Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01 Ran by Bartek (administrator) on BARTEK-KOMPUTER on 26-02-2015 17:37:42 Running from C:\Users\Bartek\Desktop Loaded Profiles: Bartek (Available profiles: Bartek) Platform: Windows 7 Home Premium (X64) OS Language: Polski (Polska) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (BitTorrent Inc.) C:\Users\Bartek\AppData\Roaming\uTorrent\uTorrent.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe (Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-30] (Raptr, Inc) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2015-02-25] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-1318935594-1313143014-225757962-1000\...\Run: [uTorrent] => C:\Users\Bartek\AppData\Roaming\uTorrent\uTorrent.exe [1377872 2015-01-22] (BitTorrent Inc.) HKU\S-1-5-21-1318935594-1313143014-225757962-1000\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [14634656 2014-06-19] (Gadwin Systems) HKU\S-1-5-21-1318935594-1313143014-225757962-1000\...\Run: [Facebook Update] => C:\Users\Bartek\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-10-17] (Facebook Inc.) HKU\S-1-5-21-1318935594-1313143014-225757962-1000\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2765256 2014-11-03] (ALLPlayer Group Ltd.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1318935594-1313143014-225757962-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Bartek\AppData\Roaming\Mozilla\Firefox\Profiles\zv4itt83.default FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1318935594-1313143014-225757962-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Bartek\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKU\S-1-5-21-1318935594-1313143014-225757962-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Bartek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) Chrome: ======= CHR HomePage: Default -> hxxp://home.sweetim.com/?crg=3.1010000.10011 CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-04-28] CHR Extension: (Google Docs) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-28] CHR Extension: (Google Drive) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-28] CHR Extension: (James White) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-04-28] CHR Extension: (YouTube) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-28] CHR Extension: (Google Search) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-28] CHR Extension: (Tampermonkey) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-10-28] CHR Extension: (AdBlock) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-28] CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2014-12-24] CHR Extension: (Top Eleven) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljphpjlafmmdmegmfbkacafhbegjfkkn [2014-07-22] CHR Extension: (Google Mail Checker) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-10-01] CHR Extension: (Edge: The Web Ruler) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\njlkegdphefeellhaongiopcfgcinikh [2014-04-28] CHR Extension: (Google Wallet) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-28] CHR Extension: (Enhanced Steam) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2014-11-03] CHR Extension: (Gmail) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-28] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-11-17] (EasyAntiCheat Ltd) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-22] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-12-24] () S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 mtkmbim; C:\Windows\System32\DRIVERS\mtkmbim7_x64.sys [208896 2012-12-13] (MediaTek Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129856 2014-04-25] (Razer, Inc.) S3 wdf_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [81408 2013-02-21] (MediaTek Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-25 19:28 - 2015-02-25 19:28 - 00455704 _____ () C:\Windows\Minidump\022515-14586-01.dmp 2015-02-25 18:35 - 2015-02-25 18:35 - 00055911 _____ () C:\Users\Bartek\Desktop\Shortcut.txt 2015-02-25 18:34 - 2015-02-26 17:37 - 00009735 _____ () C:\Users\Bartek\Desktop\FRST.txt 2015-02-25 18:34 - 2015-02-25 18:35 - 00043717 _____ () C:\Users\Bartek\Desktop\Addition.txt 2015-02-25 18:33 - 2015-02-26 17:37 - 00000000 ____D () C:\FRST 2015-02-25 18:33 - 2015-02-25 18:33 - 02087936 _____ (Farbar) C:\Users\Bartek\Desktop\FRST64.exe 2015-02-25 18:32 - 2015-02-25 18:32 - 00574466 _____ () C:\Users\Bartek\Desktop\gmer.txt 2015-02-25 18:01 - 2015-02-25 18:01 - 00380416 _____ () C:\Users\Bartek\Downloads\u06b1vir.exe 2015-02-25 17:56 - 2015-02-25 17:56 - 00000516 _____ () C:\Windows\SysWOW64\atiapfxx.log 2015-02-25 17:56 - 2015-02-25 17:56 - 00000000 ____D () C:\ProgramData\ATI 2015-02-25 17:55 - 2015-02-25 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center 2015-02-25 17:49 - 2015-02-25 17:49 - 00052689 _____ () C:\Windows\SysWOW64\CCCInstall_201502251749279849.log 2015-02-25 17:44 - 2010-09-05 17:35 - 00000000 ____D () C:\Users\Bartek\Desktop\DNA-ATi Legacy 10.2.1.64 2015-02-25 17:42 - 2015-02-25 17:44 - 85217029 _____ (Igor Pavlov) C:\Users\Bartek\Downloads\DNA-ATi-Legacy_10_2_1_64.exe 2015-02-25 17:31 - 2015-02-25 17:31 - 01710888 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Bartek\Downloads\GPU-Z.0.8.1.exe 2015-02-22 21:45 - 2015-02-24 18:53 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\RIFT 2015-02-22 21:45 - 2015-02-22 21:45 - 00000000 ____D () C:\Users\Bartek\Documents\RIFT 2015-02-22 21:35 - 2015-02-22 21:35 - 00000371 _____ () C:\Users\Bartek\Desktop\Glyph.lnk 2015-02-22 21:35 - 2015-02-22 21:35 - 00000000 ____D () C:\Users\Bartek\AppData\Local\Glyph 2015-02-22 21:35 - 2015-02-22 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph 2015-02-22 21:35 - 2015-02-22 21:35 - 00000000 ____D () C:\ProgramData\Glyph 2015-02-22 21:34 - 2015-02-22 21:35 - 32030072 _____ (Trion Worlds Inc.) C:\Users\Bartek\Downloads\GlyphInstall-0-1.exe 2015-02-21 12:59 - 2015-02-21 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default) 2015-02-21 12:57 - 2015-02-21 12:59 - 00000000 ____D () C:\Program Files (x86)\BeamNG.drive 2015-02-21 12:20 - 2015-02-21 12:20 - 00071680 _____ () C:\Users\Bartek\Downloads\YChan 2.2.exe 2015-02-21 12:20 - 2015-02-21 12:20 - 00000000 ____D () C:\ProgramData\YChan 2015-02-15 18:39 - 2015-02-15 18:39 - 00000000 ____D () C:\Users\Bartek\Documents\SimCity 2015-02-15 18:33 - 2015-02-15 18:33 - 00000638 _____ () C:\Users\Bartek\Desktop\SimCity.lnk 2015-02-15 18:33 - 2015-02-15 18:33 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\SimCity 2015-02-15 18:33 - 2015-02-15 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2015-02-15 18:32 - 2015-02-15 18:32 - 00000364 _____ () C:\Windows\DirectX.log 2015-02-14 16:13 - 2015-02-14 16:13 - 00000000 ____D () C:\Users\Bartek\Documents\The Movies 2015-02-14 16:13 - 2015-02-14 16:13 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\Lionhead Studios 2015-02-14 16:12 - 2015-02-14 16:12 - 00001563 _____ () C:\Users\Public\Desktop\StarMaker.lnk 2015-02-14 16:12 - 2015-02-14 16:12 - 00001546 _____ () C:\Users\Public\Desktop\The Movies Stunts & Effects.lnk 2015-02-14 16:12 - 2015-02-14 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Movies 2015-02-12 22:30 - 2015-02-25 19:28 - 938807332 _____ () C:\Windows\MEMORY.DMP 2015-02-12 22:30 - 2015-02-12 22:30 - 00274336 _____ () C:\Windows\Minidump\021215-15990-01.dmp 2015-02-09 16:52 - 2015-02-09 16:52 - 18286750 _____ () C:\Users\Bartek\Downloads\VGA_Intel_v6.14.10.4885_XPx86.zip 2015-02-09 16:52 - 2015-02-09 16:52 - 04338074 _____ () C:\Users\Bartek\Downloads\Wireless LAN_Broadcom_v4.170.25.12_XPx86.zip 2015-02-09 16:52 - 2015-02-09 16:52 - 03165392 _____ () C:\Users\Bartek\Downloads\Wireless LAN_Atherors_v.5.3.0.67_XPx86.zip 2015-02-09 16:39 - 2015-02-09 16:40 - 49500625 _____ () C:\Users\Bartek\Downloads\LAN_Broadcom_v.10.46.0.0_Vistax86.zip 2015-02-09 16:39 - 2015-02-09 16:40 - 17029276 _____ () C:\Users\Bartek\Downloads\VGA_Intel_v.7.14.10.1409_Vistax86.zip 2015-02-09 16:39 - 2015-02-09 16:39 - 03074283 _____ () C:\Users\Bartek\Downloads\Wireless LAN_Atheros_v7.3.1.73_Vistax86.zip 2015-02-09 16:36 - 2015-02-09 16:36 - 02448688 _____ (Megaify Software ) C:\Users\Bartek\Downloads\driver_setup.exe 2015-02-09 16:29 - 2015-02-09 16:29 - 01730365 _____ () C:\Users\Bartek\Downloads\xp3264-10.0.0.274-whql_www.INSTALKI.pl.zip 2015-02-09 11:26 - 2015-02-09 11:26 - 06537943 _____ () C:\Users\Bartek\Downloads\Maffia_II_health_decreasing_bug_fix.rar 2015-02-09 10:54 - 2015-02-09 10:54 - 00000000 ____D () C:\Users\Bartek\AppData\Local\2K Games 2015-02-08 23:27 - 2015-02-20 14:23 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\.technic 2015-02-08 15:45 - 2015-02-08 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games 2015-02-08 13:49 - 2015-02-20 14:23 - 04629952 _____ () C:\Users\Bartek\Downloads\TechnicLauncher.exe 2015-02-08 00:24 - 2015-02-08 00:24 - 00000000 ____D () C:\Users\Bartek\Downloads\runtime 2015-02-08 00:23 - 2015-02-08 00:24 - 00000000 ____D () C:\Users\Bartek\Downloads\game 2015-02-08 00:23 - 2015-02-08 00:23 - 01294088 _____ (Mojang) C:\Users\Bartek\Downloads\Minecraft.exe 2015-02-07 19:53 - 2015-02-07 19:53 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\FlacSquisher 2015-02-07 19:47 - 2015-02-07 19:47 - 02023124 _____ () C:\Users\Bartek\Downloads\FlacSquisher-1.3.4-Installer.exe 2015-02-07 19:47 - 2015-02-07 19:47 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlacSquisher 2015-02-07 19:47 - 2015-02-07 19:47 - 00000000 ____D () C:\Program Files (x86)\FlacSquisher 2015-02-06 19:38 - 2015-02-26 16:25 - 00007190 _____ () C:\Windows\PFRO.log 2015-02-06 13:04 - 2015-02-06 13:04 - 07433112 _____ () C:\Users\Bartek\Downloads\xvm-5.1.0.zip 2015-02-06 08:13 - 2015-02-26 16:25 - 00003584 _____ () C:\Windows\setupact.log 2015-02-06 08:13 - 2015-02-06 08:13 - 00000000 _____ () C:\Windows\setuperr.log 2015-02-05 12:56 - 2015-02-05 12:56 - 00000000 ____D () C:\Users\Bartek\AppData\Local\Steam 2015-02-03 14:16 - 2015-02-09 14:09 - 00000000 ____D () C:\Users\Bartek\Desktop\PlanetSide 2 2015-02-03 10:25 - 2014-02-09 11:08 - 00002109 _____ () C:\Users\Bartek\Documents\steam_api.ini 2015-02-03 00:30 - 2015-02-03 00:30 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll 2015-02-03 00:30 - 2015-02-03 00:30 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll 2015-02-03 00:30 - 2015-02-03 00:30 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2015-02-03 00:08 - 2015-02-03 00:08 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\Comodo 2015-02-02 23:30 - 2015-02-26 16:19 - 00000000 ____D () C:\ProgramData\Comodo 2015-02-02 21:34 - 2015-02-02 21:35 - 00000000 ____D () C:\Users\Bartek\Desktop\Nowy folder 2015-02-02 21:11 - 2015-02-02 21:11 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\java 2015-02-02 10:39 - 2015-02-02 10:39 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\ttales 2015-02-02 10:39 - 2015-02-02 10:39 - 00000000 ____D () C:\ProgramData\Steam 2015-02-02 09:19 - 2015-02-02 09:19 - 00000932 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The LEGO Movie - Videogame.lnk 2015-02-02 09:19 - 2015-02-02 09:19 - 00000920 _____ () C:\Users\Public\Desktop\The LEGO Movie - Videogame.lnk 2015-02-02 08:56 - 2015-02-03 10:29 - 00000000 ____D () C:\Program Files (x86)\The LEGO Movie - Videogame 2015-02-01 17:30 - 2015-01-28 18:34 - 02767035 _____ () C:\Users\Bartek\Desktop\Michał Dąbrowski prezętacja na angielski .pptx 2015-02-01 15:20 - 2015-02-01 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-02-01 15:20 - 2015-02-01 15:20 - 00000000 ____D () C:\Program Files (x86)\7-Zip 2015-02-01 11:33 - 2015-02-01 11:33 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\Wargaming.net 2015-02-01 01:43 - 2015-02-26 16:26 - 00000008 __RSH () C:\Users\Bartek\ntuser.pol 2015-01-31 21:05 - 2015-01-31 21:05 - 00000522 _____ () C:\Users\Bartek\Desktop\World of Tanks.lnk 2015-01-31 21:05 - 2015-01-31 21:05 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks 2015-01-27 17:50 - 2015-01-27 17:50 - 00000103 _____ () C:\Users\Bartek\Desktop\PIT-37(20)_v1-0E_2014_2015-1-27.txt 2015-01-27 17:24 - 2015-01-27 17:24 - 00707744 _____ () C:\Users\Bartek\AppData\Local\unins000.exe 2015-01-27 17:24 - 2015-01-27 17:24 - 00011761 _____ () C:\Users\Bartek\AppData\Local\unins000.msg 2015-01-27 17:24 - 2015-01-27 17:24 - 00003187 _____ () C:\Users\Bartek\AppData\Local\unins000.dat ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-26 17:37 - 2014-05-11 17:29 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\uTorrent 2015-02-26 17:27 - 2014-04-28 19:38 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-26 16:44 - 2014-10-10 17:13 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-26 16:33 - 2009-07-14 05:45 - 00021920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-26 16:33 - 2009-07-14 05:45 - 00021920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-26 16:28 - 2014-04-28 19:35 - 01356563 _____ () C:\Windows\WindowsUpdate.log 2015-02-26 16:27 - 2014-04-28 19:53 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\Raptr 2015-02-26 16:26 - 2014-09-28 11:53 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2015-02-26 16:26 - 2014-04-28 19:36 - 00000000 ____D () C:\Users\Bartek 2015-02-26 16:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-02-26 16:25 - 2014-04-28 19:38 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-26 16:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-26 16:24 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2015-02-26 16:16 - 2009-07-14 18:55 - 01034222 _____ () C:\Windows\system32\perfh015.dat 2015-02-26 16:16 - 2009-07-14 18:55 - 00246728 _____ () C:\Windows\system32\perfc015.dat 2015-02-26 07:20 - 2014-10-17 20:15 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1318935594-1313143014-225757962-1000Core.job 2015-02-26 07:13 - 2014-10-17 20:15 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1318935594-1313143014-225757962-1000UA.job 2015-02-25 19:28 - 2014-05-08 19:28 - 00000000 ____D () C:\Windows\Minidump 2015-02-25 17:56 - 2014-04-28 19:52 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2015-02-25 17:50 - 2014-04-28 19:53 - 00000000 ____D () C:\ProgramData\AMD 2015-02-25 17:47 - 2014-09-15 23:32 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2015-02-25 17:47 - 2014-09-15 23:32 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2015-02-25 17:47 - 2014-09-15 23:32 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2015-02-25 17:47 - 2014-09-15 23:32 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2015-02-25 17:47 - 2014-09-15 23:31 - 09254184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll 2015-02-25 17:47 - 2014-09-15 23:31 - 08296296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll 2015-02-25 17:47 - 2014-09-15 23:31 - 08044976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll 2015-02-25 17:47 - 2014-09-15 23:31 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll 2015-02-25 17:47 - 2014-09-15 23:31 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll 2015-02-25 17:47 - 2014-09-15 23:29 - 00293088 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys 2015-02-25 17:47 - 2014-09-15 23:26 - 16750080 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2015-02-25 17:47 - 2014-09-15 23:18 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll 2015-02-25 17:47 - 2014-09-15 23:17 - 33867264 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll 2015-02-25 17:47 - 2014-09-15 23:17 - 28770304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll 2015-02-25 17:47 - 2014-09-15 23:17 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll 2015-02-25 17:47 - 2014-09-15 23:17 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll 2015-02-25 17:47 - 2014-09-15 23:17 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll 2015-02-25 17:47 - 2014-09-15 23:16 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-02-25 17:47 - 2014-09-15 23:16 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-02-25 17:47 - 2014-09-15 23:13 - 27918336 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll 2015-02-25 17:47 - 2014-09-15 23:09 - 05639168 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll 2015-02-25 17:47 - 2014-09-15 23:09 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll 2015-02-25 17:47 - 2014-09-15 23:09 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll 2015-02-25 17:47 - 2014-09-15 23:09 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll 2015-02-25 17:47 - 2014-09-15 23:09 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll 2015-02-25 17:47 - 2014-09-15 23:08 - 23375360 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll 2015-02-25 17:47 - 2014-09-15 23:07 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll 2015-02-25 17:47 - 2014-09-15 23:07 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll 2015-02-25 17:47 - 2014-09-15 23:07 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll 2015-02-25 17:47 - 2014-09-15 23:07 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll 2015-02-25 17:47 - 2014-09-15 23:07 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll 2015-02-25 17:47 - 2014-09-15 23:06 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll 2015-02-25 17:47 - 2014-09-15 23:05 - 04480000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll 2015-02-25 17:47 - 2014-09-15 23:03 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2015-02-25 17:47 - 2014-09-15 23:03 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll 2015-02-25 17:47 - 2014-09-15 23:03 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll 2015-02-25 17:47 - 2014-09-15 23:03 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll 2015-02-25 17:47 - 2014-09-15 23:03 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll 2015-02-25 17:47 - 2014-09-15 22:59 - 01210880 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2015-02-25 17:47 - 2014-09-15 22:59 - 00900608 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2015-02-25 17:47 - 2014-09-15 22:59 - 00827392 _____ (AMD) C:\Windows\system32\coinst_14.30.dll 2015-02-25 17:47 - 2014-09-15 22:59 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2015-02-25 17:47 - 2014-09-15 22:59 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2015-02-25 17:47 - 2014-09-15 22:59 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll 2015-02-25 17:47 - 2014-09-15 22:59 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll 2015-02-25 17:47 - 2014-09-15 22:59 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2015-02-25 17:47 - 2014-09-15 22:58 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2015-02-25 17:47 - 2014-04-18 03:43 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll 2015-02-25 17:47 - 2014-04-18 03:42 - 10826488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll 2015-02-25 17:47 - 2014-04-18 03:42 - 07207592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll 2015-02-25 17:47 - 2014-04-18 03:42 - 07028336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll 2015-02-25 17:47 - 2014-04-18 03:42 - 01335544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll 2015-02-25 17:47 - 2014-04-18 03:42 - 01113576 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2015-02-25 17:47 - 2014-04-18 03:42 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll 2015-02-24 12:49 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-02-23 19:11 - 2009-07-14 06:13 - 01866090 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-21 13:27 - 2014-05-24 18:23 - 00000000 ____D () C:\Users\Bartek\AppData\Local\CrashDumps 2015-02-14 01:54 - 2014-12-29 09:57 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\Skype 2015-02-11 21:24 - 2014-10-24 15:32 - 00000000 ____D () C:\Users\Bartek\Documents\Visual Studio 2010 2015-02-08 15:39 - 2014-06-02 17:24 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\DAEMON Tools Lite 2015-02-08 00:28 - 2014-08-16 22:05 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\.minecraft 2015-02-07 19:49 - 2014-06-02 17:23 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2015-02-04 13:22 - 2014-04-28 19:38 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-04 13:22 - 2014-04-28 19:38 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-02-03 02:09 - 2014-09-26 13:39 - 00000000 ____D () C:\Users\Bartek\Documents\Optimizer Pro 2015-02-03 02:09 - 2014-09-20 19:59 - 00000000 ____D () C:\Users\Bartek\Documents\Heroes of the Storm 2015-02-03 02:09 - 2014-09-20 19:41 - 00000000 ____D () C:\Users\Bartek\Documents\Euro Truck Simulator 2 2015-02-03 02:09 - 2014-07-27 12:16 - 00000000 ____D () C:\Users\Bartek\Documents\Diablo III 2015-02-02 23:57 - 2009-07-14 19:09 - 00000000 ____D () C:\Windows\ShellNew 2015-01-31 07:52 - 2014-04-28 19:53 - 00000000 ____D () C:\Program Files (x86)\Raptr 2015-01-30 19:18 - 2014-05-01 11:52 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\AIMP3 2015-01-30 14:17 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages 2015-01-27 17:51 - 2014-07-19 09:21 - 00000000 ____D () C:\Users\Bartek\AppData\Roaming\Adobe 2015-01-27 17:21 - 2014-06-22 21:50 - 00000000 ____D () C:\Users\Bartek\AppData\Local\Battle.net ==================== Files in the root of some directories ======= 2014-11-30 18:42 - 2014-11-30 18:42 - 0003506 _____ () C:\Users\Bartek\AppData\Local\recently-used.xbel 2014-10-11 14:10 - 2014-10-11 14:10 - 0007596 _____ () C:\Users\Bartek\AppData\Local\Resmon.ResmonCfg 2015-01-27 17:24 - 2015-01-27 17:24 - 0003187 _____ () C:\Users\Bartek\AppData\Local\unins000.dat 2015-01-27 17:24 - 2015-01-27 17:24 - 0707744 _____ () C:\Users\Bartek\AppData\Local\unins000.exe 2015-01-27 17:24 - 2015-01-27 17:24 - 0011761 _____ () C:\Users\Bartek\AppData\Local\unins000.msg 2014-05-16 20:33 - 2014-03-17 20:33 - 0000032 ____R () C:\ProgramData\hash.dat Files to move or delete: ==================== C:\ProgramData\hash.dat ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-23 21:08 ==================== End Of Log ============================