ADVERTISEMENT

FRST.txt

Gameharbor.org – automatyczne uruchamianie strony po włączeniu komputera

Również mam problem z gameharbor. Proszę o pomoc


Download file - link to post

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Mateusz (administrator) on ASUS on 15-09-2014 09:18:51
Running from C:\Users\Mateusz\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Teleca Sweden AB) C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Teleca Sweden AB) C:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Popwire AB) C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Teleca AB) C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe
(Teleca) C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
(Teleca Sweden AB) C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
(Teleca AB) C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
(TODO: & lt; Company name & gt; ) C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] = & gt; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] = & gt; C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] = & gt; C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [SynAsusAcpi] = & gt; C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [IntelTBRunOnce] = & gt; wscript.exe //b //nologo " C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs "
HKLM\...\Run: [ProfilerU] = & gt; C:\Program Files\SmartTechnology\Software\ProfilerU.exe [310272 2011-11-09] (Saitek)
HKLM\...\Run: [SaiMfd] = & gt; C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2011-11-09] (Saitek)
HKLM\...\Run: [Nvtmru] = & gt; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] = & gt; C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] = & gt; C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] = & gt; C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] = & gt; C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [SonicMasterTray] = & gt; C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] = & gt; C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-18] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] = & gt; C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-08] (ASUS)
HKLM-x32\...\Run: [HControlUser] = & gt; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] = & gt; C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [UpdateLBPShortCut] = & gt; C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] = & gt; C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [PowerDVD12DMREngine] = & gt; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [501544 2012-01-02] (CyberLink)
HKLM-x32\...\Run: [PowerDVD12Agent] = & gt; C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [371256 2012-02-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Mobile Connectivity Suite] = & gt; C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe [598016 2009-11-19] (Teleca Sweden AB)
HKLM-x32\...\Run: [miner] = & gt; C:\Users\Mateusz\AppData\Roaming\miner\nircmd.exe [44032 2013-08-11] (NirSoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2336096178-2037350463-4184889256-1001\...\Run: [DAEMON Tools Lite] = & gt; C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-2336096178-2037350463-4184889256-1001\...\Run: [Google Update] = & gt; C:\Users\Mateusz\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-14] (Google Inc.)
HKU\S-1-5-21-2336096178-2037350463-4184889256-1001\...\Run: [Steam] = & gt; C:\Steam\Steam.exe [1937600 2014-08-14] (Valve Corporation)
HKU\S-1-5-21-2336096178-2037350463-4184889256-1001\...\Run: [miner] = & gt; C:\Users\Mateusz\AppData\Roaming\miner\nircmd.exe [44032 2013-08-11] (NirSoft)
HKU\S-1-5-21-2336096178-2037350463-4184889256-1001\...\Run: [IPLA!] = & gt; C:\Program Files (x86)\ipla\ipla.exe [21421664 2014-08-12] (Redefine Sp z o.o.)
HKU\S-1-5-21-2336096178-2037350463-4184889256-1001\...\Run: [CMD] = & gt; cmd.exe /c start http://extendedunlimited.org & & exit & lt; ===== ATTENTION
HKU\S-1-5-21-2336096178-2037350463-4184889256-1001\...\MountPoints2: {28fc399a-0280-11e2-aab1-742f68e03f79} - I:\start.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll = & gt; C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll = & gt; C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk - & gt; C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
ShellIconOverlayIdentifiers: AsusWSShellExt_B - & gt; {6D4133E5-0742-4ADC-8A8C-9303440F7190} = & gt; C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O - & gt; {64174815-8D98-4CE6-8646-4C039977D808} = & gt; C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
BootExecute: autocheck autochk * ╣砯ý錀畍瑬卩牴湩彧潂瑯硅捥瑵䭥祥1LiiYZ╤砯ý蠀autocheck autochk * ┙砯ý言╣砯ý錀畍瑬卩牴湩彧潂瑯硅捥瑵䭥祥1b┚砯ý退돠˷

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7 & q={searchTerms} & rls=com.microsoft:{language}:{referrer:source?} & ie={inputEncoding} & oe={outputEncoding} & rlz=1I7ASUT
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {98F81B0D-03C4-4E9C-9763-F8AADFE5B630} URL = http://www.idg.pl?q={searchTerms}
BHO: Content Blocker Plugin - & gt; {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - & gt; {73455575-E40C-433C-9784-C78DC7761455} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: URL Advisor Plugin - & gt; {E33CF602-D945-461A-83F0-819F76A199F8} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - & gt; {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - & gt; {73455575-E40C-433C-9784-C78DC7761455} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - & gt; {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - & gt; C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - & gt; {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - & gt; C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - & gt; {E33CF602-D945-461A-83F0-819F76A199F8} - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\lxzccxog.default
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP21DF & PC=UP21 & dt=041313 & q=
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE - & gt; disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - & gt; C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - & gt; C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard - & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/GENUINE - & gt; disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - & gt; C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - & gt; C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - & gt; C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @TrendMicro.com/FFExtension - & gt; C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: ZEON/PDF,version=2.0 - & gt; C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - & gt; C:\Users\Mateusz\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - & gt; C:\Users\Mateusz\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-05-12]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-12]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址過濾 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-12]
FF Extension: No Name - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\lxzccxog.default\extensions\shortcutff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\lxzccxog.default\extensions\bbrs_002@blabbers.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [Not Found]

Chrome:
=======
CHR HomePage: Default - & gt; hxxp://www.google.com/
CHR DefaultSearchKeyword: Default - & gt; delta-homes
CHR DefaultSearchProvider: Default - & gt; delta-homes
CHR DefaultSearchURL: Default - & gt; http://search.delta-homes.com/web/?type=ds & ts=1402558715 & from=wpm0612 & uid=ST9750420AS_5WS2XKLXXXXX5WS2XKLX & q={searchTerms}
CHR DefaultSuggestURL: Default - & gt;
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\37.0.2062.120\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Mateusz\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-14]
CHR Extension: (Szukaj w Google) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-08-08]
CHR Extension: (Google Wallet) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-14]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Atheros Bt & Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336 2012-02-21] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048 2012-02-21] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232 2012-02-21] (CyberLink)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-01] ()
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-22] (DT Soft Ltd)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [140352 2014-09-12] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [792128 2014-09-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [82928 2011-10-27] (Cyberlink Corp.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 SaiK0CCB; C:\Windows\System32\DRIVERS\SaiK0CCB.sys [183104 2011-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24640 2011-11-10] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52160 2011-11-10] (Saitek)
R3 SaiU0CCB; C:\Windows\System32\DRIVERS\SaiU0CCB.sys [47168 2011-09-20] (Saitek)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] ()
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [146928 2012-02-16] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 09:18 - 2014-09-15 09:20 - 00027107 _____ () C:\Users\Mateusz\Desktop\FRST.txt
2014-09-15 09:18 - 2014-09-15 09:18 - 00000000 ____D () C:\FRST
2014-09-15 09:17 - 2014-09-15 09:18 - 02105856 _____ (Farbar) C:\Users\Mateusz\Desktop\FRST64.exe
2014-09-15 08:55 - 2014-09-15 08:55 - 00000000 ___RD () C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-09-15 08:45 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-15 08:44 - 2014-09-15 08:53 - 00000000 ____D () C:\AdwCleaner
2014-09-15 08:43 - 2014-09-15 08:43 - 01373475 _____ () C:\Users\Mateusz\Desktop\AdwCleaner.exe
2014-09-13 22:26 - 2014-09-13 22:27 - 00326128 _____ () C:\Windows\Minidump\091314-25537-01.dmp
2014-09-13 22:26 - 2014-09-13 22:26 - 694032163 _____ () C:\Windows\MEMORY.DMP
2014-09-12 22:51 - 2014-09-12 22:51 - 00003326 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-09-12 22:51 - 2014-09-12 22:51 - 00002264 _____ () C:\Users\Mateusz\Desktop\SpyHunter.lnk
2014-09-12 22:51 - 2014-09-12 22:51 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-09-12 22:51 - 2014-09-12 22:51 - 00000000 ____D () C:\sh4ldr
2014-09-12 22:51 - 2014-09-12 22:51 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-12 22:51 - 2014-09-12 22:51 - 00000000 _____ () C:\autoexec.bat
2014-09-12 22:51 - 2012-06-22 11:01 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-09-12 22:50 - 2014-09-12 22:51 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-12 21:06 - 2014-09-15 08:55 - 00001008 _____ () C:\Windows\setupact.log
2014-09-12 21:06 - 2014-09-15 08:54 - 00001200 _____ () C:\Windows\PFRO.log
2014-09-12 21:06 - 2014-09-12 21:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-12 20:50 - 2014-09-12 20:50 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-12 20:50 - 2014-09-12 20:50 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-12 20:50 - 2014-09-12 20:50 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-12 14:48 - 2014-09-12 14:48 - 00001141 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-09-12 14:48 - 2014-09-12 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-09-12 14:48 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-09-12 14:47 - 2014-09-12 15:09 - 00792128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-12 14:47 - 2014-09-12 15:09 - 00140352 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-12 14:47 - 2014-09-12 14:47 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-12 14:47 - 2014-09-12 14:47 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-12 14:47 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-09-12 14:25 - 2014-09-12 14:25 - 00000000 ____D () C:\Program Files (x86)\Dead Rising 3
2014-09-11 15:21 - 2014-09-11 15:23 - 168766784 _____ (Kaspersky Lab) C:\Users\Mateusz\Desktop\kav15.0.0.463en_6021.exe
2014-09-10 16:21 - 2014-09-10 16:21 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-06 23:06 - 2014-09-06 23:07 - 00000000 ____D () C:\Users\Mateusz\Documents\NFS Most Wanted
2014-09-06 23:05 - 2014-09-06 23:05 - 00000583 _____ () C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2014-09-06 23:05 - 2014-09-06 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted
2014-09-06 22:58 - 2014-09-06 23:05 - 00000000 ____D () C:\Need for Speed™ Most Wanted
2014-09-06 18:41 - 2014-09-06 18:41 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Steam
2014-09-06 17:08 - 2014-09-14 19:14 - 00000000 ____D () C:\Dead Rising 3
2014-08-22 16:13 - 2014-08-22 16:17 - 00000000 ____D () C:\Users\Mateusz\Desktop\Nowy folder (14)
2014-08-21 15:56 - 2014-08-21 15:56 - 00001079 _____ () C:\Users\Mateusz\Desktop\Discipl2.exe — skrót.lnk
2014-08-20 19:10 - 2014-08-20 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strategy First
2014-08-16 23:33 - 2014-08-16 23:33 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{519EC9E6-DC30-44E3-ACDB-C58AD08BC795}
2014-08-16 17:31 - 2014-08-16 20:37 - 00000000 ____D () C:\Users\Mateusz\Desktop\zdjęcia

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 09:20 - 2014-09-15 09:18 - 00027107 _____ () C:\Users\Mateusz\Desktop\FRST.txt
2014-09-15 09:18 - 2014-09-15 09:18 - 00000000 ____D () C:\FRST
2014-09-15 09:18 - 2014-09-15 09:17 - 02105856 _____ (Farbar) C:\Users\Mateusz\Desktop\FRST64.exe
2014-09-15 09:02 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 09:02 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 09:00 - 2011-11-12 08:30 - 01224554 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 08:58 - 2012-11-28 16:51 - 00000000 ____D () C:\Steam
2014-09-15 08:55 - 2014-09-15 08:55 - 00000000 ___RD () C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-09-15 08:55 - 2014-09-12 21:06 - 00001008 _____ () C:\Windows\setupact.log
2014-09-15 08:55 - 2014-06-29 11:56 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-15 08:55 - 2012-06-22 13:38 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\ipla
2014-09-15 08:54 - 2014-09-12 21:06 - 00001200 _____ () C:\Windows\PFRO.log
2014-09-15 08:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 08:53 - 2014-09-15 08:44 - 00000000 ____D () C:\AdwCleaner
2014-09-15 08:50 - 2014-05-27 11:54 - 00000000 ____D () C:\Users\Mateusz\Desktop\tech
2014-09-15 08:48 - 2012-06-22 13:38 - 00000000 ____D () C:\ProgramData\RDRM
2014-09-15 08:46 - 2012-03-14 16:01 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-15 08:46 - 2012-01-16 17:50 - 00001003 _____ () C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-15 08:43 - 2014-09-15 08:43 - 01373475 _____ () C:\Users\Mateusz\Desktop\AdwCleaner.exe
2014-09-15 08:40 - 2012-03-14 16:01 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2336096178-2037350463-4184889256-1001UA.job
2014-09-14 23:12 - 2012-01-18 18:22 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\SoftGrid Client
2014-09-14 22:21 - 2014-01-06 16:04 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-14 20:00 - 2012-04-24 21:23 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\TS3Client
2014-09-14 19:15 - 2012-02-22 16:45 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\SKIDROW
2014-09-14 19:14 - 2014-09-06 17:08 - 00000000 ____D () C:\Dead Rising 3
2014-09-14 18:21 - 2011-02-19 07:31 - 11212538 _____ () C:\Windows\system32\perfh015.dat
2014-09-14 18:21 - 2011-02-19 07:31 - 03862716 _____ () C:\Windows\system32\perfc015.dat
2014-09-14 18:21 - 2009-07-14 07:13 - 00006496 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 09:58 - 2012-03-14 16:01 - 00001014 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2336096178-2037350463-4184889256-1001Core.job
2014-09-13 22:30 - 2012-01-20 18:43 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\CrashDumps
2014-09-13 22:27 - 2014-09-13 22:26 - 00326128 _____ () C:\Windows\Minidump\091314-25537-01.dmp
2014-09-13 22:27 - 2011-11-12 08:51 - 00001595 _____ () C:\Windows\system32\ServiceFilter.ini
2014-09-13 22:26 - 2014-09-13 22:26 - 694032163 _____ () C:\Windows\MEMORY.DMP
2014-09-13 22:26 - 2012-03-24 22:42 - 00000000 ____D () C:\Windows\Minidump
2014-09-12 22:51 - 2014-09-12 22:51 - 00003326 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-09-12 22:51 - 2014-09-12 22:51 - 00002264 _____ () C:\Users\Mateusz\Desktop\SpyHunter.lnk
2014-09-12 22:51 - 2014-09-12 22:51 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-09-12 22:51 - 2014-09-12 22:51 - 00000000 ____D () C:\sh4ldr
2014-09-12 22:51 - 2014-09-12 22:51 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-12 22:51 - 2014-09-12 22:51 - 00000000 _____ () C:\autoexec.bat
2014-09-12 22:51 - 2014-09-12 22:50 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-12 21:06 - 2014-09-12 21:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-12 21:03 - 2012-02-22 16:27 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
2014-09-12 21:03 - 2012-01-28 11:52 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Skype
2014-09-12 21:03 - 2009-07-29 08:03 - 00000000 ____D () C:\Windows\Panther
2014-09-12 20:50 - 2014-09-12 20:50 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-12 20:50 - 2014-09-12 20:50 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-12 20:50 - 2014-09-12 20:50 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-12 19:42 - 2012-03-14 16:02 - 00002384 _____ () C:\Users\Mateusz\Desktop\Google Chrome.lnk
2014-09-12 15:09 - 2014-09-12 14:47 - 00792128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-12 15:09 - 2014-09-12 14:47 - 00140352 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-12 14:48 - 2014-09-12 14:48 - 00001141 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-09-12 14:48 - 2014-09-12 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-09-12 14:47 - 2014-09-12 14:47 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-12 14:47 - 2014-09-12 14:47 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-12 14:25 - 2014-09-12 14:25 - 00000000 ____D () C:\Program Files (x86)\Dead Rising 3
2014-09-11 15:23 - 2014-09-11 15:21 - 168766784 _____ (Kaspersky Lab) C:\Users\Mateusz\Desktop\kav15.0.0.463en_6021.exe
2014-09-10 16:36 - 2014-07-25 13:35 - 00000000 ____D () C:\Users\Mateusz\Desktop\telefny
2014-09-10 16:21 - 2014-09-10 16:21 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-10 16:21 - 2014-01-06 16:04 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 16:21 - 2012-10-14 22:51 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 16:21 - 2012-10-14 22:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 14:03 - 2012-06-22 13:38 - 00000000 ____D () C:\ProgramData\ipla
2014-09-10 14:02 - 2012-06-22 13:38 - 00000957 _____ () C:\Users\Public\Desktop\ipla.lnk
2014-09-10 14:02 - 2012-06-22 13:38 - 00000000 ____D () C:\Program Files (x86)\ipla
2014-09-08 16:13 - 2014-07-28 23:29 - 00000000 ____D () C:\Users\Mateusz\Desktop\malowanie
2014-09-07 12:02 - 2012-01-16 17:49 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-09-06 23:07 - 2014-09-06 23:06 - 00000000 ____D () C:\Users\Mateusz\Documents\NFS Most Wanted
2014-09-06 23:05 - 2014-09-06 23:05 - 00000583 _____ () C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2014-09-06 23:05 - 2014-09-06 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted
2014-09-06 23:05 - 2014-09-06 22:58 - 00000000 ____D () C:\Need for Speed™ Most Wanted
2014-09-06 18:41 - 2014-09-06 18:41 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Steam
2014-09-06 16:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-09-06 14:20 - 2012-12-01 16:08 - 00000000 ____D () C:\Users\Mateusz\Documents\My Games
2014-08-31 16:47 - 2014-07-16 13:21 - 00000000 ____D () C:\Users\Mateusz\Desktop\Nowy folder (13)
2014-08-30 11:17 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-22 16:17 - 2014-08-22 16:13 - 00000000 ____D () C:\Users\Mateusz\Desktop\Nowy folder (14)
2014-08-21 15:56 - 2014-08-21 15:56 - 00001079 _____ () C:\Users\Mateusz\Desktop\Discipl2.exe — skrót.lnk
2014-08-20 19:10 - 2014-08-20 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strategy First
2014-08-20 19:10 - 2011-11-12 08:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-18 17:47 - 2014-05-28 13:22 - 00000000 ____D () C:\Users\Mateusz\Desktop\gry
2014-08-17 12:51 - 2014-02-04 16:49 - 00000000 ____D () C:\Users\Mateusz\Desktop\wszystkie pliki
2014-08-16 23:33 - 2014-08-16 23:33 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{519EC9E6-DC30-44E3-ACDB-C58AD08BC795}
2014-08-16 20:41 - 2014-02-11 01:33 - 00000000 ____D () C:\Users\Mateusz\Desktop\softowanie
2014-08-16 20:37 - 2014-08-16 17:31 - 00000000 ____D () C:\Users\Mateusz\Desktop\zdjęcia

Some content of TEMP:
====================
C:\Users\Mateusz\AppData\Local\Temp\Quarantine.exe
C:\Users\Mateusz\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe = & gt; File is digitally signed
C:\Windows\System32\wininit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\wininit.exe = & gt; File is digitally signed
C:\Windows\explorer.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\explorer.exe = & gt; File is digitally signed
C:\Windows\System32\svchost.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\svchost.exe = & gt; File is digitally signed
C:\Windows\System32\services.exe = & gt; File is digitally signed
C:\Windows\System32\User32.dll = & gt; File is digitally signed
C:\Windows\SysWOW64\User32.dll = & gt; File is digitally signed
C:\Windows\System32\userinit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\userinit.exe = & gt; File is digitally signed
C:\Windows\System32\rpcss.dll = & gt; File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys = & gt; File is digitally signed


LastRegBack: 2014-09-06 02:41

==================== End Of Log ============================