Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by tomy (administrator) on TOMY-KOMPUTER on 18-01-2014 21:28:43
Running from E:\Downloads
Windows 7 Professional (X64) OS Language: Polish
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
(Nektra S.A.) C:\Program Files (x86)\IVONA\IVONA Reader2\integr\OutlookExpress\IROElauncher.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Alibaba (China) Co., Ltd.) C:\Program Files (x86)\trademanager\AliIM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(ashampoo Technology GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 6 FREE\burningstudio.exe
(ashampoo Technology GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 6 FREE\burningstudio.exe
() C:\Program Files (x86)\EAGLE-6.3.0\bin\eagle.exe
(BitTorrent Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
() C:\Program Files (x86)\EAGLE-6.3.0\bin\eagle.exe
(Alexander Roshal) C:\Program Files (x86)\WinRAR\WinRAR.exe
(Alexander Roshal) C:\Program Files (x86)\WinRAR\WinRAR.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Alexander Roshal) C:\Program Files (x86)\WinRAR\WinRAR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(KEIL - An ARM Company.) C:\Keil\UV4\Uv4.exe
(Microsoft Corporation) C:\Windows\System32\mstsc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(KEIL - An ARM Company.) C:\Keil\UV4\Uv4.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Koninklijke Philips Electronics N.V.) C:\Program Files (x86)\Philips\SA33XX\Philips Device Manager\bin\SA33XXDevicemanager.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Neil Hodgson neilh@scintilla.org) C:\Program Files (x86)\AutoIt3\SciTE\SciTE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\altium\Altium Designer.exe
() D:\altium\Altium Designer 13.2.5\SKEL\5f05a2883248b8644bc60bdd36c80e333d9f7402\AltiumMS.exe
() D:\altium\Altium Designer 13.2.5\SKEL\5f05a2883248b8644bc60bdd36c80e333d9f7402\AltiumMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\tomy\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) E:\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [NVRaidService] - C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [291944 2010-04-09] (NVIDIA Corporation)
HKLM\...\Run: [ATIModeChange] - Ati2mdxx.exe
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [IFXSPMGT] - C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1107232 2009-08-04] (Infineon Technologies AG)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [606208 2009-12-09] ()
HKLM-x32\...\Run: [AsioThk32Reg] - REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-12-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [PhilipsSA33XXDM] - C:\Program Files (x86)\Philips\SA33XX\Philips Device Manager\Bin\SA33XXDeviceManager.exe [901120 2007-08-07] (Koninklijke Philips Electronics N.V.)
HKCU\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [802136 2013-06-08] (BitTorrent Inc.)
HKCU\...\Run: [IROElauncher] - C:\Program Files (x86)\IVONA\IVONA Reader2\integr\OutlookExpress\IROElauncher.exe [94720 2008-09-26] (Nektra S.A.)
HKCU\...\Run: [IVONA Reader] - "C:\Program Files (x86)\IVONA\IVONA Reader2\IVONA Reader.exe.exe" -t -nosplash
HKCU\...\Run: [aliim] - C:\Program Files (x86)\TradeManager\AliIM.exe [293272 2013-05-23] (Alibaba (China) Co., Ltd.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
MountPoints2: {329571c2-d82d-11e1-9e13-00e08170a331} - J:\AutoRun.exe
MountPoints2: {36c42b79-d837-11e1-b9e7-00e08170a330} - J:\AutoRun.exe
MountPoints2: {4ef8d93d-0451-11e3-a1ee-00e08170a330} - I:\KODAK_Software_Downloader.exe
MountPoints2: {f098b834-d3d6-11e1-b467-00e08170a331} - K:\iStudio.exe
MountPoints2: {fdc9a832-a8eb-11e2-b031-4e415255544f} - L:\iStudio.exe
HKU\mariusz2\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [802136 2013-06-08] (BitTorrent Inc.)
HKU\mariusz2\...\Run: [OscarEditor] - C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [3340288 2012-03-20] ()
HKU\mariusz2\...\Run: [aliim] - C:\Program Files (x86)\trademanager\aliim.exe [293272 2013-05-23] (Alibaba (China) Co., Ltd.)
HKU\mariusz2\...\Run: [ProxifyTrayApp] - C:\Program Files (x86)\Proxify Tray Application\Proxify Tray Application.exe [2689536 2013-02-27] (UpsideOut, Inc.)
HKU\mariusz2\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\mariusz2\...\Run: [CTSyncU.exe] - "C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe"
HKU\mariusz2\...\Run: [Creative MediaSource Go] - "C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe"
HKU\mariusz2\...\Run: [Creative Detector] - "C:\Program Files (x86)\Creative\MediaSource\Detector\CTDetect.exe" /R
HKU\mariusz2\...\Run: [RemoteCenter] - C:\Program Files (x86)\Creative\MediaSource\RemoteControl\RcMan.exe
HKU\mariusz2\...\Run: [RemoteControl] - [x]
HKU\mariusz2\...\RunOnce: [StartMSu] - "C:\Program Files (x86)\Creative\MediaSource5\Startmsu.exe" /s
HKU\mariusz2\...\RunOnce: [InetReg] - "C:\Program Files (x86)\Creative\Product Registration\English\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6
HKU\mariusz2\...\RunOnce: [StartMS] - C:\Program Files (x86)\Creative\Shared Files\Media Sniffer\Startms.exe /s
HKU\mariusz2\...\Policies\system: [LogonHoursAction] 2
HKU\mariusz2\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\mateusz1\...\Policies\system: [LogonHoursAction] 2
HKU\mateusz1\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\UpdatusUser\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [802136 2013-06-08] (BitTorrent Inc.)
HKU\UpdatusUser\...\Run: [OscarEditor] - C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [3340288 2012-03-20] ()
HKU\UpdatusUser\...\Run: [aliim] - C:\Program Files (x86)\trademanager\aliim.exe [293272 2013-05-23] (Alibaba (China) Co., Ltd.)
HKU\UpdatusUser\...\Run: [ProxifyTrayApp] - C:\Program Files (x86)\Proxify Tray Application\Proxify Tray Application.exe [2689536 2013-02-27] (UpsideOut, Inc.)
HKU\UpdatusUser\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\UpdatusUser\...\Run: [CTSyncU.exe] - "C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe"
HKU\UpdatusUser\...\Run: [Creative MediaSource Go] - "C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe"
HKU\UpdatusUser\...\Run: [Creative Detector] - "C:\Program Files (x86)\Creative\MediaSource\Detector\CTDetect.exe" /R
HKU\UpdatusUser\...\Run: [RemoteCenter] - C:\Program Files (x86)\Creative\MediaSource\RemoteControl\RcMan.exe
HKU\UpdatusUser\...\Run: [RemoteControl] - [x]
HKU\UpdatusUser\...\RunOnce: [StartMSu] - "C:\Program Files (x86)\Creative\MediaSource5\Startmsu.exe" /s
HKU\UpdatusUser\...\RunOnce: [InetReg] - "C:\Program Files (x86)\Creative\Product Registration\English\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6
HKU\UpdatusUser\...\RunOnce: [StartMS] - C:\Program Files (x86)\Creative\Shared Files\Media Sniffer\Startms.exe /s
HKU\UpdatusUser\...\Policies\system: [LogonHoursAction] 2
HKU\UpdatusUser\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.searchamong.com/searchview.php?source=64020400f00960c0ef04052547b134b3&query={searchTerms}&cat=webs&bar=true
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alibaba.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.searchamong.com/searchview.php?source=64020400f00960c0ef04052547b134b3&query={searchTerms}&cat=webs&bar=true
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=smk&from=smk&uid=395049983_266002_240091DD&ts=1351626370
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=smk&from=smk&uid=395049983_266002_240091DD&ts=1351626370
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchboxes.info/?pid=625&r=2013/07/19&hid=438356447&lg=EN&cc=PL&unqvl=28
URLSearchHook: HKLM-x32 - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {154d339e-ccaa-49a5-9b38-6878ad4220bc} URL = http://search.searchamong.com/searchview.php?source=64020400f00960c0ef04052547b134b3&query={searchTerms}&cat=webs&bar=true
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=07ed7eb3-afef-4933-96b0-59a834169d73&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKLM-x32 - {154d339e-ccaa-49a5-9b38-6878ad4220bc} URL = http://search.searchamong.com/searchview.php?source=64020400f00960c0ef04052547b134b3&query={searchTerms}&cat=webs&bar=true
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchboxes.info/?l=1&q={searchTerms}&pid=625&r=2013/07/19&hid=438356447&lg=EN&cc=PL&unqvl=28
SearchScopes: HKLM-x32 - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=07ed7eb3-afef-4933-96b0-59a834169d73&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=07ed7eb3-afef-4933-96b0-59a834169d73&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=24004E415255544F&affID=124001&tsp=4961
SearchScopes: HKCU - {154d339e-ccaa-49a5-9b38-6878ad4220bc} URL = http://search.searchamong.com/searchview.php?source=64020400f00960c0ef04052547b134b3&query={searchTerms}&cat=webs&bar=true
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchboxes.info/?l=1&q={searchTerms}&pid=625&r=2013/07/19&hid=438356447&lg=EN&cc=PL&unqvl=28
BHO: Linkury SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader2\integr\IR_iexplorer2_x64.dll (IVO Software Sp. z o.o.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Linkury SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: BuzzSearch - {5cf5a690-c8f4-488e-9d20-f21aef602d41} - C:\Program Files (x86)\BuzzSearch\BuzzSearchbho.dll (BuzzSearch)
BHO-x32: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader2\integr\IR_iexplorer2.dll (IVO Software Sp. z o.o.)
BHO-x32: MailRuBHO Class - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: WinToFlash Suggestor - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
Toolbar: HKLM - Linkury Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader2\integr\IR_iexplorer2_x64.dll (IVO Software Sp. z o.o.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Спутник@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll No File
Toolbar: HKLM-x32 - IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader2\integr\IR_iexplorer2.dll (IVO Software Sp. z o.o.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} -  No File
Toolbar: HKCU - No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} -  No File
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 07 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 08 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 19 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 20 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9-x64 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [304744] (NVIDIA)
Winsock: Catalog9-x64 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [304744] (NVIDIA)
Winsock: Catalog9-x64 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [304744] (NVIDIA)
Winsock: Catalog9-x64 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [304744] (NVIDIA)
Winsock: Catalog9-x64 07 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [304744] (NVIDIA)
Winsock: Catalog9-x64 08 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [304744] (NVIDIA)
Winsock: Catalog9-x64 19 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [304744] (NVIDIA)
Winsock: Catalog9-x64 20 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [304744] (NVIDIA)
Tcpip\..\Interfaces\{BAA951E6-3F87-451B-9CE7-3A57FB51FA6A}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{BE95E109-50B2-4D6E-89E4-74E2BF5AB51A}: [NameServer]8.8.8.8,8.8.4.4

Chrome: 
=======
CHR HomePage: hxxp://www.google.pl/
CHR RestoreOnStartup: "hxxp://www.google.pl/", "hxxp://www.google.com/"
CHR Extension: (WinToFlash Suggestor) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf [2013-11-18]
CHR Extension: (Dokumenty Google) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-24]
CHR Extension: (Dysk Google) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-24]
CHR Extension: (YouTube) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-24]
CHR Extension: (Szukaj w Google) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-24]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-03-24]
CHR Extension: (Pulpit zdalny Chrome) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2013-11-19]
CHR Extension: (Blokada zawarto\u015Bci) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-03-24]
CHR Extension: (AlexndraStan Theme VER 2) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\imieaomccggbcdpihppmpjkmmfkimjcc [2013-11-19]
CHR Extension: (Klawiatura wirtualna) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-03-24]
CHR Extension: (Need for Speed World) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [2013-11-19]
CHR Extension: (Google Wallet) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Gmail) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-24]
CHR Extension: (Cracking Sands Racing) - C:\Users\tomy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnafpgbiiobelphegdbieldnmojicndb [2013-11-19]
CHR HKCU\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\tomy\AppData\Local\Smartbar/Application\1Extension.crx [2013-11-19]
CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\tomy\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2013-11-19]
CHR HKLM-x32\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx [2012-05-25]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\urladvisor.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\virtkbd.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [jhjjdgbhohaallcimgcmakfiobacimkm] - C:\Program Files (x86)\BuzzSearch\jhjjdgbhohaallcimgcmakfiobacimkm.crx [2013-11-08]
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\tomy\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2013-11-08]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-16] (ArcSoft Inc.)
S4 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
S4 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-19] (BonanzaDeals)
S4 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-19] (BonanzaDeals)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\30.0.1599.56\remoting_host.exe [50128 2013-09-23] (Google Inc.)
S4 Creative Dolby Digital Live Pack Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\DDLLicensing.exe [79360 2013-03-26] (Creative Labs)
S4 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
S4 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet Inc.)
S4 IFXSpMgtSrv; C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1107232 2009-08-04] (Infineon Technologies AG)
S4 IFXTCS; C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe [984352 2009-07-19] (Infineon Technologies AG)
S4 Intelliservice; C:\Program Files (x86)\Melloware\Intelliremote\Intelliservice.exe [118784 2011-02-19] (Melloware Inc)
S4 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
S4 PersonalSecureDriveService; C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe [214304 2009-07-19] (Infineon Technologies AG)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S4 ABBYY.Licensing.PDFTransformer.Classic.3.0; "D:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe" -service [x]
S4 Guard.Mail.ru; "C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe" [x]

==================== Drivers (Whitelisted) ====================

R1 ArcSec; C:\Windows\System32\drivers\ArcSec.sys [311872 2011-11-10] ()
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com)
R3 ctgame; C:\Windows\System32\DRIVERS\ctgame.sys [28128 2012-10-12] (Creative Technology Ltd.)
S3 dfu; C:\Windows\System32\drivers\MassDfu64.sys [15360 2012-08-29] (Philips PTCL)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-26] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] ()
S3 flashusb; C:\Windows\System32\DRIVERS\flashusb.sys [19968 2011-12-08] (Danish Wireless Design A/S)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-10-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-17] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-22] (Kaspersky Lab ZAO)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2009-07-19] (Infineon Technologies AG)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] ()
S3 smsbda; C:\Windows\System32\drivers\smsbda.sys [63520 2009-09-18] (Siano)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [17280 2013-07-10] (Scott)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [105816 2012-09-13] (Oracle Corporation)
S3 vtcdrv; C:\Windows\System32\DRIVERS\vtcdrv.sys [25088 2010-05-07] (Windows (R) Win 7 DDK provider)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [666624 2012-04-27] ( )
S3 XPADFL02; C:\Windows\SysWOW64\DRIVERS\xpadfl02.sys [27904 2006-12-24] (Compuware Corporation)
S3 AIDA64Driver; \??\M:\aida\kerneld.x64 [x]
S3 COMMONFX.DLL; \SystemRoot\System32\COMMONFX.DLL [x]
S3 CT20XUT.DLL; \SystemRoot\System32\CT20XUT.DLL [x]
S3 CTAUDFX.DLL; \SystemRoot\System32\CTAUDFX.DLL [x]
S3 CTEAPSFX.DLL; \SystemRoot\System32\CTEAPSFX.DLL [x]
S3 CTEDSPFX.DLL; \SystemRoot\System32\CTEDSPFX.DLL [x]
S3 CTEDSPIO.DLL; \SystemRoot\System32\CTEDSPIO.DLL [x]
S3 CTEDSPSY.DLL; \SystemRoot\System32\CTEDSPSY.DLL [x]
S3 CTERFXFX.DLL; system32\CTERFXFX.DLL [x]
S3 CTEXFIFX.DLL; \SystemRoot\System32\CTEXFIFX.DLL [x]
S3 CTHWIUT.DLL; \SystemRoot\System32\CTHWIUT.DLL [x]
S3 CTSBLFX.DLL; \SystemRoot\System32\CTSBLFX.DLL [x]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-22] (Kaspersky Lab ZAO)
S3 kxwdmdrv; system32\drivers\kx.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-18 21:28 - 2014-01-18 21:28 - 00000000 ____D C:\FRST
2014-01-17 02:30 - 2014-01-17 14:54 - 00319425 _____ C:\Users\tomy\Documents\notepad2xx.exe
2014-01-17 01:40 - 2014-01-17 01:40 - 00100248 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-17 01:40 - 2014-01-17 01:40 - 00002261 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2014-01-17 01:40 - 2014-01-17 01:40 - 00001451 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-17 01:40 - 2014-01-17 01:40 - 00001417 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-17 01:40 - 2014-01-17 01:40 - 00000640 __RSH C:\Users\Administrator\ntuser.pol
2014-01-17 01:40 - 2014-01-17 01:40 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Ustawienia lokalne
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Szablony
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Moje dokumenty
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Menu Start
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje wideo
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje obrazy
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Documents\Moja muzyka
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Dane aplikacji
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Historia
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Dane aplikacji
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\WinRAR
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Infineon
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ATI
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\ATI
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ____D C:\Users\Administrator
2014-01-17 01:40 - 2013-10-11 23:57 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2014-01-17 01:40 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-17 01:40 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-16 23:36 - 2014-01-16 23:37 - 00000000 ____D C:\Users\tomy\Desktop\Licenses
2014-01-16 23:35 - 2014-01-16 23:35 - 00000000 ____D C:\Users\tomy\AppData\Roaming\Subversion
2014-01-16 23:34 - 2014-01-16 23:34 - 00000000 ____D C:\Users\Public\Documents\Altium
2014-01-16 23:24 - 2014-01-16 23:24 - 00000000 ____D C:\ProgramData\Altium2004
2014-01-16 11:15 - 2014-01-16 23:35 - 00000000 ____D C:\Users\tomy\AppData\Roaming\Altium
2014-01-16 11:15 - 2014-01-16 23:35 - 00000000 ____D C:\Users\tomy\AppData\Local\Altium
2014-01-16 11:15 - 2014-01-16 23:34 - 00000000 ____D C:\ProgramData\Altium
2014-01-16 09:00 - 2014-01-16 09:00 - 00000000 ____D C:\Users\tomy\AppData\Local\VirtualStore
2014-01-16 00:38 - 2014-01-17 03:25 - 00000302 _____ C:\Users\tomy\Documents\notepad2xx.au3
2014-01-15 22:08 - 2014-01-15 22:08 - 00000000 ____D C:\Users\tomy\AppData\Local\Microsoft Help
2014-01-11 20:09 - 2014-01-11 20:09 - 00001016 _____ C:\Users\UpdatusUser\Desktop\HyperTerminal.lnk
2014-01-11 20:09 - 2014-01-11 20:09 - 00001016 _____ C:\Users\mateusz1\Desktop\HyperTerminal.lnk
2014-01-11 20:09 - 2014-01-11 20:09 - 00001016 _____ C:\Users\mariusz2\Desktop\HyperTerminal.lnk
2014-01-11 20:09 - 2014-01-11 20:09 - 00000000 ____D C:\Users\tomy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperTerminal Private Edition
2014-01-11 20:09 - 2014-01-11 20:09 - 00000000 ____D C:\ProgramData\HyperTerminal
2014-01-11 20:09 - 2014-01-11 20:09 - 00000000 ____D C:\Program Files (x86)\HyperTerminal
2014-01-11 20:09 - 2008-09-30 13:22 - 00164864 _____ C:\Windows\SysWOW64\UNWISE32.EXE
2014-01-11 20:01 - 2014-01-11 20:01 - 00000000 ____D C:\Windows\LastGood
2014-01-11 18:16 - 2014-01-11 18:16 - 00000000 ____D C:\Users\tomy\AppData\Local\ATI
2014-01-11 17:27 - 2014-01-11 17:27 - 00020678 _____ C:\Users\tomy\AppData\Local\recently-used.xbel
2014-01-10 22:13 - 2014-01-10 22:13 - 00000000 ____D C:\Program Files (x86)\Eagle
2014-01-10 11:59 - 2014-01-10 11:59 - 00000000 ____D C:\Users\tomy\AppData\Local\Adobe
2014-01-09 15:39 - 2014-01-11 19:45 - 00100248 _____ C:\Users\tomy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-09 15:35 - 2014-01-09 15:35 - 00000000 ____D C:\Users\tomy\AppData\Local\Apps\2.0
2014-01-08 23:14 - 2014-01-08 23:14 - 00000000 ____D C:\Users\tomy\AppData\Roaming\Mael
2014-01-08 23:05 - 2014-01-08 23:05 - 00000000 ____D C:\Program Files (x86)\HxD
2013-12-26 13:41 - 2013-12-26 13:41 - 00000000 ____D C:\Windows\SysWOW64\Silabs
2013-12-26 13:41 - 2013-12-26 13:41 - 00000000 ____D C:\Program Files\Silabs
2013-12-26 13:41 - 2013-12-26 13:41 - 00000000 ____D C:\Program Files (x86)\Silabs
2013-12-26 13:40 - 2013-12-27 17:00 - 00000000 ____D C:\Program Files (x86)\Voltsoft

==================== One Month Modified Files and Folders =======

2014-01-18 21:29 - 2012-08-30 01:21 - 00000808 _____ C:\Users\tomy\SciTE.session
2014-01-18 21:28 - 2014-01-18 21:28 - 00000000 ____D C:\FRST
2014-01-18 21:28 - 2012-08-12 16:44 - 00000000 ____D C:\Users\tomy\AppData\Roaming\uTorrent
2014-01-18 20:23 - 2013-06-02 00:00 - 00044025 _____ C:\Windows\setupact.log
2014-01-17 14:54 - 2014-01-17 02:30 - 00319425 _____ C:\Users\tomy\Documents\notepad2xx.exe
2014-01-17 03:25 - 2014-01-16 00:38 - 00000302 _____ C:\Users\tomy\Documents\notepad2xx.au3
2014-01-17 01:47 - 2012-01-01 20:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-17 01:40 - 2014-01-17 01:40 - 00100248 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-17 01:40 - 2014-01-17 01:40 - 00002261 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2014-01-17 01:40 - 2014-01-17 01:40 - 00001451 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-17 01:40 - 2014-01-17 01:40 - 00001417 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-17 01:40 - 2014-01-17 01:40 - 00000640 __RSH C:\Users\Administrator\ntuser.pol
2014-01-17 01:40 - 2014-01-17 01:40 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Ustawienia lokalne
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Szablony
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Moje dokumenty
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Menu Start
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje wideo
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje obrazy
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Documents\Moja muzyka
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\Dane aplikacji
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Historia
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Dane aplikacji
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\WinRAR
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Infineon
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ATI
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\ATI
2014-01-17 01:40 - 2014-01-17 01:40 - 00000000 ____D C:\Users\Administrator
2014-01-17 01:20 - 2009-07-14 05:45 - 00014976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-17 01:20 - 2009-07-14 05:45 - 00014976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-16 23:37 - 2014-01-16 23:36 - 00000000 ____D C:\Users\tomy\Desktop\Licenses
2014-01-16 23:35 - 2014-01-16 23:35 - 00000000 ____D C:\Users\tomy\AppData\Roaming\Subversion
2014-01-16 23:35 - 2014-01-16 11:15 - 00000000 ____D C:\Users\tomy\AppData\Roaming\Altium
2014-01-16 23:35 - 2014-01-16 11:15 - 00000000 ____D C:\Users\tomy\AppData\Local\Altium
2014-01-16 23:34 - 2014-01-16 23:34 - 00000000 ____D C:\Users\Public\Documents\Altium
2014-01-16 23:34 - 2014-01-16 11:15 - 00000000 ____D C:\ProgramData\Altium
2014-01-16 23:24 - 2014-01-16 23:24 - 00000000 ____D C:\ProgramData\Altium2004
2014-01-16 11:19 - 2012-08-22 10:13 - 00000000 ____D C:\Users\tomy\AppData\Roaming\vlc
2014-01-16 09:00 - 2014-01-16 09:00 - 00000000 ____D C:\Users\tomy\AppData\Local\VirtualStore
2014-01-15 22:08 - 2014-01-15 22:08 - 00000000 ____D C:\Users\tomy\AppData\Local\Microsoft Help
2014-01-15 14:09 - 2009-07-14 18:55 - 00700358 _____ C:\Windows\system32\perfh015.dat
2014-01-15 14:09 - 2009-07-14 18:55 - 00135994 _____ C:\Windows\system32\perfc015.dat
2014-01-15 14:09 - 2009-07-14 06:13 - 01557814 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-13 15:07 - 2012-11-11 14:25 - 00002034 ____H C:\Users\tomy\Documents\Default.rdp
2014-01-11 20:12 - 2012-08-24 12:05 - 00000000 ____D C:\Users\tomy\.gimp-2.8
2014-01-11 20:09 - 2014-01-11 20:09 - 00001016 _____ C:\Users\UpdatusUser\Desktop\HyperTerminal.lnk
2014-01-11 20:09 - 2014-01-11 20:09 - 00001016 _____ C:\Users\mateusz1\Desktop\HyperTerminal.lnk
2014-01-11 20:09 - 2014-01-11 20:09 - 00001016 _____ C:\Users\mariusz2\Desktop\HyperTerminal.lnk
2014-01-11 20:09 - 2014-01-11 20:09 - 00000000 ____D C:\Users\tomy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperTerminal Private Edition
2014-01-11 20:09 - 2014-01-11 20:09 - 00000000 ____D C:\ProgramData\HyperTerminal
2014-01-11 20:09 - 2014-01-11 20:09 - 00000000 ____D C:\Program Files (x86)\HyperTerminal
2014-01-11 20:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2014-01-11 20:01 - 2014-01-11 20:01 - 00000000 ____D C:\Windows\LastGood
2014-01-11 19:45 - 2014-01-09 15:39 - 00100248 _____ C:\Users\tomy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-11 18:16 - 2014-01-11 18:16 - 00000000 ____D C:\Users\tomy\AppData\Local\ATI
2014-01-11 17:27 - 2014-01-11 17:27 - 00020678 _____ C:\Users\tomy\AppData\Local\recently-used.xbel
2014-01-10 22:30 - 2013-03-24 17:08 - 00000000 ____D C:\eagle3d
2014-01-10 22:13 - 2014-01-10 22:13 - 00000000 ____D C:\Program Files (x86)\Eagle
2014-01-10 12:01 - 2013-12-02 05:46 - 03183019 _____ C:\Users\tomy\Documents\Sterowanie temperaturą w piecu do lutowania rozpływowego.pptx
2014-01-10 11:59 - 2014-01-10 11:59 - 00000000 ____D C:\Users\tomy\AppData\Local\Adobe
2014-01-09 15:50 - 2013-11-19 20:29 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2014-01-09 15:35 - 2014-01-09 15:35 - 00000000 ____D C:\Users\tomy\AppData\Local\Apps\2.0
2014-01-08 23:14 - 2014-01-08 23:14 - 00000000 ____D C:\Users\tomy\AppData\Roaming\Mael
2014-01-08 23:05 - 2014-01-08 23:05 - 00000000 ____D C:\Program Files (x86)\HxD
2014-01-01 21:24 - 2013-05-16 23:48 - 00000000 ___RD C:\Users\tomy\bor
2013-12-29 00:12 - 2013-03-08 23:36 - 00000000 ____D C:\Users\tomy\Documents\eagle
2013-12-28 23:16 - 2012-10-18 20:29 - 00000000 ____D C:\Users\tomy\AppData\Roaming\VMware
2013-12-27 17:00 - 2013-12-26 13:40 - 00000000 ____D C:\Program Files (x86)\Voltsoft
2013-12-26 13:41 - 2013-12-26 13:41 - 00000000 ____D C:\Windows\SysWOW64\Silabs
2013-12-26 13:41 - 2013-12-26 13:41 - 00000000 ____D C:\Program Files\Silabs
2013-12-26 13:41 - 2013-12-26 13:41 - 00000000 ____D C:\Program Files (x86)\Silabs
2013-12-20 10:08 - 2013-04-19 12:19 - 00000000 ____D C:\Users\tomy\Documents\polibuda
2013-12-19 16:51 - 2013-08-07 14:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-12-19 16:40 - 2012-10-18 23:16 - 00000408 __RSH C:\ProgramData\ntuser.pol
2013-12-19 16:40 - 2012-10-18 20:21 - 00000000 ____D C:\ProgramData\VMware
2013-12-19 16:40 - 2012-07-26 20:58 - 00411320 _____ C:\Windows\PFRO.log

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 16:40

==================== End Of Log ============================