Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-05-2014
Ran by Józek (administrator) on JOZPC on 14-05-2014 19:23:00
Running from C:\Users\Józek\Desktop
Platform: Windows 8 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
(ComArch S.A.) C:\Program Files (x86)\Comarch\ComarchSmartCard\CardServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
() C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(piscine) C:\Users\Józek\AppData\Local\Genesis\Genesis.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Józek\Desktop\FRST64 (2).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\runner_avp.exe [24504 2013-05-03] (Kaspersky Lab ZAO)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\Run: [Hoolapp Android] => "C:\Users\Józek\AppData\Roaming\HoolappForAndroid\Hoolapp.exe" /Minimized
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473464 2014-03-17] (TomTom)
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\Run: [ALLUpdate] => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep"
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\Run: [genesis] => c:\users\józek\appdata\local\genesis\genesis.exe [2707456 2014-05-09] (piscine)
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {2f8b1661-2151-11e3-bed0-50b7c3051a1f} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {2f8b169f-2151-11e3-bed0-50b7c3051a1f} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {2f8b1770-2151-11e3-bed0-50b7c3051a1f} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {3befb474-ae67-11e2-bea4-c8f73309c5da} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {3dea222f-2041-11e3-becf-50b7c3051a1f} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {940b845b-acff-11e2-bea3-c8f73309c5da} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {940b8768-acff-11e2-bea3-c8f73309c5da} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {940b8d2a-acff-11e2-bea3-c8f73309c5da} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {9566f0da-1a05-11e3-beca-c8f73309c5da} - "D:\setup.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {ba020b14-f93d-11e2-bebe-c8f73309c5da} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {ba022036-f93d-11e2-bebe-c8f73309c5da} - "D:\setup.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {ba022060-f93d-11e2-bebe-c8f73309c5da} - "D:\setup.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {be9c9f18-bbd3-11e2-beab-c8f73309c5da} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {c1e42410-23be-11e3-bed1-50b7c3051a1f} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\MountPoints2: {c942370b-5e54-11e3-bed8-50b7c3051a1f} - "D:\AutoRun.exe" 
Startup: C:\Users\Józek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX&q={searchTerms}
SearchScopes: HKLM - {96508140-5FAC-4624-9FE9-08A58E5FBFE5} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1399667016&from=amt&uid=HitachiXHTS545050A7E380_TE85113Q0JGM6R0JGM6RX&q={searchTerms}
SearchScopes: HKLM-x32 - {96508140-5FAC-4624-9FE9-08A58E5FBFE5} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {96508140-5FAC-4624-9FE9-08A58E5FBFE5} URL = 
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {96508140-5FAC-4624-9FE9-08A58E5FBFE5} URL = 
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: HKLM-x32 {92ECE6FA-AC2E-4042-BFAE-0C8608E52A40} https://www.r-bank.pl/cib/static/components/raiffeisen-signplugin-win-x86-ie-1.3.0.36.cab
Tcpip\..\Interfaces\{062F7E48-DF8F-4CD6-8769-D9E1FF051CAE}: [NameServer]89.108.195.21 89.108.202.21
Tcpip\..\Interfaces\{A17A41EB-09D5-4ADE-9ED5-DF75BA67E38D}: [NameServer]89.108.195.21 89.108.202.21
Tcpip\..\Interfaces\{D467B618-FBDC-4806-912E-3618900D1B1B}: [NameServer]89.108.202.21 89.108.195.21
Tcpip\..\Interfaces\{F23863B2-7A8C-41B5-B442-B1F6C2E4B058}: [NameServer]89.108.195.20 89.108.202.20

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2013-06-19]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2013-06-19]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2013-06-19]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\anti_banner@kaspersky.com [2013-06-19]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\online_banking@kaspersky.com [2013-06-19]

Chrome: 
=======
CHR Extension: (Dokumenty Google) - C:\Users\Józek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-13]
CHR Extension: (Dysk Google) - C:\Users\Józek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-13]
CHR Extension: (YouTube) - C:\Users\Józek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-13]
CHR Extension: (Szukaj w Google) - C:\Users\Józek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-13]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Józek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-05-13]
CHR Extension: (Blokada zawartości) - C:\Users\Józek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-05-13]
CHR Extension: (Klawiatura wirtualna) - C:\Users\Józek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-05-13]
CHR Extension: (Google Wallet) - C:\Users\Józek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-13]
CHR Extension: (Gmail) - C:\Users\Józek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-13]
CHR Extension: (Blokowanie banerów) - C:\Users\Józek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-05-13]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\urladvisor.crx [2013-05-03]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\online_banking_chrome.crx [2013-05-03]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\content_blocker_chrome.crx [2013-05-03]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\virtkbd.crx [2013-05-03]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\ab.crx [2013-05-03]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-18] (Adobe Systems)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2014-05-12] (Kaspersky Lab ZAO)
R2 ComarchCardServer; C:\Program Files (x86)\Comarch\ComarchSmartCard\CardServer.exe [130560 2013-04-09] (ComArch S.A.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2013-09-19] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
R3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [229376 2013-09-19] (Huawei Technologies Co., Ltd.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-12] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-05-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-05-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-05-12] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-05-12] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2014-05-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-03] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-05-03] (Kaspersky Lab ZAO)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-10-13] (Windows (R) 2003 DDK 3790 provider)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-05-10] (StdLib)
R1 {b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}w64; C:\Windows\System32\drivers\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}w64.sys [61112 2014-04-24] (StdLib)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 SBIOSIO; \??\C:\windiag\SBIOSIO64.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-14 19:23 - 2014-05-14 19:23 - 00023870 _____ () C:\Users\Józek\Desktop\FRST.txt
2014-05-14 19:22 - 2014-05-14 19:23 - 00000000 ____D () C:\FRST
2014-05-14 19:21 - 2014-05-14 19:21 - 02066944 _____ (Farbar) C:\Users\Józek\Downloads\FRST64 (2).exe
2014-05-14 19:21 - 2014-05-14 19:21 - 02066944 _____ (Farbar) C:\Users\Józek\Desktop\FRST64 (2).exe
2014-05-14 19:19 - 2014-05-14 19:20 - 02066944 _____ (Farbar) C:\Users\Józek\Downloads\FRST64 (1).exe
2014-05-14 19:18 - 2014-05-14 19:19 - 02066944 _____ (Farbar) C:\Users\Józek\Downloads\FRST64.exe
2014-05-14 19:14 - 2014-05-14 19:14 - 00458008 _____ () C:\Users\Józek\Downloads\setup.exe
2014-05-14 18:53 - 2014-05-14 18:53 - 00000000 ___SH () C:\DkHyperbootSync
2014-05-13 19:09 - 2014-05-13 19:09 - 00303832 _____ () C:\windows\Minidump\051314-27812-01.dmp
2014-05-13 17:57 - 2014-05-13 17:57 - 00380416 _____ () C:\Users\Józek\Downloads\dzh13zc8.exe
2014-05-13 17:24 - 2014-05-13 17:24 - 00002233 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-13 17:24 - 2014-05-13 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-13 17:17 - 2014-05-13 17:17 - 00103437 _____ () C:\Users\Józek\Desktop\bookmarks_13.05.2014.html
2014-05-13 15:11 - 2014-05-13 15:12 - 06715624 _____ (TomTom International B.V.) C:\Users\Józek\Desktop\InstallMyDriveConnect.exe
2014-05-13 15:11 - 2014-03-28 21:22 - 06715624 _____ (TomTom International B.V.) C:\Users\Józek\Downloads\InstallMyDriveConnect_3_3_0_1502.exe
2014-05-12 17:58 - 2014-05-12 17:58 - 00000000 _____ () C:\autoexec.bat
2014-05-12 17:57 - 2014-05-12 17:57 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-12 17:55 - 2014-05-13 12:18 - 00000000 ____D () C:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-12 16:09 - 2014-04-24 12:27 - 00061112 _____ (StdLib) C:\windows\system32\Drivers\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}w64.sys
2014-05-12 12:12 - 2014-05-12 12:12 - 00625760 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2014-05-12 12:12 - 2014-05-12 12:12 - 00458336 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kl1.sys
2014-05-12 12:12 - 2014-05-12 12:12 - 00030304 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klim6.sys
2014-05-12 12:12 - 2014-05-12 12:12 - 00029280 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klmouflt.sys
2014-05-12 12:12 - 2014-05-12 12:12 - 00029280 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klkbdflt.sys
2014-05-12 11:54 - 2014-05-12 11:54 - 00001278 _____ () C:\Users\Józek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013.lnk
2014-05-12 11:54 - 2013-06-19 10:07 - 00001143 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
2014-05-10 17:44 - 2014-05-10 17:44 - 00061112 _____ (StdLib) C:\windows\system32\Drivers\wStLibG64.sys
2014-05-09 22:22 - 2014-05-14 19:23 - 00000000 ____D () C:\Users\Józek\AppData\Local\Genesis
2014-05-09 22:21 - 2014-05-14 19:00 - 00000344 _____ () C:\windows\Tasks\AmiUpdXp.job
2014-05-09 22:21 - 2014-05-09 22:21 - 00000000 ____D () C:\Users\Józek\AppData\Local\13213
2014-05-06 15:45 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-05-06 15:45 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-05-06 15:44 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 15:44 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-05-06 15:44 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-05 17:08 - 2014-04-23 01:47 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-05 17:08 - 2014-04-23 01:47 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-05 16:15 - 2014-04-29 16:14 - 19275264 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-05 16:15 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-05 16:15 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-05 16:14 - 2014-04-29 14:36 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 14:00 - 2014-04-29 14:00 - 00001468 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-04-29 14:00 - 2014-04-29 14:00 - 00000000 ____D () C:\Program Files\Windows Live
2014-04-22 13:11 - 2014-04-22 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-22 13:11 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-22 13:11 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-04-22 13:11 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-04-22 13:11 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-04-22 13:10 - 2014-04-22 13:11 - 00004140 _____ () C:\windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-14 13:20 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-14 13:20 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-14 13:20 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-14 13:20 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-14 13:20 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-14 13:20 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-14 13:20 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-14 13:20 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-14 13:20 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-14 13:20 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-14 13:20 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-14 13:20 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-14 13:20 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-14 13:20 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-14 13:20 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-14 13:17 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-14 13:17 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-14 13:17 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-14 13:17 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-14 13:17 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-14 13:17 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-14 13:17 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-14 13:17 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-14 13:17 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-14 13:17 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-14 13:17 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-14 13:17 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-14 13:17 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-14 13:17 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-14 13:17 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-14 13:17 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-14 13:17 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-14 13:17 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-14 13:17 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-14 13:17 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-14 13:17 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-14 13:17 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-14 13:17 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-14 13:17 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-14 13:16 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-14 13:16 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-14 13:16 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-14 13:16 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-14 13:16 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

==================== One Month Modified Files and Folders =======

2014-05-14 19:23 - 2014-05-14 19:23 - 00023870 _____ () C:\Users\Józek\Desktop\FRST.txt
2014-05-14 19:23 - 2014-05-14 19:22 - 00000000 ____D () C:\FRST
2014-05-14 19:23 - 2014-05-09 22:22 - 00000000 ____D () C:\Users\Józek\AppData\Local\Genesis
2014-05-14 19:21 - 2014-05-14 19:21 - 02066944 _____ (Farbar) C:\Users\Józek\Downloads\FRST64 (2).exe
2014-05-14 19:21 - 2014-05-14 19:21 - 02066944 _____ (Farbar) C:\Users\Józek\Desktop\FRST64 (2).exe
2014-05-14 19:21 - 2013-06-19 10:05 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-14 19:20 - 2014-05-14 19:19 - 02066944 _____ (Farbar) C:\Users\Józek\Downloads\FRST64 (1).exe
2014-05-14 19:19 - 2014-05-14 19:18 - 02066944 _____ (Farbar) C:\Users\Józek\Downloads\FRST64.exe
2014-05-14 19:14 - 2014-05-14 19:14 - 00458008 _____ () C:\Users\Józek\Downloads\setup.exe
2014-05-14 19:07 - 2012-08-23 03:05 - 00794946 _____ () C:\windows\system32\perfh015.dat
2014-05-14 19:07 - 2012-08-23 03:05 - 00159530 _____ () C:\windows\system32\perfc015.dat
2014-05-14 19:07 - 2012-07-26 09:28 - 01793398 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-14 19:05 - 2013-04-24 20:02 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2592862549-595905708-2507062346-1001
2014-05-14 19:01 - 2013-08-19 11:41 - 00000374 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2014-05-14 19:01 - 2013-05-13 20:36 - 00000000 ____D () C:\Users\Józek\AppData\Local\CrashDumps
2014-05-14 19:00 - 2014-05-09 22:21 - 00000344 _____ () C:\windows\Tasks\AmiUpdXp.job
2014-05-14 19:00 - 2013-04-25 08:45 - 00001054 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-14 19:00 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-14 18:53 - 2014-05-14 18:53 - 00000000 ___SH () C:\DkHyperbootSync
2014-05-14 18:50 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-05-14 12:58 - 2013-04-25 08:45 - 00001058 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 19:09 - 2014-05-13 19:09 - 00303832 _____ () C:\windows\Minidump\051314-27812-01.dmp
2014-05-13 19:09 - 2014-03-10 13:44 - 1512341494 _____ () C:\windows\MEMORY.DMP
2014-05-13 19:09 - 2013-07-17 21:34 - 00000000 ____D () C:\windows\Minidump
2014-05-13 19:09 - 2012-08-05 23:07 - 00985602 _____ () C:\windows\PFRO.log
2014-05-13 17:57 - 2014-05-13 17:57 - 00380416 _____ () C:\Users\Józek\Downloads\dzh13zc8.exe
2014-05-13 17:24 - 2014-05-13 17:24 - 00002233 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-13 17:24 - 2014-05-13 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-13 17:24 - 2013-04-25 08:45 - 00000000 ____D () C:\Users\Józek\AppData\Local\Google
2014-05-13 17:24 - 2013-04-25 08:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-13 17:20 - 2013-04-25 08:43 - 00000000 ____D () C:\Users\Józek\AppData\Local\Deployment
2014-05-13 17:17 - 2014-05-13 17:17 - 00103437 _____ () C:\Users\Józek\Desktop\bookmarks_13.05.2014.html
2014-05-13 15:12 - 2014-05-13 15:11 - 06715624 _____ (TomTom International B.V.) C:\Users\Józek\Desktop\InstallMyDriveConnect.exe
2014-05-13 15:12 - 2013-09-11 09:30 - 00000000 ____D () C:\Users\Józek\Desktop\Pobrane pliki
2014-05-13 15:07 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-05-13 12:18 - 2014-05-12 17:55 - 00000000 ____D () C:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-12 17:58 - 2014-05-12 17:58 - 00000000 _____ () C:\autoexec.bat
2014-05-12 17:57 - 2014-05-12 17:57 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-12 17:50 - 2013-04-24 18:56 - 00001450 _____ () C:\Users\Józek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-12 17:48 - 2013-11-15 17:08 - 00000000 ____D () C:\Program Files (x86)\BonanzaDealsLive
2014-05-12 17:48 - 2013-11-15 17:07 - 00000000 ____D () C:\Program Files (x86)\BonanzaDeals
2014-05-12 17:43 - 2012-07-26 07:26 - 00000269 _____ () C:\windows\win.ini
2014-05-12 12:27 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-05-12 12:12 - 2014-05-12 12:12 - 00625760 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2014-05-12 12:12 - 2014-05-12 12:12 - 00458336 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kl1.sys
2014-05-12 12:12 - 2014-05-12 12:12 - 00030304 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klim6.sys
2014-05-12 12:12 - 2014-05-12 12:12 - 00029280 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klmouflt.sys
2014-05-12 12:12 - 2014-05-12 12:12 - 00029280 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klkbdflt.sys
2014-05-12 11:54 - 2014-05-12 11:54 - 00001278 _____ () C:\Users\Józek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013.lnk
2014-05-12 11:54 - 2013-07-18 21:20 - 00000000 ____D () C:\Users\J�zek
2014-05-12 11:54 - 2012-08-22 10:24 - 00000000 ____D () C:\Users\EasySurvey
2014-05-12 11:27 - 2012-08-22 09:28 - 01461885 _____ () C:\windows\WindowsUpdate.log
2014-05-12 11:12 - 2013-05-17 09:35 - 00000000 ____D () C:\Users\Józek\AppData\Roaming\Samsung
2014-05-12 11:12 - 2013-04-24 18:55 - 00000000 ____D () C:\Users\Józek\AppData\Local\Packages
2014-05-12 11:12 - 2012-08-22 10:12 - 00000000 ____D () C:\ProgramData\Samsung
2014-05-12 11:12 - 2012-08-22 09:28 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-05-12 11:12 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-05-10 17:44 - 2014-05-10 17:44 - 00061112 _____ (StdLib) C:\windows\system32\Drivers\wStLibG64.sys
2014-05-10 10:53 - 2013-04-25 08:45 - 00004030 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 10:53 - 2013-04-25 08:45 - 00003794 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-10 10:38 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-05-09 22:21 - 2014-05-09 22:21 - 00000000 ____D () C:\Users\Józek\AppData\Local\13213
2014-05-09 22:21 - 2013-05-15 18:56 - 00478720 _____ () C:\Users\Józek\Desktop\Bilans roboczy nowa wersja.xls
2014-05-06 23:17 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-05-06 18:21 - 2013-05-06 20:44 - 00000000 ____D () C:\Users\Józek\Desktop\Gosia dokumenty
2014-05-05 11:51 - 2013-05-15 18:59 - 00000000 ____D () C:\Users\Józek\Desktop\Wspin
2014-05-05 10:54 - 2013-05-06 20:47 - 00002765 _____ () C:\Users\Józek\Desktop\Konta.txt
2014-04-29 16:14 - 2014-05-05 16:15 - 19275264 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-29 14:47 - 2014-05-05 16:15 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-29 14:36 - 2014-05-05 16:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 14:25 - 2014-05-05 16:15 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-29 14:00 - 2014-04-29 14:00 - 00001468 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-04-29 14:00 - 2014-04-29 14:00 - 00000000 ____D () C:\Program Files\Windows Live
2014-04-29 14:00 - 2013-05-10 13:03 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-04-24 12:27 - 2014-05-12 16:09 - 00061112 _____ (StdLib) C:\windows\system32\Drivers\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}w64.sys
2014-04-23 09:32 - 2013-04-24 18:57 - 00000000 ___RD () C:\Users\Józek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-23 09:32 - 2013-04-24 18:57 - 00000000 ___RD () C:\Users\Józek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-23 09:29 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-23 01:47 - 2014-05-05 17:08 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2014-05-05 17:08 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-22 13:11 - 2014-04-22 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-22 13:11 - 2014-04-22 13:10 - 00004140 _____ () C:\windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-22 13:11 - 2013-10-16 19:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-22 13:11 - 2013-04-26 13:44 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-22 12:40 - 2013-04-24 18:56 - 00000000 ____D () C:\Users\Józek\AppData\Local\VirtualStore
2014-04-19 11:39 - 2014-05-06 15:45 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-06 15:45 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-06 15:44 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-06 15:44 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-06 15:44 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-16 13:14 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\NDF
2014-04-14 20:13 - 2014-04-22 13:11 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-22 13:11 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-22 13:11 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-22 13:11 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some content of TEMP:
====================
C:\Users\Józek\AppData\Local\Temp\amt_webssearches.exe
C:\Users\Józek\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Józek\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Józek\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Józek\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Józek\AppData\Local\Temp\runsetup.exe
C:\Users\Józek\AppData\Local\Temp\SHSetup.exe
C:\Users\Józek\AppData\Local\Temp\?odec Performer804499.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-07 10:44

==================== End Of Log ============================