Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by basiak xd (administrator) on BASIA on 17-01-2014 22:15:05
Running from C:\Users\basiak xd\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\basiak xd\AppData\Local\Google\Update\GoogleUpdate.exe
(Facebook Inc.) C:\Users\basiak xd\AppData\Local\Facebook\Update\FacebookUpdate.exe
() C:\Program Files (x86)\Tor\tor.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Users\basiak xd\AppData\Local\Google\Update\GoogleUpdate.exe
() D:\Instalki\putty.exe
(Google Inc.) C:\Users\basiak xd\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\basiak xd\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\basiak xd\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\basiak xd\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\basiak xd\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\basiak xd\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\basiak xd\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\basiak xd\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\basiak xd\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\basiak xd\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [16328736 2009-06-11] (NVIDIA Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKCU\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKCU\...\Run: [ALLUpdate] - "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep"
HKCU\...\Run: [Google Update] - C:\Users\basiak xd\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-04] (Google Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\basiak xd\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-30] (Facebook Inc.)
HKCU\...\Run: [Google+ Auto Backup] - "C:\Users\basiak xd\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MountPoints2: F - F:\AutoRun.exe
MountPoints2: H - H:\Autorun.exe
MountPoints2: I - I:\LaunchU3.exe -a
MountPoints2: {0b79090f-1ab9-11e3-b6b8-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {0fc2181b-1af3-11e3-ad71-001e101f8aaa} - F:\AutoRun.exe
MountPoints2: {29bd3344-1ba7-11e3-878b-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {29bd336c-1ba7-11e3-878b-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {29bd3382-1ba7-11e3-878b-001e101f2b52} - F:\AutoRun.exe
MountPoints2: {29bd338f-1ba7-11e3-878b-001e101f2b52} - F:\AutoRun.exe
MountPoints2: {2fbe81bf-3560-11e1-b600-001e101f8ed0} - F:\AutoRun.exe
MountPoints2: {37218ef7-8e0b-11e1-8086-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {6dfb898b-355f-11e1-af8c-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {97acfa5d-eb25-11e0-98a2-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {97acfa6c-eb25-11e0-98a2-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {97acfa8b-eb25-11e0-98a2-001e101f8aaa} - F:\AutoRun.exe
MountPoints2: {9daedec6-354b-11e1-8cbf-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {9daedef2-354b-11e1-8cbf-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {a7dfd7ec-ef29-11de-a92b-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {a7dfd7f7-ef29-11de-a92b-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {b530edbb-343b-11e0-b9b3-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {d837da8b-3364-11e0-bc58-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {d837da97-3364-11e0-bc58-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {d9ec390b-19f7-11e3-bc9a-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {d9ec391e-19f7-11e3-bc9a-90e6ba638048} - F:\AutoRun.exe
MountPoints2: {e119729d-3d77-11df-8804-90e6ba638048} - F:\Autorun.exe
MountPoints2: {e2625d88-efcc-11e2-9031-90e6ba638048} - G:\Autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 54.204.28.26	nikdaiaidiiiogaidkkekcmokcgcdeac
Tcpip\Parameters: [DhcpNameServer] 158.75.88.5

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 - C:\Program Files (x86)\Picasa2\npPicasa2.dll (Google, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\basiak xd\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\basiak xd\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\basiak xd\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

Chrome: 
=======
CHR Extension: (Dysk Google) - C:\Users\basiak xd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-17]
CHR Extension: (YouTube) - C:\Users\basiak xd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-17]
CHR Extension: (Szukaj w Google) - C:\Users\basiak xd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-17]
CHR Extension: (Discount Dragon) - C:\Users\basiak xd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikdaiaidiiiogaidkkekcmokcgcdeac [2014-01-17]
CHR Extension: (Google Wallet) - C:\Users\basiak xd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-17]
CHR Extension: (Gmail) - C:\Users\basiak xd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-17]
CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-01-17]

==================== Services (Whitelisted) =================

R2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-14] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [306232 2009-07-24] (ASUSTeK Computer Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-20] ()
S3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [x]

==================== Drivers (Whitelisted) ====================

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-06] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-01-17] (Duplex Secure Ltd.)
S3 AmUStor; system32\drivers\AmUStor.SYS [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
S3 ipswuio; System32\DRIVERS\ipswuio.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
U3 tmlwf; 
U3 tmwfp; 
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-17 22:15 - 2014-01-17 22:16 - 00013328 _____ C:\Users\basiak xd\Downloads\FRST.txt
2014-01-17 22:14 - 2014-01-17 22:14 - 02076160 _____ (Farbar) C:\Users\basiak xd\Downloads\FRST64.exe
2014-01-17 22:14 - 2014-01-17 22:14 - 00000000 ____D C:\FRST
2014-01-17 16:52 - 2014-01-17 17:07 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-17 14:41 - 2014-01-17 14:42 - 00000000 ____D C:\Program Files (x86)\Heroes of Might and Magic III - Zlota Edycja
2014-01-17 13:55 - 2014-01-17 17:04 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-17 13:48 - 2014-01-17 16:32 - 00000000 ____D C:\Users\basiak xd\AppData\Local\BenchUpdater
2014-01-17 13:48 - 2014-01-17 16:13 - 00000000 ____D C:\Users\basiak xd\AppData\Local\Discount Dragon
2014-01-17 13:48 - 2014-01-17 16:09 - 00000000 ____D C:\Program Files (x86)\Discount Dragon
2014-01-17 13:48 - 2014-01-17 13:48 - 00000266 __RSH C:\ProgramData\ntuser.pol
2014-01-17 13:48 - 2014-01-17 13:48 - 00000000 ____D C:\Program Files (x86)\predm
2014-01-17 13:46 - 2014-01-17 16:18 - 00000000 ____D C:\Program Files (x86)\SquirrelWeb
2014-01-17 13:18 - 2014-01-17 13:18 - 00000000 ____D C:\Users\basiak xd\AppData\Roaming\Malwarebytes
2014-01-17 13:17 - 2014-01-17 13:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-17 13:12 - 2014-01-17 13:12 - 00001362 _____ C:\AdwCleaner[S3].txt
2014-01-17 13:11 - 2014-01-17 13:12 - 00001264 _____ C:\AdwCleaner[R3].txt
2014-01-17 13:06 - 2014-01-17 13:07 - 00002019 _____ C:\AdwCleaner[S2].txt
2014-01-17 13:05 - 2014-01-17 13:06 - 00002145 _____ C:\AdwCleaner[R2].txt
2014-01-17 13:01 - 2014-01-17 13:01 - 00000000 ____D C:\Users\basiak xd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-17 12:56 - 2014-01-17 12:56 - 00000000 ____D C:\Users\basiak xd\AppData\Local\cache
2014-01-17 12:56 - 2014-01-17 12:56 - 00000000 ____D C:\Users\basiak xd\.android
2014-01-17 12:56 - 2014-01-17 12:56 - 00000000 _____ C:\Users\basiak xd\daemonprocess.txt
2014-01-17 01:34 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-17 01:34 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-17 01:34 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-17 01:34 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-17 01:34 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-17 01:34 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-17 01:31 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-17 01:31 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 18:24 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr

==================== One Month Modified Files and Folders =======

2014-01-17 22:16 - 2014-01-17 22:15 - 00013328 _____ C:\Users\basiak xd\Downloads\FRST.txt
2014-01-17 22:14 - 2014-01-17 22:14 - 02076160 _____ (Farbar) C:\Users\basiak xd\Downloads\FRST64.exe
2014-01-17 22:14 - 2014-01-17 22:14 - 00000000 ____D C:\FRST
2014-01-17 22:13 - 2013-10-22 00:37 - 00000000 ____D C:\Users\basiak xd\Desktop\głupoty
2014-01-17 22:12 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-17 22:12 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-17 21:12 - 2009-12-29 17:13 - 00000000 ____D C:\Users\basiak xd\AppData\Local\CrashDumps
2014-01-17 21:11 - 2009-10-06 14:34 - 01085374 _____ C:\Windows\WindowsUpdate.log
2014-01-17 17:08 - 2013-10-16 00:50 - 00002866 _____ C:\Windows\System32\Tasks\Net4Switch
2014-01-17 17:07 - 2014-01-17 16:52 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-17 17:07 - 2009-07-14 05:51 - 00212456 _____ C:\Windows\setupact.log
2014-01-17 17:04 - 2014-01-17 13:55 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-17 16:50 - 2013-09-12 09:14 - 00000000 ____D C:\AdwCleaner
2014-01-17 16:50 - 2011-07-26 19:55 - 00000000 ____D C:\Users\basiak xd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-01-17 16:50 - 2009-12-22 18:26 - 00001007 _____ C:\Users\basiak xd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-17 16:34 - 2013-08-21 18:33 - 00000000 ____D C:\Users\basiak xd\AppData\Local\avgchrome
2014-01-17 16:32 - 2014-01-17 13:48 - 00000000 ____D C:\Users\basiak xd\AppData\Local\BenchUpdater
2014-01-17 16:18 - 2014-01-17 13:46 - 00000000 ____D C:\Program Files (x86)\SquirrelWeb
2014-01-17 16:13 - 2014-01-17 13:48 - 00000000 ____D C:\Users\basiak xd\AppData\Local\Discount Dragon
2014-01-17 16:09 - 2014-01-17 13:48 - 00000000 ____D C:\Program Files (x86)\Discount Dragon
2014-01-17 16:07 - 2013-05-17 19:10 - 00000000 ____D C:\Users\basiak xd\AppData\Roaming\Codec Pack Packages
2014-01-17 16:07 - 2013-03-27 14:26 - 00000000 ____D C:\Users\basiak xd\AppData\Roaming\Video Converter Packages
2014-01-17 14:42 - 2014-01-17 14:41 - 00000000 ____D C:\Program Files (x86)\Heroes of Might and Magic III - Zlota Edycja
2014-01-17 14:35 - 2009-08-03 20:55 - 00698146 _____ C:\Windows\system32\perfh015.dat
2014-01-17 14:35 - 2009-08-03 20:55 - 00135224 _____ C:\Windows\system32\perfc015.dat
2014-01-17 14:35 - 2009-07-14 06:13 - 01549932 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-17 13:48 - 2014-01-17 13:48 - 00000266 __RSH C:\ProgramData\ntuser.pol
2014-01-17 13:48 - 2014-01-17 13:48 - 00000000 ____D C:\Program Files (x86)\predm
2014-01-17 13:48 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2014-01-17 13:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2014-01-17 13:36 - 2009-10-06 15:22 - 00001657 _____ C:\Windows\system32\ServiceFilter.ini
2014-01-17 13:35 - 2013-08-21 09:38 - 00027704 _____ C:\Windows\PFRO.log
2014-01-17 13:18 - 2014-01-17 13:18 - 00000000 ____D C:\Users\basiak xd\AppData\Roaming\Malwarebytes
2014-01-17 13:17 - 2014-01-17 13:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-17 13:12 - 2014-01-17 13:12 - 00001362 _____ C:\AdwCleaner[S3].txt
2014-01-17 13:12 - 2014-01-17 13:11 - 00001264 _____ C:\AdwCleaner[R3].txt
2014-01-17 13:09 - 2009-10-06 15:22 - 00002090 _____ C:\Windows\system32\AutoRunFilter.ini
2014-01-17 13:07 - 2014-01-17 13:06 - 00002019 _____ C:\AdwCleaner[S2].txt
2014-01-17 13:06 - 2014-01-17 13:05 - 00002145 _____ C:\AdwCleaner[R2].txt
2014-01-17 13:01 - 2014-01-17 13:01 - 00000000 ____D C:\Users\basiak xd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-17 13:01 - 2013-08-28 21:41 - 00000000 ___RD C:\Users\basiak xd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-17 12:59 - 2009-12-30 15:30 - 00381440 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-01-17 12:56 - 2014-01-17 12:56 - 00000000 ____D C:\Users\basiak xd\AppData\Local\cache
2014-01-17 12:56 - 2014-01-17 12:56 - 00000000 ____D C:\Users\basiak xd\.android
2014-01-17 12:56 - 2014-01-17 12:56 - 00000000 _____ C:\Users\basiak xd\daemonprocess.txt
2014-01-17 12:56 - 2009-12-22 18:17 - 00000000 ____D C:\Users\basiak xd
2014-01-17 12:55 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-17 11:09 - 2013-07-30 15:59 - 00000000 ____D C:\Users\basiak xd\AppData\Roaming\Skype
2014-01-17 11:04 - 2009-07-14 05:45 - 00429160 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-17 10:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-17 02:16 - 2013-11-20 02:11 - 00156530 _____ C:\Windows\IE11_main.log
2014-01-17 02:15 - 2009-10-06 14:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-17 02:13 - 2013-08-14 13:42 - 00000000 ____D C:\Windows\system32\MRT
2014-01-17 02:10 - 2010-11-23 10:12 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-17 02:07 - 2012-10-01 16:00 - 00000600 _____ C:\Users\basiak xd\PUTTY.RND
2014-01-13 19:54 - 2009-12-28 13:01 - 00000000 ___RD C:\Users\basiak xd\Documents\`dokumenty
2014-01-10 12:27 - 2009-12-30 22:30 - 00000000 ____D C:\Windows\System32\Tasks\Games
2014-01-08 10:03 - 2009-12-30 23:21 - 00000000 ____D C:\Users\basiak xd\AppData\Local\Google
2014-01-08 09:40 - 2011-03-28 14:24 - 00000000 ____D C:\Program Files (x86)\Picasa2
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2013-12-31 15:08 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

Some content of TEMP:
====================
C:\Users\basiak xd\AppData\Local\Temp\APNSetup.exe
C:\Users\basiak xd\AppData\Local\Temp\BackupSetup.exe
C:\Users\basiak xd\AppData\Local\Temp\ICReinstall_Setup.exe
C:\Users\basiak xd\AppData\Local\Temp\Quarantine.exe
C:\Users\basiak xd\AppData\Local\Temp\SHSetup.exe
C:\Users\basiak xd\AppData\Local\Temp\SkypeSetup.exe
C:\Users\basiak xd\AppData\Local\Temp\vcredist_x64.exe
C:\Users\basiak xd\AppData\Local\Temp\wtw-update.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-09 00:47

==================== End Of Log ============================