Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by czekierap (administrator) on CZEKIERAPYO on 01-04-2014 12:26:26
Running from C:\Users\czekierap\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Users\czekierap\AppData\Local\GCC\Controller.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Intel Corporation) C:\Windows\system32\hkcmd.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Users\czekierap\AppData\Local\GCC\Controller.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Tray.exe
() C:\Users\czekierap\AppData\Local\Viber\Viber.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
(Google Inc.) C:\Users\czekierap\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\czekierap\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\czekierap\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\czekierap\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\czekierap\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\czekierap\AppData\Local\GCC\Chrome-bin\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-16] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [410896 2011-12-16] (Synaptics)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789856 2012-05-20] (Lenovo)
HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-05-20] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2012-05-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-05-20] (Lenovo)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Cm106Sound] - C:\Windows\Syswow64\cm106.dll [8757248 2010-10-13] (C-Media Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2327952 2010-07-06] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-12] (Intel Corporation)
HKLM-x32\...\Run: [LockKey] - C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( )
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Intelligent Touchpad] - C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [291272 2011-12-08] ()
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-05-20] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VC10Player] - C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe [411464 2010-04-14] (H+H Software GmbH)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2610805142-2915838027-2830732470-1002\...\Run: [Viber] - C:\Users\czekierap\AppData\Local\Viber\Viber.exe [936456 2014-03-05] ()
HKU\S-1-5-21-2610805142-2915838027-2830732470-1002\...\MountPoints2: {c2e7de4d-e8ac-11e1-97a8-08edb9d716df} - H:\AutoRun.exe
HKU\S-1-5-21-2610805142-2915838027-2830732470-1002\...\MountPoints2: {c2e7de4f-e8ac-11e1-97a8-08edb9d716df} - H:\AutoRun.exe
HKU\S-1-5-21-2610805142-2915838027-2830732470-1002\...\MountPoints2: {cff4a57f-dc01-11e1-a506-08edb9d716df} - H:\Startme.exe
HKU\S-1-5-21-2610805142-2915838027-2830732470-1002\...\MountPoints2: {e664f1ab-d23b-11e1-8836-08edb9d716df} - J:\setup.exe
HKU\S-1-5-21-2610805142-2915838027-2830732470-1002\...\MountPoints2: {fc0ebd52-dcc2-11e1-b82f-08edb9d716df} - H:\AutoRun.exe
HKU\S-1-5-21-2610805142-2915838027-2830732470-1002\...\MountPoints2: {fc0ebd5f-dcc2-11e1-b82f-08edb9d716df} - H:\AutoRun.exe
HKU\S-1-5-21-2610805142-2915838027-2830732470-1002\...\MountPoints2: {fc0ebf5b-dcc2-11e1-b82f-08edb9d716df} - H:\AutoRun.exe
HKU\S-1-5-21-2610805142-2915838027-2830732470-1002\...\MountPoints2: {fc0ebf5d-dcc2-11e1-b82f-08edb9d716df} - H:\AutoRun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-08-30] (NVIDIA Corporation)
AppInit_DLLs:  C:\PROGRA~2\SUPPOR~1\SUPPOR~2.DLL => C:\Program Files (x86)\Supporter\Supporter_x64.dll [4235776 2014-03-22] ()
AppInit_DLLs-x32: c:\progra~2\suppor~1\suppor~1.dll => C:\Program Files (x86)\Supporter\Supporter.dll [4367872 2014-03-22] ()
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: EnnjoyCouppona - {61303313-4F3A-D760-383F-762C29C220DB} - C:\ProgramData\EnnjoyCouppona\D5xqgyl.x64.dll ()
BHO: SaveClicker - {6CFBBC3A-8974-8A5E-DE90-8776F5A30CEF} - C:\Program Files (x86)\SaveClicker\Y5CBecC.x64.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: EnnjoyCouppona - {61303313-4F3A-D760-383F-762C29C220DB} - C:\ProgramData\EnnjoyCouppona\D5xqgyl.dll ()
BHO-x32: SaveClicker - {6CFBBC3A-8974-8A5E-DE90-8776F5A30CEF} - C:\Program Files (x86)\SaveClicker\Y5CBecC.dll ()
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Surftastic - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - C:\Program Files (x86)\Surftastic\Surftasticbho.dll No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
DPF: HKLM-x32 {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\czekierap\AppData\Roaming\Mozilla\Firefox\Profiles\g46b25l2.default-1378892238054
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2571 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1739 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\czekierap\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Extension: AlllSaver - C:\Users\czekierap\AppData\Roaming\Mozilla\Firefox\Profiles\g46b25l2.default-1378892238054\Extensions\brp680@vxa-oayi.co.uk [2014-03-30]
FF Extension: DownloadHelper - C:\Users\czekierap\AppData\Roaming\Mozilla\Firefox\Profiles\g46b25l2.default-1378892238054\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Adblock Plus - C:\Users\czekierap\AppData\Roaming\Mozilla\Firefox\Profiles\g46b25l2.default-1378892238054\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-11]

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\czekierap\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (SaveClicker) - C:\Users\czekierap\AppData\Local\Google\Chrome\User Data\Default\Extensions\bleecjglelecfcbobdekilimnhmdncpj [2014-03-22]
CHR Extension: (Google Wallet) - C:\Users\czekierap\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR Extension: (AlllSaver) - C:\Users\czekierap\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmhknjocbgijpbbcajplbapdfcldnnk [2014-03-30]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 be0fb33b; C:\Program Files (x86)\Supporter\SupporterSvc.dll [179536 2014-03-22] ()
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-23] (Lenovo)
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [144712 2010-04-14] (H+H Software GmbH)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S2 Update Surftastic; "C:\Program Files (x86)\Surftastic\updateSurftastic.exe" [X]
S2 Util Surftastic; "C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
R3 hswpan; C:\Windows\System32\DRIVERS\hswpan.sys [109056 2012-01-27] (Ozmo Inc)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2012-07-20] (ITE                      )
S3 L6UX2; C:\Windows\System32\Drivers\L6UX264.sys [772224 2012-08-21] (Line 6)
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-23] (Lenovo Corporation")
R1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-21] (Lenovo Corporation)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8208488 2011-09-06] (Realtek Semiconductor Corp.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1310720 2010-08-12] (C-Media Electronics Inc)
R1 vdrv1000; C:\Windows\System32\DRIVERS\vdrv1000.sys [223256 2010-03-25] (H+H Software GmbH)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-03-25] (StdLib)
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-01 12:26 - 2014-04-01 12:26 - 00025928 _____ () C:\Users\czekierap\Desktop\FRST.txt
2014-04-01 12:24 - 2014-04-01 12:24 - 00271552 _____ () C:\Users\czekierap\Desktop\OTL.Txt
2014-04-01 12:16 - 2014-04-01 12:16 - 00000250 _____ () C:\Users\czekierap\Desktop\fixitforum.txt
2014-04-01 12:15 - 2014-04-01 12:15 - 02157056 _____ (Farbar) C:\Users\czekierap\Desktop\FRST64.exe
2014-04-01 12:15 - 2014-04-01 12:15 - 00380416 _____ () C:\Users\czekierap\Desktop\vsqr545t.exe
2014-04-01 12:14 - 2014-04-01 12:14 - 00602112 _____ (OldTimer Tools) C:\Users\czekierap\Desktop\OTL.scr
2014-04-01 11:09 - 2014-04-01 11:09 - 07534736 _____ (ParetoLogic, Inc.) C:\Users\czekierap\Downloads\RegCureProSetup (2).exe
2014-04-01 11:07 - 2014-04-01 11:08 - 07534736 _____ (ParetoLogic, Inc.) C:\Users\czekierap\Downloads\RegCureProSetup (1).exe
2014-04-01 11:05 - 2014-04-01 11:05 - 07534736 _____ (ParetoLogic, Inc.) C:\Users\czekierap\Downloads\RegCureProSetup.exe
2014-04-01 10:24 - 2014-04-01 10:24 - 00000366 _____ () C:\Users\czekierap\Desktop\Brothers - A Tale of Two Sons (J) 0 bajtów.lnk
2014-03-30 22:58 - 2014-03-30 22:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-30 10:43 - 2014-03-30 10:43 - 00000000 ____D () C:\ProgramData\EnnjoyCouppona
2014-03-30 10:17 - 2014-03-30 10:17 - 00000000 ____D () C:\Users\czekierap\AppData\Local\${APPDIR}
2014-03-29 18:16 - 2014-04-01 10:22 - 00000504 _____ () C:\Windows\setupact.log
2014-03-29 18:16 - 2014-03-29 18:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-28 01:29 - 2014-03-28 01:29 - 00236968 _____ () C:\Users\czekierap\Downloads\ClickHeretoDownloadSetup-bLXPgMEY (2).exe
2014-03-28 01:28 - 2014-03-28 01:29 - 00236968 _____ () C:\Users\czekierap\Downloads\ClickHeretoDownloadSetup-bLXPgMEY (1).exe
2014-03-27 02:42 - 2014-03-27 02:42 - 00376288 _____ () C:\Users\czekierap\Downloads\MediaPlayerClassic.exe
2014-03-27 02:29 - 2014-04-01 10:25 - 00000000 ____D () C:\Users\czekierap\AppData\Roaming\ViberPC
2014-03-27 02:29 - 2014-04-01 10:24 - 00000000 ____D () C:\Users\czekierap\AppData\Local\Viber
2014-03-27 02:29 - 2014-03-27 02:29 - 00001093 _____ () C:\Users\czekierap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
2014-03-26 11:44 - 2014-03-26 11:45 - 00000000 ____D () C:\Users\czekierap\Desktop\na biezaco teksty rapy zwortyu
2014-03-25 04:31 - 2014-03-25 04:32 - 00236944 _____ () C:\Users\czekierap\Downloads\ClickHeretoDownloadSetup-bLXPgMEY.exe
2014-03-25 02:07 - 2014-03-25 02:07 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-24 19:17 - 2014-03-24 19:17 - 00032768 _____ () C:\Users\czekierap\Desktop\Heathrow RotaV12(24.3.14).xls
2014-03-24 03:16 - 2014-03-24 03:16 - 00165576 _____ () C:\Users\czekierap\Downloads\ClickHeretoDownload-1JHqcuO.exe
2014-03-23 10:22 - 2014-03-23 10:24 - 00000895 _____ () C:\Users\czekierap\Desktop\Oferty tyra.txt
2014-03-22 06:17 - 2014-03-22 06:17 - 00165576 _____ () C:\Users\czekierap\Downloads\ClickHeretoDownload-bqU22uB.exe
2014-03-22 06:08 - 2014-03-22 06:08 - 00165576 _____ () C:\Users\czekierap\Downloads\ClickHeretoDownload-85LkSLD.exe
2014-03-22 05:53 - 2014-03-30 10:43 - 00000000 ____D () C:\ProgramData\a87b4a3773dd5e69
2014-03-22 05:53 - 2014-03-30 10:17 - 00004586 _____ () C:\Windows\System32\Tasks\GC_Informer
2014-03-22 05:53 - 2014-03-22 05:54 - 00000000 ____D () C:\Users\czekierap\AppData\Local\GCC
2014-03-22 05:53 - 2014-03-22 05:53 - 00004568 _____ () C:\Windows\System32\Tasks\GC_Scheduler
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Torch
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Comodo
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Gość
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\czekierap\AppData\Local\Packages
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\czekierap\AppData\Local\Hyper Browser
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\czekierap\AppData\Local\Comodo
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\czekierap\AppData\Local\cache
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Administrator
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\ProgramData\SaveClicker
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Program Files (x86)\Supporter
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Program Files (x86)\SaveClicker
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 _____ () C:\Users\czekierap\daemonprocess.txt
2014-03-22 05:52 - 2014-03-22 05:52 - 00000000 ____D () C:\Users\czekierap\AppData\Local\2bfb0c6b-fdbe-4cc3-062a-3cd60fa7a04b
2014-03-22 05:51 - 2014-03-22 05:51 - 00000000 ____D () C:\Program Files\SkanerOnline
2014-03-22 05:46 - 2014-03-22 05:46 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-22 05:31 - 2014-04-01 01:22 - 00000990 _____ () C:\Users\czekierap\Desktop\letter.txt
2014-03-22 05:03 - 2014-03-22 05:09 - 00000162 _____ () C:\Users\czekierap\Desktop\Szkoly HGV London.txt
2014-03-08 13:06 - 2014-03-08 13:06 - 00000000 ____D () C:\Users\czekierap\AppData\Local\Microsoft Games
2014-03-07 00:13 - 2014-03-07 00:24 - 00000000 ____D () C:\Users\czekierap\Desktop\WSZYTSKO Z SERWERA

==================== One Month Modified Files and Folders =======

2014-04-01 12:26 - 2014-04-01 12:26 - 00025928 _____ () C:\Users\czekierap\Desktop\FRST.txt
2014-04-01 12:26 - 2013-09-11 08:54 - 00000000 ____D () C:\FRST
2014-04-01 12:24 - 2014-04-01 12:24 - 00271552 _____ () C:\Users\czekierap\Desktop\OTL.Txt
2014-04-01 12:21 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-01 12:21 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-01 12:16 - 2014-04-01 12:16 - 00000250 _____ () C:\Users\czekierap\Desktop\fixitforum.txt
2014-04-01 12:16 - 2012-07-18 09:40 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-01 12:15 - 2014-04-01 12:15 - 02157056 _____ (Farbar) C:\Users\czekierap\Desktop\FRST64.exe
2014-04-01 12:15 - 2014-04-01 12:15 - 00380416 _____ () C:\Users\czekierap\Desktop\vsqr545t.exe
2014-04-01 12:14 - 2014-04-01 12:14 - 00602112 _____ (OldTimer Tools) C:\Users\czekierap\Desktop\OTL.scr
2014-04-01 12:12 - 2012-07-18 09:57 - 00000000 ____D () C:\Users\czekierap\AppData\Roaming\Skype
2014-04-01 11:48 - 2012-05-20 21:10 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-01 11:16 - 2012-07-21 19:11 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2610805142-2915838027-2830732470-1002UA.job
2014-04-01 11:09 - 2014-04-01 11:09 - 07534736 _____ (ParetoLogic, Inc.) C:\Users\czekierap\Downloads\RegCureProSetup (2).exe
2014-04-01 11:09 - 2012-07-18 09:46 - 00000000 ____D () C:\Users\czekierap\AppData\Roaming\AIMP3
2014-04-01 11:08 - 2014-04-01 11:07 - 07534736 _____ (ParetoLogic, Inc.) C:\Users\czekierap\Downloads\RegCureProSetup (1).exe
2014-04-01 11:05 - 2014-04-01 11:05 - 07534736 _____ (ParetoLogic, Inc.) C:\Users\czekierap\Downloads\RegCureProSetup.exe
2014-04-01 11:01 - 2009-07-14 03:34 - 00000661 _____ () C:\Windows\win.ini
2014-04-01 11:01 - 2009-07-14 03:34 - 00000245 _____ () C:\Windows\system.ini
2014-04-01 10:59 - 2012-07-18 09:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-01 10:33 - 2012-05-21 06:09 - 00742606 _____ () C:\Windows\system32\perfh015.dat
2014-04-01 10:33 - 2012-05-21 06:09 - 00156592 _____ () C:\Windows\system32\perfc015.dat
2014-04-01 10:33 - 2009-07-14 06:13 - 01674996 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-01 10:26 - 2012-05-20 20:21 - 00016940 _____ () C:\Windows\WindowsUpdate.log
2014-04-01 10:25 - 2014-03-27 02:29 - 00000000 ____D () C:\Users\czekierap\AppData\Roaming\ViberPC
2014-04-01 10:24 - 2014-04-01 10:24 - 00000366 _____ () C:\Users\czekierap\Desktop\Brothers - A Tale of Two Sons (J) 0 bajtów.lnk
2014-04-01 10:24 - 2014-03-27 02:29 - 00000000 ____D () C:\Users\czekierap\AppData\Local\Viber
2014-04-01 10:24 - 2012-05-20 21:11 - 00285051 _____ () C:\Windows\system32\fastboot.set
2014-04-01 10:24 - 2012-05-20 21:10 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-01 10:24 - 2012-05-20 21:09 - 00000000 ____D () C:\ProgramData\VeriFace
2014-04-01 10:23 - 2013-06-22 22:38 - 01236095 _____ () C:\FaceProv.log
2014-04-01 10:23 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-01 10:22 - 2014-03-29 18:16 - 00000504 _____ () C:\Windows\setupact.log
2014-04-01 02:00 - 2012-07-18 13:27 - 00000000 ____D () C:\Users\czekierap\AppData\Local\Adobe
2014-04-01 01:22 - 2014-03-22 05:31 - 00000990 _____ () C:\Users\czekierap\Desktop\letter.txt
2014-03-31 22:57 - 2012-07-21 19:11 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2610805142-2915838027-2830732470-1002Core.job
2014-03-31 11:54 - 2014-01-30 21:38 - 00000000 ____D () C:\Users\czekierap\Desktop\BEATAMINY 2014 Nie polecam
2014-03-31 11:52 - 2014-02-04 13:52 - 00000000 ____D () C:\Users\czekierap\Desktop\rapsy tracki next
2014-03-30 22:58 - 2014-03-30 22:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-30 10:43 - 2014-03-30 10:43 - 00000000 ____D () C:\ProgramData\EnnjoyCouppona
2014-03-30 10:43 - 2014-03-22 05:53 - 00000000 ____D () C:\ProgramData\a87b4a3773dd5e69
2014-03-30 10:17 - 2014-03-30 10:17 - 00000000 ____D () C:\Users\czekierap\AppData\Local\${APPDIR}
2014-03-30 10:17 - 2014-03-22 05:53 - 00004586 _____ () C:\Windows\System32\Tasks\GC_Informer
2014-03-29 18:16 - 2014-03-29 18:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-29 18:14 - 2013-09-11 10:44 - 00000000 ____D () C:\AdwCleaner
2014-03-29 18:09 - 2012-07-22 10:47 - 00000000 ____D () C:\Users\czekierap\AppData\Roaming\Winamp
2014-03-28 01:29 - 2014-03-28 01:29 - 00236968 _____ () C:\Users\czekierap\Downloads\ClickHeretoDownloadSetup-bLXPgMEY (2).exe
2014-03-28 01:29 - 2014-03-28 01:28 - 00236968 _____ () C:\Users\czekierap\Downloads\ClickHeretoDownloadSetup-bLXPgMEY (1).exe
2014-03-27 02:42 - 2014-03-27 02:42 - 00376288 _____ () C:\Users\czekierap\Downloads\MediaPlayerClassic.exe
2014-03-27 02:29 - 2014-03-27 02:29 - 00001093 _____ () C:\Users\czekierap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
2014-03-27 01:30 - 2013-06-23 20:12 - 00000283 _____ () C:\m.txt
2014-03-26 11:45 - 2014-03-26 11:44 - 00000000 ____D () C:\Users\czekierap\Desktop\na biezaco teksty rapy zwortyu
2014-03-26 11:44 - 2013-08-08 11:48 - 00000000 ____D () C:\Users\czekierap\Desktop\Photo Samsung S4
2014-03-25 13:48 - 2014-01-28 23:43 - 00000388 _____ () C:\Users\czekierap\Desktop\Mieszkanie oplaty londyn.txt
2014-03-25 04:32 - 2014-03-25 04:31 - 00236944 _____ () C:\Users\czekierap\Downloads\ClickHeretoDownloadSetup-bLXPgMEY.exe
2014-03-25 02:07 - 2014-03-25 02:07 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-24 19:26 - 2013-11-18 23:25 - 00000000 ____D () C:\Users\czekierap\Desktop\Filmy Nowiukie
2014-03-24 19:17 - 2014-03-24 19:17 - 00032768 _____ () C:\Users\czekierap\Desktop\Heathrow RotaV12(24.3.14).xls
2014-03-24 13:41 - 2013-04-18 12:15 - 00000000 ____D () C:\Program Files (x86)\EPSON Software
2014-03-24 03:16 - 2014-03-24 03:16 - 00165576 _____ () C:\Users\czekierap\Downloads\ClickHeretoDownload-1JHqcuO.exe
2014-03-23 10:24 - 2014-03-23 10:22 - 00000895 _____ () C:\Users\czekierap\Desktop\Oferty tyra.txt
2014-03-23 03:19 - 2012-07-18 09:27 - 00000000 ____D () C:\Users\czekierap\AppData\Local\Google
2014-03-22 06:17 - 2014-03-22 06:17 - 00165576 _____ () C:\Users\czekierap\Downloads\ClickHeretoDownload-bqU22uB.exe
2014-03-22 06:08 - 2014-03-22 06:08 - 00165576 _____ () C:\Users\czekierap\Downloads\ClickHeretoDownload-85LkSLD.exe
2014-03-22 05:54 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\czekierap\AppData\Local\GCC
2014-03-22 05:53 - 2014-03-22 05:53 - 00004568 _____ () C:\Windows\System32\Tasks\GC_Scheduler
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Torch
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Comodo
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Gość
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\czekierap\AppData\Local\Packages
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\czekierap\AppData\Local\Hyper Browser
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\czekierap\AppData\Local\Comodo
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\czekierap\AppData\Local\cache
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Users\Administrator
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\ProgramData\SaveClicker
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Program Files (x86)\Supporter
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 ____D () C:\Program Files (x86)\SaveClicker
2014-03-22 05:53 - 2014-03-22 05:53 - 00000000 _____ () C:\Users\czekierap\daemonprocess.txt
2014-03-22 05:53 - 2012-07-18 09:21 - 00000000 ____D () C:\Users\czekierap
2014-03-22 05:52 - 2014-03-22 05:52 - 00000000 ____D () C:\Users\czekierap\AppData\Local\2bfb0c6b-fdbe-4cc3-062a-3cd60fa7a04b
2014-03-22 05:51 - 2014-03-22 05:51 - 00000000 ____D () C:\Program Files\SkanerOnline
2014-03-22 05:46 - 2014-03-22 05:46 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-22 05:09 - 2014-03-22 05:03 - 00000162 _____ () C:\Users\czekierap\Desktop\Szkoly HGV London.txt
2014-03-16 00:50 - 2012-05-20 21:10 - 00002200 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-14 18:59 - 2012-07-18 10:02 - 00000000 ____D () C:\Users\czekierap\AppData\Roaming\GG
2014-03-14 16:47 - 2014-02-26 22:20 - 00000000 ____D () C:\Users\czekierap\Desktop\Filmy Nowe Net Movies
2014-03-12 02:16 - 2012-07-18 09:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 02:16 - 2012-07-18 09:40 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 02:16 - 2012-07-18 09:40 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-10 13:29 - 2013-11-07 16:21 - 00000000 ____D () C:\Users\czekierap\Desktop\Rap kawaliny fresh
2014-03-09 19:58 - 2009-07-14 06:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-08 13:06 - 2014-03-08 13:06 - 00000000 ____D () C:\Users\czekierap\AppData\Local\Microsoft Games
2014-03-07 00:24 - 2014-03-07 00:13 - 00000000 ____D () C:\Users\czekierap\Desktop\WSZYTSKO Z SERWERA

Some content of TEMP:
====================
C:\Users\czekierap\AppData\Local\Temp\Quarantine.exe
C:\Users\czekierap\AppData\Local\Temp\~5E9B0DF8AED44214921703B3DEA07E36.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-30 01:40

==================== End Of Log ============================