013-12-15 23:29 - 00000000 ____D C:\Users\Sebastian\Documents\Infestation Survivor Stories
2013-12-25 21:59 - 2013-12-25 21:59 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Unity
2013-12-25 21:53 - 2013-12-25 21:53 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Unity
2013-12-22 15:55 - 2013-12-02 19:57 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-21 18:09 - 2012-11-29 18:51 - 00000072 _____ C:\Users\Public\LMDebug.log
2013-12-19 23:45 - 2013-12-19 17:54 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Tibiacast
2013-12-19 17:53 - 2013-12-19 17:53 - 00002599 _____ C:\Users\Sebastian\Desktop\Tibiacast.lnk
2013-12-19 17:53 - 2013-12-19 17:53 - 00000000 ____D C:\Program Files (x86)\Tibiacast
2013-12-19 17:09 - 2012-06-24 05:29 - 00000000 ____D C:\ProgramData\Skype
2013-12-19 17:08 - 2012-11-29 18:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-19 12:43 - 2012-11-25 18:01 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-19 00:06 - 2012-11-28 14:26 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\uTorrent
2013-12-18 17:08 - 2013-12-18 17:08 - 00000000 ____D C:\Users\Sebastian\Downloads\Leatrix latency fix
2013-12-18 17:02 - 2013-12-11 17:26 - 00000956 _____ C:\Users\Public\Desktop\Injector.exe.lnk
2013-12-18 17:02 - 2013-12-09 17:58 - 00000000 ____D C:\Program Files (x86)\XenoBot
2013-12-18 15:23 - 2013-02-02 19:38 - 00000000 ____D C:\Users\Sebastian\Documents\Guild Wars 2
2013-12-18 14:30 - 2012-06-24 05:38 - 00288292 _____ C:\Windows\DirectX.log
2013-12-18 12:31 - 2013-12-09 19:01 - 00000000 ____D C:\Program Files (x86)\Tibia
2013-12-17 00:07 - 2013-10-13 11:26 - 00000000 ____D C:\Program Files (x86)\OBS
2013-12-16 21:29 - 2013-12-16 21:28 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-16 13:20 - 2013-12-16 13:20 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Lost Marble
2013-12-16 00:06 - 2012-12-09 22:39 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-12-16 00:06 - 2012-12-08 19:39 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-12-16 00:00 - 2013-12-16 00:00 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Arktos Entertainment
2013-12-15 23:58 - 2013-12-15 23:58 - 00000000 ____D C:\Users\Sebastian\Documents\Arktos
2013-12-15 23:58 - 2013-12-15 23:58 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Arktos
2013-12-15 23:58 - 2012-12-09 22:39 - 00000000 ____D C:\Users\Sebastian\AppData\Local\PunkBuster
2013-12-15 23:58 - 2012-12-08 19:39 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-12-15 23:57 - 2012-12-08 19:39 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-12-14 22:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-14 19:09 - 2013-08-15 03:18 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 15:00 - 2012-11-29 14:06 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-13 07:19 - 2010-11-21 13:53 - 00738432 _____ C:\Windows\system32\perfh015.dat
2013-12-13 07:19 - 2010-11-21 13:53 - 00154830 _____ C:\Windows\system32\perfc015.dat
2013-12-13 07:19 - 2009-07-14 06:13 - 01664108 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-13 07:15 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-13 07:13 - 2009-07-14 05:45 - 00449272 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 17:26 - 2013-12-11 17:26 - 00000000 ____D C:\ProgramData\Caphyon
2013-12-11 10:57 - 2013-09-25 11:28 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-09 23:36 - 2013-12-09 23:36 - 00001784 _____ C:\Users\Sebastian\Desktop\XenoBot — skrót.lnk
2013-12-09 23:21 - 2013-12-09 17:58 - 00000000 ____D C:\Users\Sebastian\Documents\XenoBot
2013-12-09 19:20 - 2013-12-09 19:16 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-09 19:16 - 2013-12-09 19:16 - 00001284 _____ C:\Users\Gość\Desktop\Spybot - Search & Destroy.lnk
2013-12-09 19:16 - 2013-12-09 19:16 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-12-09 19:15 - 2013-12-09 19:15 - 00003208 _____ C:\Windows\System32\Tasks\{2CFD6C64-DE21-4DC3-8802-2063CDE4FEBE}
2013-12-09 19:01 - 2013-12-09 19:01 - 00000969 _____ C:\Users\Public\Desktop\Tibia.lnk
2013-12-09 17:58 - 2013-12-09 17:58 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\MSDrvCfg
2013-12-08 00:37 - 2013-01-19 13:04 - 00004050 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-08 00:37 - 2013-01-19 13:04 - 00003798 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-06 12:39 - 2013-07-16 19:17 - 00002191 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-05 20:54 - 2013-12-05 20:54 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-05 20:54 - 2013-12-05 20:54 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-05 20:54 - 2013-12-05 20:54 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-05 20:54 - 2013-12-05 20:54 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-05 20:54 - 2013-12-05 20:54 - 00000000 ____D C:\Program Files\Java

Files to move or delete:
====================
C:\Users\Sebastian\jagex_cl_runescape_LIVE.dat
C:\Users\Sebastian\random.dat


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-31 12:20

==================== End Of Log ============================