Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by Tomek (administrator) on TOMEK-PC on 01-11-2013 18:31:54
Running from C:\Users\Tomek\Desktop\Nowy folder (3)
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Polish
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
() C:\Windows\system32\PnkBstrA.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\IgrsSvcs.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Tomek\Desktop\Nowy folder (3)\FRST (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [EnergyUtility] - C:\Program Files\Lenovo\Energy Management\utility.exe [5207880 2008-05-22] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] - C:\Program Files\Lenovo\Energy Management\Energy Management.exe [8824648 2008-05-22] (Lenovo (Beijing) Limited)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe [36800 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [823224 2012-07-27] (Adobe Systems Inc.)
HKCU\...\Run: [ReadyComm] - C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe [425984 2007-06-03] (Lenovo Group Limited)
HKCU\...\Run: [T1024622TT4] - C:\Windows\system32\562732180417l.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/?utm_source=is
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Tomek\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Chrome: 
=======
CHR HomePage: hxxp://www.interia.pl/?utm_source=is
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0
CHR Extension: (Virtual Keyboard) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\14.0.0.4651_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx

========================== Services (Whitelisted) =================

R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-08] (Kaspersky Lab ZAO)
R2 btwdins; c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe [522792 2008-08-26] (Broadcom Corporation.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet Inc.)
R2 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [32768 2008-02-14] (Lenovo Group Limited)
R3 IncSvc; C:\Program Files\Lenovo\ReadyComm\IncSvc.dll [469504 2007-06-03] (Lenovo Group Limited)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2011-01-15] ()
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [270336 2007-04-11] (Lenovo Group Limited)
R2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [98304 2008-02-15] (Lenovo Group Limited)
R2 System_Repair_UpdateMonitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [430080 2008-09-27] (Lenovo Group Limited)

==================== Drivers (Whitelisted) ====================

R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [18448 2008-01-02] (Lenovo Corporation)
R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [356864 2010-09-27] (SafeNet Inc.)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [238208 2009-03-13] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [16384 2009-06-22] (Aladdin Knowledge Systems Ltd.)
R1 funfrm; C:\Windows\System32\Drivers\funfrm.sys [49472 2009-06-22] ()
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [588800 2009-12-09] (SafeNet Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2013-10-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [574560 2013-10-08] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-10-08] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-10-08] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-10-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145120 2013-06-06] (Kaspersky Lab ZAO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1747200 2008-05-23] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-07-28] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-07-28] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-07-28] (MCCI Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [100224 2010-07-28] (MCCI Corporation)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8064 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
R3 vhidmini; C:\Windows\System32\DRIVERS\ITEhidCIR.sys [10880 2008-01-24] (ITE Tech. Inc. )
R0 Wdkbdmou; C:\Windows\System32\DRIVERS\Wdkbdmou.sys [8832 2008-06-13] ()
R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [8832 2008-06-13] (Windows (R) Codename Longhorn DDK provider)
S3 WSVD; C:\Windows\system32\drivers\WSVD.sys [81192 2008-01-10] (CyberLink)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Tomek\AppData\Local\Temp\catchme.sys [x]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [x]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [x]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [x]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [94304 2013-06-08] (Kaspersky Lab ZAO)
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [x]
U3 ugloipow; \??\C:\Users\Tomek\AppData\Local\Temp\ugloipow.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-01 18:32 - 2013-11-01 18:32 - 00602112 _____ (OldTimer Tools) C:\Users\Tomek\Downloads\OTL.com
2013-11-01 18:29 - 2013-11-01 18:29 - 01089445 _____ (Farbar) C:\Users\Tomek\Downloads\FRST (2).exe
2013-11-01 18:28 - 2013-11-01 18:28 - 00000000 ____D C:\Users\Tomek\Desktop\Nowy folder (4)
2013-11-01 18:25 - 2013-11-01 18:25 - 00368554 _____ C:\Users\Tomek\Downloads\gmer.zip
2013-11-01 18:24 - 2013-11-01 18:30 - 00000000 ____D C:\Users\Tomek\Desktop\Nowy folder (3)
2013-11-01 18:16 - 2013-11-01 18:16 - 01089445 _____ (Farbar) C:\Users\Tomek\Downloads\FRST (1).exe
2013-10-30 20:16 - 2013-11-01 18:04 - 00000000 ____D C:\Users\Tomek\Desktop\ST
2013-10-30 19:18 - 2013-10-30 19:52 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-10-30 19:04 - 2013-10-30 20:52 - 00001859 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2013-10-23 10:31 - 2013-10-23 10:33 - 10207232 _____ C:\Users\Tomek\Downloads\zdjecia_3część_ALL.zip.bd582do.partial
2013-10-20 11:41 - 2013-10-20 11:41 - 00522752 _____ (Duplex Secure Ltd.) C:\Users\Tomek\Downloads\SPTDinst-v184-x86.exe
2013-10-20 11:36 - 2013-10-20 11:36 - 00377856 _____ C:\Users\Tomek\Downloads\tjfh36yr.exe
2013-10-20 11:32 - 2013-10-20 11:32 - 00029412 _____ C:\Users\Tomek\Downloads\FRST.txt
2013-10-20 11:30 - 2013-10-20 11:32 - 00024893 _____ C:\Users\Tomek\Downloads\Addition.txt
2013-10-20 11:22 - 2013-10-20 11:22 - 00000000 ____D C:\FRST
2013-10-20 11:12 - 2013-10-20 11:12 - 00048426 _____ C:\Users\Tomek\Downloads\Extras.Txt
2013-10-20 11:08 - 2013-10-20 11:08 - 00085154 _____ C:\Users\Tomek\Downloads\OTL.Txt
2013-10-20 10:34 - 2013-10-20 11:55 - 00001900 _____ C:\Users\Tomek\Desktop\Nowy dokument tekstowy.txt
2013-10-20 09:55 - 2013-10-20 09:55 - 00891167 _____ C:\Users\Tomek\Downloads\SecurityCheck.exe
2013-10-20 09:48 - 2013-10-20 09:48 - 01087515 _____ (Farbar) C:\Users\Tomek\Downloads\FRST.exe
2013-10-20 09:45 - 2013-10-20 09:46 - 00602112 _____ (OldTimer Tools) C:\Users\Tomek\Downloads\OTL.exe
2013-10-12 18:24 - 2013-10-12 18:24 - 00001996 _____ C:\Users\Public\Desktop\INTERCENBUD - ceny średnie RMS.lnk
2013-10-12 18:24 - 2013-10-12 18:24 - 00000000 ____D C:\Program Files\Athenasoft
2013-10-09 18:52 - 2013-10-09 19:23 - 00001850 _____ C:\UsbFix.txt
2013-10-09 18:52 - 2013-10-09 19:23 - 00000000 ____D C:\UsbFix
2013-10-09 18:49 - 2013-10-09 18:50 - 00000000 ____D C:\Users\Tomek\Desktop\Nowy folder (2)
2013-10-09 18:48 - 2013-10-09 18:48 - 00000000 ____D C:\Users\Tomek\Desktop\UsbFix
2013-10-09 18:47 - 2013-10-09 18:48 - 01200411 _____ C:\Users\Tomek\Desktop\UsbFix.rar
2013-10-09 18:33 - 2013-10-09 18:33 - 00000000 ____D C:\Users\Tomek\Desktop\seki
2013-10-09 18:31 - 2013-10-09 18:32 - 04260512 _____ C:\Users\Tomek\Desktop\seki.rar
2013-10-09 17:56 - 2013-09-22 11:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 17:56 - 2013-09-22 11:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 17:56 - 2013-09-22 11:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 17:56 - 2013-09-22 11:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-09 17:56 - 2013-09-22 11:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 17:56 - 2013-09-22 11:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 17:56 - 2013-09-22 11:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-09 17:56 - 2013-09-22 11:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 17:56 - 2013-09-22 11:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-09 17:56 - 2013-09-22 11:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 17:56 - 2013-09-22 11:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-09 17:56 - 2013-09-22 11:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 17:56 - 2013-09-22 11:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 17:56 - 2013-09-22 11:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 17:56 - 2013-09-22 11:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-09 17:56 - 2013-09-22 10:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 10:42 - 2013-08-29 08:56 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2013-10-09 10:42 - 2013-08-29 08:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 10:42 - 2013-08-27 03:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-10-09 10:42 - 2013-08-27 03:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-09 10:42 - 2013-08-27 03:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-10-09 10:42 - 2013-08-27 03:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-09 10:42 - 2013-08-27 02:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-09 10:42 - 2013-08-27 02:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-09 10:42 - 2013-08-27 02:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-09 10:42 - 2013-08-27 02:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-09 10:42 - 2013-08-27 02:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-09 10:42 - 2013-08-01 04:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 10:42 - 2013-08-01 03:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-09 10:42 - 2013-07-20 11:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 10:42 - 2013-07-04 05:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 10:42 - 2013-07-03 03:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-09 10:42 - 2013-07-03 03:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 10:42 - 2013-06-29 03:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 10:42 - 2013-06-29 03:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 10:42 - 2013-06-29 03:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 10:42 - 2013-06-29 03:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 10:42 - 2013-06-27 00:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 10:42 - 2013-06-04 05:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 10:42 - 2013-06-04 02:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 10:42 - 2011-05-05 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 10:42 - 2011-05-05 14:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-08 22:01 - 2013-10-08 22:08 - 00262144 _____ C:\Windows\system32\config\elam
2013-10-08 21:49 - 2013-10-08 21:49 - 00164016 _____ C:\Windows\Minidump\Mini100813-01.dmp
2013-10-08 20:42 - 2013-10-08 20:41 - 00000926 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2013-10-08 20:37 - 2013-11-01 18:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-10-08 20:37 - 2013-10-08 20:37 - 00000000 ____D C:\Program Files\Kaspersky Lab
2013-10-08 20:36 - 2013-10-08 21:23 - 00574560 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-10-08 20:36 - 2013-06-08 19:18 - 00094304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2013-10-08 19:34 - 2013-10-08 20:05 - 246185648 _____ (Kaspersky Lab) C:\Users\Tomek\Downloads\kav14.0.0.4651pl-pl.exe
2013-10-08 16:12 - 2013-10-08 16:12 - 01424512 _____ C:\Users\Tomek\Downloads\Rzut.dwg
2013-10-07 18:49 - 2013-10-20 11:08 - 00000000 ____D C:\Program Files\Panda Security
2013-10-05 12:03 - 2013-10-05 12:03 - 00016196 _____ C:\ComboFix.txt
2013-10-05 11:50 - 2013-10-05 12:03 - 00000000 ____D C:\ComboFix
2013-10-05 11:45 - 2013-10-05 11:45 - 00347424 _____ (Microsoft Corporation) C:\Users\Tomek\Downloads\MicrosoftFixit.WinUSB.Run.exe

==================== One Month Modified Files and Folders =======

2013-11-01 18:32 - 2013-11-01 18:32 - 00602112 _____ (OldTimer Tools) C:\Users\Tomek\Downloads\OTL.com
2013-11-01 18:30 - 2013-11-01 18:24 - 00000000 ____D C:\Users\Tomek\Desktop\Nowy folder (3)
2013-11-01 18:29 - 2013-11-01 18:29 - 01089445 _____ (Farbar) C:\Users\Tomek\Downloads\FRST (2).exe
2013-11-01 18:28 - 2013-11-01 18:28 - 00000000 ____D C:\Users\Tomek\Desktop\Nowy folder (4)
2013-11-01 18:27 - 2009-06-22 18:51 - 01248994 _____ C:\Windows\WindowsUpdate.log
2013-11-01 18:25 - 2013-11-01 18:25 - 00368554 _____ C:\Users\Tomek\Downloads\gmer.zip
2013-11-01 18:16 - 2013-11-01 18:16 - 01089445 _____ (Farbar) C:\Users\Tomek\Downloads\FRST (1).exe
2013-11-01 18:12 - 2009-11-27 17:03 - 00001034 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-01 18:12 - 2009-11-27 17:03 - 00001030 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-01 18:09 - 2013-10-08 20:37 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-11-01 18:08 - 2009-06-22 17:56 - 00672390 _____ C:\Windows\system32\perfh015.dat
2013-11-01 18:08 - 2009-06-22 17:56 - 00130766 _____ C:\Windows\system32\perfc015.dat
2013-11-01 18:08 - 2006-11-02 11:33 - 01495500 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-01 18:04 - 2013-10-30 20:16 - 00000000 ____D C:\Users\Tomek\Desktop\ST
2013-11-01 18:04 - 2009-07-25 20:14 - 00027839 _____ C:\ProgramData\nvModes.001
2013-11-01 18:04 - 2009-06-22 20:32 - 06677301 _____ C:\FaceProv.log
2013-10-31 08:33 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-31 08:33 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-30 20:52 - 2013-10-30 19:04 - 00001859 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2013-10-30 20:42 - 2009-06-22 19:55 - 00000000 ____D C:\ProgramData\Adobe
2013-10-30 20:19 - 2009-06-22 20:34 - 00000056 ___SH C:\_PartitionInfo
2013-10-30 20:19 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-30 20:18 - 2009-06-22 18:51 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-10-30 20:18 - 2006-11-02 14:01 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-30 19:52 - 2013-10-30 19:18 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-10-30 19:22 - 2009-07-25 15:20 - 00134024 _____ C:\Users\Tomek\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-30 19:21 - 2006-11-02 13:47 - 01805144 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-30 19:20 - 2008-01-21 03:47 - 00589410 _____ C:\Windows\PFRO.log
2013-10-30 19:14 - 2009-07-25 15:19 - 00000000 ____D C:\Users\Tomek
2013-10-30 19:04 - 2011-08-20 10:30 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-10-30 18:59 - 2011-08-20 10:30 - 00000000 ____D C:\Program Files\Adobe
2013-10-29 11:39 - 2009-07-26 20:40 - 00000000 ____D C:\Users\Tomek\.gstreamer-0.10
2013-10-29 11:38 - 2013-06-01 16:56 - 00000000 ____D C:\Users\Tomek\Documents\Fotolabo
2013-10-23 10:33 - 2013-10-23 10:31 - 10207232 _____ C:\Users\Tomek\Downloads\zdjecia_3część_ALL.zip.bd582do.partial
2013-10-20 15:28 - 2009-07-25 20:14 - 00027839 _____ C:\ProgramData\nvModes.dat
2013-10-20 11:55 - 2013-10-20 10:34 - 00001900 _____ C:\Users\Tomek\Desktop\Nowy dokument tekstowy.txt
2013-10-20 11:41 - 2013-10-20 11:41 - 00522752 _____ (Duplex Secure Ltd.) C:\Users\Tomek\Downloads\SPTDinst-v184-x86.exe
2013-10-20 11:36 - 2013-10-20 11:36 - 00377856 _____ C:\Users\Tomek\Downloads\tjfh36yr.exe
2013-10-20 11:32 - 2013-10-20 11:32 - 00029412 _____ C:\Users\Tomek\Downloads\FRST.txt
2013-10-20 11:32 - 2013-10-20 11:30 - 00024893 _____ C:\Users\Tomek\Downloads\Addition.txt
2013-10-20 11:22 - 2013-10-20 11:22 - 00000000 ____D C:\FRST
2013-10-20 11:12 - 2013-10-20 11:12 - 00048426 _____ C:\Users\Tomek\Downloads\Extras.Txt
2013-10-20 11:08 - 2013-10-20 11:08 - 00085154 _____ C:\Users\Tomek\Downloads\OTL.Txt
2013-10-20 11:08 - 2013-10-07 18:49 - 00000000 ____D C:\Program Files\Panda Security
2013-10-20 09:55 - 2013-10-20 09:55 - 00891167 _____ C:\Users\Tomek\Downloads\SecurityCheck.exe
2013-10-20 09:48 - 2013-10-20 09:48 - 01087515 _____ (Farbar) C:\Users\Tomek\Downloads\FRST.exe
2013-10-20 09:46 - 2013-10-20 09:45 - 00602112 _____ (OldTimer Tools) C:\Users\Tomek\Downloads\OTL.exe
2013-10-15 18:24 - 2009-11-27 17:10 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-12 18:24 - 2013-10-12 18:24 - 00001996 _____ C:\Users\Public\Desktop\INTERCENBUD - ceny średnie RMS.lnk
2013-10-12 18:24 - 2013-10-12 18:24 - 00000000 ____D C:\Program Files\Athenasoft
2013-10-10 08:59 - 2013-07-24 19:38 - 00000000 ____D C:\Users\Tomek\Desktop\zdjęcia sprzed morza
2013-10-09 20:06 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-09 19:23 - 2013-10-09 18:52 - 00001850 _____ C:\UsbFix.txt
2013-10-09 19:23 - 2013-10-09 18:52 - 00000000 ____D C:\UsbFix
2013-10-09 18:50 - 2013-10-09 18:49 - 00000000 ____D C:\Users\Tomek\Desktop\Nowy folder (2)
2013-10-09 18:48 - 2013-10-09 18:48 - 00000000 ____D C:\Users\Tomek\Desktop\UsbFix
2013-10-09 18:48 - 2013-10-09 18:47 - 01200411 _____ C:\Users\Tomek\Desktop\UsbFix.rar
2013-10-09 18:33 - 2013-10-09 18:33 - 00000000 ____D C:\Users\Tomek\Desktop\seki
2013-10-09 18:32 - 2013-10-09 18:31 - 04260512 _____ C:\Users\Tomek\Desktop\seki.rar
2013-10-09 18:14 - 2009-07-25 20:14 - 00104000 _____ C:\Windows\system32\ICAutoUpdate.log.bak
2013-10-09 18:07 - 2012-02-19 16:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 18:00 - 2013-08-13 07:05 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 17:59 - 2006-11-02 11:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-10-08 23:28 - 2010-10-17 10:35 - 00000000 ____D C:\Users\Tomek\AppData\Local\BearShare
2013-10-08 22:08 - 2013-10-08 22:01 - 00262144 _____ C:\Windows\system32\config\elam
2013-10-08 21:49 - 2013-10-08 21:49 - 00164016 _____ C:\Windows\Minidump\Mini100813-01.dmp
2013-10-08 21:49 - 2009-08-23 11:36 - 00000000 ____D C:\Windows\Minidump
2013-10-08 21:49 - 2009-08-23 11:35 - 394989163 _____ C:\Windows\MEMORY.DMP
2013-10-08 21:23 - 2013-10-08 20:36 - 00574560 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-10-08 21:23 - 2013-06-10 11:27 - 00025696 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2013-10-08 21:23 - 2013-05-06 08:22 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2013-10-08 21:23 - 2013-05-05 21:42 - 00025696 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2013-10-08 21:23 - 2013-05-05 21:42 - 00025696 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2013-10-08 20:41 - 2013-10-08 20:42 - 00000926 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2013-10-08 20:37 - 2013-10-08 20:37 - 00000000 ____D C:\Program Files\Kaspersky Lab
2013-10-08 20:20 - 2009-06-22 20:34 - 22759250 _____ C:\sysiclog.txt.bak
2013-10-08 20:05 - 2013-10-08 19:34 - 246185648 _____ (Kaspersky Lab) C:\Users\Tomek\Downloads\kav14.0.0.4651pl-pl.exe
2013-10-08 16:12 - 2013-10-08 16:12 - 01424512 _____ C:\Users\Tomek\Downloads\Rzut.dwg
2013-10-05 12:08 - 2009-10-04 20:06 - 00123904 _____ C:\Users\Tomek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-05 12:03 - 2013-10-05 12:03 - 00016196 _____ C:\ComboFix.txt
2013-10-05 12:03 - 2013-10-05 11:50 - 00000000 ____D C:\ComboFix
2013-10-05 12:03 - 2013-06-06 16:21 - 00000000 ____D C:\Qoobox
2013-10-05 12:00 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini
2013-10-05 11:49 - 2013-09-14 20:49 - 05130782 ____R (Swearware) C:\Users\Tomek\Downloads\ComboFix.exe
2013-10-05 11:45 - 2013-10-05 11:45 - 00347424 _____ (Microsoft Corporation) C:\Users\Tomek\Downloads\MicrosoftFixit.WinUSB.Run.exe
2013-10-03 16:28 - 2013-09-19 19:24 - 00000000 ____D C:\Users\Tomek\Desktop\TV

Some content of TEMP:
====================
C:\Users\Tomek\AppData\Local\temp\aqbarqcr.exe
C:\Users\Tomek\AppData\Local\temp\AskSLib.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-30 20:26

==================== End Of Log ============================