Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-12-2013
Ran by Krzysztof (administrator) on KRZYSIO on 05-12-2013 12:46:59
Running from C:\Users\Krzysztof\Downloads
Windows 8.1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(BonanzaDeals) C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe
() C:\Program Files (x86)\Opera\18.0.1284.49\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [AuditSHD] - C:\Windows\System32\oobe\AuditShD.exe [29696 2013-08-22] (Microsoft Corporation)
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [90832 2012-06-07] (ASUS)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe [35736 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\aprp.exe [3331312 2012-08-05] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\AsusWSPanel.exe /S
HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKU\Slawomir\...\Run: [SDP] - C:\Users\Slawomir\AppData\Local\FilesFrog Update Checker\update_checker.exe [201808 2013-01-31] (Somoto)
HKU\Slawomir\...\Run: [Steam] - "C:\Program Files (x86)\Steam\Steam.exe" -silent
Startup: C:\Users\Slawomir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=1A041E85DE99ACBC&affID=125035&tsp=5031
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000LPVT-80G33T2_WD-WX61AA23437234372&ts=1381431014
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000LPVT-80G33T2_WD-WX61AA23437234372&ts=1381431014
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000LPVT-80G33T2_WD-WX61AA23437234372&ts=1381431014&type=default&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000LPVT-80G33T2_WD-WX61AA23437234372&ts=1381431014&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000LPVT-80G33T2_WD-WX61AA23437234372&ts=1381431014&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000LPVT-80G33T2_WD-WX61AA23437234372&ts=1381431014&type=default&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - bProtectorDefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
BHO: a2zLyrics-1 - {11111111-1111-1111-1111-110411151154} - C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-bho64.dll (Lyrics)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: a2zLyrics-1 - {11111111-1111-1111-1111-110411151154} - C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-bho.dll (Lyrics)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.24.6\bh\BabylonToolbar.dll (Babylon BHO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: searchgol Helper Object - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.24.6\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - searchgol Toolbar - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD)
Tcpip\Parameters: [DhcpNameServer] 62.179.1.60 62.179.1.61

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://google.pl/"
CHR Extension: (Google Docs) - C:\Users\Krzysztof\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Krzysztof\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Krzysztof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Krzysztof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Krzysztof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Krzysztof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [aipfmkinhleccnodemkoofnnofpbbpac] - C:\Users\Slawomir\AppData\Roaming\BabSolution\CR\searchgol.crx
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Slawomir\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Slawomir\AppData\Roaming\BabSolution\CR\Delta.crx

==================== Services (Whitelisted) =================

R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-10] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-10] (BonanzaDeals)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-09-30] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56672 2013-08-22] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S1 haozcrtu; \??\C:\WINDOWS\system32\drivers\haozcrtu.sys [x]
S1 rhyklgry; \??\C:\WINDOWS\system32\drivers\rhyklgry.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-05 12:46 - 2013-12-05 12:47 - 00014964 _____ C:\Users\Krzysztof\Downloads\FRST.txt
2013-12-05 12:44 - 2013-12-05 12:44 - 01959766 _____ (Farbar) C:\Users\Krzysztof\Downloads\FRST64.exe
2013-12-05 12:44 - 2013-12-05 12:44 - 00000000 ____D C:\FRST
2013-12-05 11:29 - 2013-12-05 11:29 - 00000000 ____D C:\Users\Krzysztof\AppData\Roaming\URSoft
2013-12-05 11:11 - 2013-11-19 11:30 - 00267936 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-12-05 10:37 - 2013-12-05 10:38 - 00284360 _____ C:\WINDOWS\Minidump\120513-19468-01.dmp
2013-12-05 10:37 - 2013-12-05 10:37 - 729185244 _____ C:\WINDOWS\MEMORY.DMP
2013-12-05 10:30 - 2013-12-05 10:37 - 00000000 ____D C:\WINDOWS\Minidump
2013-12-03 10:08 - 2013-12-03 10:08 - 02900005 _____ C:\Users\Krzysztof\Downloads\Przemówienia.zip
2013-11-20 13:14 - 2013-11-20 13:14 - 00000000 ____D C:\ProgramData\QuickSet
2013-11-20 13:13 - 2013-11-20 13:14 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-16 22:53 - 2013-11-16 22:53 - 00000000 ____D C:\Users\Krzysztof\AppData\Local\Intel_Corporation
2013-11-16 22:36 - 2013-11-16 22:44 - 00000885 _____ C:\Users\Krzysztof\Desktop\Counter-Strike 1.6.lnk
2013-11-16 22:36 - 2013-11-16 22:36 - 00000000 ____D C:\Users\Krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2013-11-16 22:10 - 2013-11-16 22:32 - 280778290 _____ C:\Users\Krzysztof\Downloads\cs16full_v23.exe
2013-11-15 19:27 - 2013-11-15 19:34 - 22501610 _____ C:\Users\Krzysztof\Downloads\CS.1.6.Patch.V19.exe
2013-11-13 10:43 - 2013-10-19 09:08 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-13 10:43 - 2013-10-19 07:37 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-13 10:43 - 2013-10-19 07:02 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-13 10:43 - 2013-10-19 06:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2013-11-13 10:43 - 2013-10-19 06:19 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-13 10:43 - 2013-10-19 06:10 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-13 10:43 - 2013-10-19 05:52 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-13 10:43 - 2013-10-19 05:44 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-13 10:43 - 2013-10-19 05:37 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-13 10:43 - 2013-10-19 05:31 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-13 10:43 - 2013-10-19 04:56 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-13 10:43 - 2013-10-19 04:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-13 10:43 - 2013-10-19 04:53 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-13 10:43 - 2013-10-19 04:23 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-13 10:43 - 2013-10-19 04:09 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-13 10:43 - 2013-10-19 04:02 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-13 10:43 - 2013-10-16 16:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-11-13 10:43 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-11-13 10:43 - 2013-10-13 03:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-11-13 10:43 - 2013-10-12 22:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-11-13 10:43 - 2013-10-12 22:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-11-13 10:43 - 2013-10-05 15:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-11-13 10:43 - 2013-10-05 09:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

==================== One Month Modified Files and Folders =======

2013-12-05 12:47 - 2013-12-05 12:46 - 00014964 _____ C:\Users\Krzysztof\Downloads\FRST.txt
2013-12-05 12:44 - 2013-12-05 12:44 - 01959766 _____ (Farbar) C:\Users\Krzysztof\Downloads\FRST64.exe
2013-12-05 12:44 - 2013-12-05 12:44 - 00000000 ____D C:\FRST
2013-12-05 12:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-05 11:47 - 2013-10-17 14:28 - 01765255 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-05 11:39 - 2013-09-30 05:15 - 01825074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-05 11:39 - 2013-09-30 05:00 - 00807160 _____ C:\WINDOWS\system32\perfh015.dat
2013-12-05 11:39 - 2013-09-30 05:00 - 00163478 _____ C:\WINDOWS\system32\perfc015.dat
2013-12-05 11:36 - 2013-10-17 14:39 - 00000000 __RDO C:\Users\Krzysztof\SkyDrive
2013-12-05 11:34 - 2013-10-10 19:00 - 00002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-05 11:32 - 2013-10-10 21:15 - 00000380 _____ C:\Users\Krzysztof\AppData\Roaming\sp_data.sys
2013-12-05 11:31 - 2013-09-29 20:06 - 00043964 _____ C:\WINDOWS\PFRO.log
2013-12-05 11:29 - 2013-12-05 11:29 - 00000000 ____D C:\Users\Krzysztof\AppData\Roaming\URSoft
2013-12-05 11:26 - 2013-10-17 14:18 - 00000000 ____D C:\Users\Krzysztof
2013-12-05 10:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-05 10:38 - 2013-12-05 10:37 - 00284360 _____ C:\WINDOWS\Minidump\120513-19468-01.dmp
2013-12-05 10:37 - 2013-12-05 10:37 - 729185244 _____ C:\WINDOWS\MEMORY.DMP
2013-12-05 10:37 - 2013-12-05 10:30 - 00000000 ____D C:\WINDOWS\Minidump
2013-12-05 10:29 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-05 10:29 - 2012-12-14 14:07 - 00158660 ____N C:\WINDOWS\Minidump\120513-19125-01.dmp
2013-12-04 19:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-12-03 10:08 - 2013-12-03 10:08 - 02900005 _____ C:\Users\Krzysztof\Downloads\Przemówienia.zip
2013-11-20 13:14 - 2013-11-20 13:14 - 00000000 ____D C:\ProgramData\QuickSet
2013-11-20 13:14 - 2013-11-20 13:13 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-19 17:17 - 2013-10-08 15:35 - 00000000 ____D C:\Program Files (x86)\Opera
2013-11-19 11:30 - 2013-12-05 11:11 - 00267936 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-16 22:53 - 2013-11-16 22:53 - 00000000 ____D C:\Users\Krzysztof\AppData\Local\Intel_Corporation
2013-11-16 22:44 - 2013-11-16 22:36 - 00000885 _____ C:\Users\Krzysztof\Desktop\Counter-Strike 1.6.lnk
2013-11-16 22:36 - 2013-11-16 22:36 - 00000000 ____D C:\Users\Krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2013-11-16 22:32 - 2013-11-16 22:10 - 280778290 _____ C:\Users\Krzysztof\Downloads\cs16full_v23.exe
2013-11-15 19:34 - 2013-11-15 19:27 - 22501610 _____ C:\Users\Krzysztof\Downloads\CS.1.6.Patch.V19.exe
2013-11-13 22:55 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-13 22:14 - 2013-10-10 18:59 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-13 22:03 - 2013-10-14 10:43 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-13 21:56 - 2013-10-10 19:51 - 00000946 _____ C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-11-13 20:56 - 2013-10-10 19:51 - 00000942 _____ C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-11-13 20:51 - 2013-10-10 19:50 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-11-13 19:56 - 2013-10-10 18:56 - 00001352 _____ C:\WINDOWS\Tasks\a2zLyrics-1-updater.job
2013-11-13 19:56 - 2013-10-10 18:56 - 00001258 _____ C:\WINDOWS\Tasks\a2zLyrics-1-codedownloader.job
2013-11-13 19:56 - 2013-10-10 18:56 - 00001158 _____ C:\WINDOWS\Tasks\a2zLyrics-1-enabler.job
2013-11-13 17:54 - 2013-10-11 22:41 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2139804757-2743755002-1485905433-1004
2013-11-13 15:14 - 2013-10-10 18:59 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-13 13:23 - 2013-10-10 19:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-13 13:22 - 2013-10-10 19:24 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-07 18:48 - 2013-10-16 13:31 - 00000000 ____D C:\Users\Krzysztof\AppData\Roaming\uTorrent
2013-11-06 00:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-11-06 00:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Krzysztof\AppData\Local\Temp\avgnt.exe
C:\Users\Krzysztof\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Slawomir\AppData\Local\Temp\7z920.exe
C:\Users\Slawomir\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe
C:\Users\Slawomir\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Slawomir\AppData\Local\Temp\BabylonTB.exe
C:\Users\Slawomir\AppData\Local\Temp\BackupSetup.exe
C:\Users\Slawomir\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Slawomir\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-08 15:56

==================== End Of Log ============================