Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014
Ran by Maciek (administrator) on MACIEK-KOMPUTER on 27-01-2014 10:27:34
Running from C:\Users\Maciek\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
() C:\Support\couponsupport.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files (x86)\Bizzybolt\updateBizzybolt.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\realplayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(GG Network S.A.) C:\Users\Maciek\AppData\Local\GG\Application\gghub.exe
(GG Network S.A.) C:\Users\Maciek\AppData\Local\GG\Application\ggapp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(GG Network S.A.) C:\Users\Maciek\AppData\Local\GG\Application\ggdrive\ggdrive.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Maciek\Downloads\wzur15ju.exe
(GG Network S.A.) C:\Users\Maciek\AppData\Local\GG\Application\xulrunner\gghub.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\realplayer\update\realsched.exe [295512 2013-12-03] (RealNetworks, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-14] (Hewlett-Packard)
HKCU\...\Policies\system: [WallpaperStyle] 2
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
MountPoints2: {15871197-e0e8-11df-b18f-00271331500c} - G:\AutoRun.exe
MountPoints2: {158711a6-e0e8-11df-b18f-00271331500c} - G:\AutoRun.exe
MountPoints2: {fa2f8240-fd0b-11e0-9a5d-806e6f6e6963} - H:\autorun.exe
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144 2010-06-29] (Hewlett-Packard)
HKU\Default\...\Policies\system: [WallpaperStyle] 2
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144 2010-06-29] (Hewlett-Packard)
HKU\Default User\...\Policies\system: [WallpaperStyle] 2
AppInit_DLLs-x32: c:\progra~2\psupport\psupport.dll => C:\Program Files (x86)\PSupport\psupport.dll [857600 2013-10-06] ()
Lsa: [Notification Packages] scecli DPPWDFLT
Startup: C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EPUHelp.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT1_WD-WXD0C790647206472&ts=1383840361&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT1_WD-WXD0C790647206472&ts=1383840361&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT1_WD-WXD0C790647206472&ts=1383840361&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT1_WD-WXD0C790647206472&ts=1383840361&type=default&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=sc&from=cor&uid=WDCXWD5000BEVT-60ZAT1_WD-WXD0C790647206472&ts=1383840361
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT1_WD-WXD0C790647206472&ts=1383840361&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT1_WD-WXD0C790647206472&ts=1383840361&type=default&q={searchTerms}
SearchScopes: HKLM - {E2958F71-2B50-4864-811E-2F39556414E9} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT1_WD-WXD0C790647206472&ts=1383840361&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT1_WD-WXD0C790647206472&ts=1383840361&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {E2958F71-2B50-4864-811E-2F39556414E9} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.dalesearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1CDA0CEEE699CB7F&affID=124440&tsp=5008
SearchScopes: HKCU - {E2958F71-2B50-4864-811E-2F39556414E9} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl
BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SaveClicker - {E3F3FD3E-0573-D121-9A5D-F6E1CE8A5AAF} - C:\Program Files (x86)\SaveClicker\Me.x64.dll ()
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Bizzybolt - {13070af0-bc6c-4185-8baa-40a4cf05b323} - C:\Program Files (x86)\Bizzybolt\Bizzyboltbho.dll (Bizzybolt)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File
BHO-x32: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SaveClicker - {E3F3FD3E-0573-D121-9A5D-F6E1CE8A5AAF} - C:\Program Files (x86)\SaveClicker\Me.dll ()
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {00000000-5736-4205-0008-F7ED0776FB27} -  No File
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.20.5.50

FireFox:
========
FF ProfilePath: C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.onet.pl/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin8.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\searchplugins\delta.xml
FF Extension: vis - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2014-01-21]
FF Extension: British English Dictionary - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\Extensions\en-GB@dictionaries.addons.mozilla.org [2010-12-11]
FF Extension: Conduit Engine  - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\Extensions\engine@conduit.com [2011-03-25]
FF Extension: SaveClicker - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\Extensions\ikdrvuaizwr@oudgcxpq.edu [2014-01-05]
FF Extension: WebSite Recommendation - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\Extensions\WebSiteRecommendation@weliketheweb.com [2013-12-27]
FF Extension: DownloadHelper - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-27]
FF Extension: Default Tab - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\Extensions\addon@defaulttab.com.xpi [2013-07-11]
FF Extension: Bizzybolt - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\Extensions\firefox@bizzybolt.co.xpi [2013-11-20]
FF Extension: Fast Video Download (with SearchMenu) - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\Extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi [2011-05-17]
FF Extension: Adblock Plus - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]
FF Extension: Download Manager Tweak - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\w2upvj7i.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2013-01-15]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-07-12]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-03]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext [2010-06-04]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-07-12]

Chrome: 
=======
CHR Extension: (SaveClicker) - C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahabklelameaocpgjgihppfndjnceabk [2014-01-05]
CHR Extension: (No Name) - C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab [2014-01-21]
CHR Extension: (SaveClicker) - C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfalnjffmbnmibbmdjjopodgecgkfjn [2014-01-05]
CHR Extension: (No Name) - C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj [2013-09-29]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [pialekdjmfmckiccfkgbbgphficjdekh] - C:\Users\Maciek\AppData\Roaming\BabSolution\CR\dalesearch.crx [2013-09-18]

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 Update Bizzybolt; C:\Program Files (x86)\Bizzybolt\updateBizzybolt.exe [66848 2013-11-20] ()
R2 vfsFPService; C:\Windows\system32\vfsFPService.exe [721712 2009-06-03] (Validity Sensors, Inc.)
R2 vfsFPService; C:\Windows\SysWOW64\vfsFPService.exe [599344 2009-06-03] (Validity Sensors, Inc.)

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-08-11] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-08-11] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-12-27] ()
U4 eabfiltr; 
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
U3 kwrdrpog; \??\C:\Users\Maciek\AppData\Local\Temp\kwrdrpog.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-27 10:27 - 2014-01-27 10:27 - 00024191 _____ C:\Users\Maciek\Downloads\FRST.txt
2014-01-27 10:27 - 2014-01-27 10:27 - 00000000 ____D C:\FRST
2014-01-27 10:17 - 2014-01-27 10:23 - 02078208 _____ (Farbar) C:\Users\Maciek\Downloads\FRST64.exe
2014-01-27 08:52 - 2014-01-27 08:52 - 00117904 _____ C:\Users\Maciek\Downloads\Extras.Txt
2014-01-27 08:48 - 2014-01-27 08:48 - 00106000 _____ C:\Users\Maciek\Downloads\OTL.Txt
2014-01-27 08:29 - 2014-01-27 08:30 - 00380416 _____ C:\Users\Maciek\Downloads\wzur15ju.exe
2014-01-27 08:29 - 2014-01-27 08:29 - 00602112 _____ (OldTimer Tools) C:\Users\Maciek\Downloads\OTL.exe
2014-01-27 05:49 - 2014-01-27 05:49 - 00000000 ____H C:\ProgramData\cm-lock
2014-01-25 12:23 - 2014-01-25 12:25 - 00971534 _____ C:\Users\Maciek\Downloads\xplore_symbian_lcg_1_52.zip
2014-01-25 12:22 - 2014-01-25 12:23 - 00571070 _____ C:\Users\Maciek\Downloads\xvi32.zip
2014-01-24 11:01 - 2014-01-27 10:27 - 00005712 _____ C:\Windows\setupact.log
2014-01-24 11:01 - 2014-01-24 11:01 - 00000000 _____ C:\Windows\setuperr.log
2014-01-21 13:01 - 2014-01-21 13:01 - 00000000 ____D C:\Users\Maciek\AppData\Roaming\Windows Net Data
2014-01-21 12:56 - 2014-01-21 12:56 - 00401736 _____ (Softonic                                        ) C:\Users\Maciek\Downloads\SoftonicDownloader_for_cain-abel.exe
2014-01-21 12:53 - 2014-01-21 12:54 - 03447205 _____ C:\Users\Maciek\Downloads\aircrack-ng-1.2-beta2.tar.gz
2014-01-20 08:36 - 2014-01-20 08:36 - 00000000 ____D C:\Users\Maciek\Downloads\hydra-7.6(1)
2014-01-20 08:35 - 2014-01-20 08:36 - 00557045 _____ C:\Users\Maciek\Downloads\hydra-7.6(1).tar.gz
2014-01-20 08:25 - 2014-01-20 08:25 - 00557045 _____ C:\Users\Maciek\Downloads\hydra-7.6.tar.gz
2014-01-20 08:14 - 2014-01-20 08:14 - 00000000 ____D C:\Program Files (x86)\WinPcap
2014-01-20 08:11 - 2014-01-20 08:13 - 08074686 _____ C:\Users\Maciek\Downloads\ca_setup.exe
2014-01-20 08:10 - 2014-01-20 08:10 - 00003140 _____ C:\Windows\System32\Tasks\{1ACFCBDB-325E-4994-8827-2E5C3D2BDB06}
2014-01-20 08:06 - 2014-01-20 08:07 - 03936725 _____ C:\Users\Maciek\Downloads\john179j5w.zip
2014-01-20 08:02 - 2014-01-20 08:02 - 02076892 _____ C:\Users\Maciek\Downloads\john179w2.zip
2014-01-20 07:37 - 2014-01-20 07:37 - 00157573 _____ C:\Users\Maciek\Downloads\brutus-the-remote-password-cracker(1).zip
2014-01-20 07:23 - 2014-01-20 07:23 - 00157573 _____ C:\Users\Maciek\Downloads\brutus-the-remote-password-cracker.zip
2014-01-20 06:57 - 2014-01-20 06:57 - 00338947 _____ C:\Users\Maciek\Downloads\brutus-aet2.zip
2014-01-19 06:03 - 2014-01-24 09:13 - 00000000 ____D C:\Users\Maciek\Desktop\Okna
2014-01-12 13:15 - 2014-01-12 13:15 - 00002387 _____ C:\Users\Maciek\AppData\Local\recently-used.xbel
2014-01-11 19:44 - 2014-01-12 08:18 - 02764500 _____ C:\Users\Maciek\Documents\Ogródek projekt.xcf
2014-01-05 06:50 - 2014-01-05 06:54 - 04737166 _____ (Fachgebiet Bauphysik & Solarenergie, Universität Siegen     ) C:\Users\Maciek\Downloads\CASAnova_Setup.exe
2014-01-05 06:44 - 2014-01-05 15:34 - 00000000 ____D C:\Program Files (x86)\CASAnova
2014-01-05 06:05 - 2014-01-05 06:16 - 00000000 ____D C:\Program Files (x86)\IminentToolbar
2014-01-05 06:03 - 2014-01-27 05:49 - 00000358 ____H C:\Windows\Tasks\couponsupport-S-649636217.job
2014-01-05 06:03 - 2014-01-05 06:05 - 00000000 ____D C:\Support
2014-01-05 06:03 - 2014-01-05 06:03 - 00002604 _____ C:\Windows\System32\Tasks\couponsupport-S-649636217
2014-01-05 06:03 - 2014-01-05 06:03 - 00000000 ____D C:\Program Files (x86)\PSupport
2014-01-05 06:01 - 2014-01-05 06:02 - 00000000 ____D C:\ProgramData\a56c2342e434e434
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Casanova Demo
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Maciek\AppData\Local\Torch
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Maciek\AppData\Local\Packages
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Maciek\AppData\Local\Comodo
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Google
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\HomeGroupUser$
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Gość\AppData\Local\Torch
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Gość\AppData\Local\Google
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Gość\AppData\Local\Comodo
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Gość
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Administrator\AppData\Local\Torch
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comodo
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Administrator
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\ProgramData\SaveClicker
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Program Files (x86)\SaveClicker
2014-01-05 05:56 - 2014-01-05 05:56 - 00000000 ____D C:\Program Files (x86)\Bizzybolt
2014-01-04 16:24 - 2014-01-04 16:24 - 00315257 _____ C:\Users\Maciek\Downloads\Nasz dom 1.xlsx

==================== One Month Modified Files and Folders =======

2014-01-27 10:27 - 2014-01-27 10:27 - 00024191 _____ C:\Users\Maciek\Downloads\FRST.txt
2014-01-27 10:27 - 2014-01-27 10:27 - 00000000 ____D C:\FRST
2014-01-27 10:27 - 2014-01-24 11:01 - 00005712 _____ C:\Windows\setupact.log
2014-01-27 10:23 - 2014-01-27 10:17 - 02078208 _____ (Farbar) C:\Users\Maciek\Downloads\FRST64.exe
2014-01-27 09:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2014-01-27 09:45 - 2012-10-02 04:01 - 00415866 _____ C:\Windows\WindowsUpdate.log
2014-01-27 08:52 - 2014-01-27 08:52 - 00117904 _____ C:\Users\Maciek\Downloads\Extras.Txt
2014-01-27 08:48 - 2014-01-27 08:48 - 00106000 _____ C:\Users\Maciek\Downloads\OTL.Txt
2014-01-27 08:38 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-27 08:38 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-27 08:30 - 2014-01-27 08:29 - 00380416 _____ C:\Users\Maciek\Downloads\wzur15ju.exe
2014-01-27 08:29 - 2014-01-27 08:29 - 00602112 _____ (OldTimer Tools) C:\Users\Maciek\Downloads\OTL.exe
2014-01-27 05:54 - 2009-09-18 06:29 - 00738192 _____ C:\Windows\system32\perfh015.dat
2014-01-27 05:54 - 2009-09-18 06:29 - 00154848 _____ C:\Windows\system32\perfc015.dat
2014-01-27 05:54 - 2009-07-14 06:13 - 01663412 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-27 05:51 - 2012-11-06 09:17 - 00000000 ____D C:\Users\Maciek\AppData\Roaming\GG
2014-01-27 05:49 - 2014-01-27 05:49 - 00000000 ____H C:\ProgramData\cm-lock
2014-01-27 05:49 - 2014-01-05 06:03 - 00000358 ____H C:\Windows\Tasks\couponsupport-S-649636217.job
2014-01-27 05:49 - 2011-08-19 13:13 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2014-01-27 05:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-25 12:25 - 2014-01-25 12:23 - 00971534 _____ C:\Users\Maciek\Downloads\xplore_symbian_lcg_1_52.zip
2014-01-25 12:23 - 2014-01-25 12:22 - 00571070 _____ C:\Users\Maciek\Downloads\xvi32.zip
2014-01-24 11:01 - 2014-01-24 11:01 - 00000000 _____ C:\Windows\setuperr.log
2014-01-24 09:13 - 2014-01-19 06:03 - 00000000 ____D C:\Users\Maciek\Desktop\Okna
2014-01-23 12:00 - 2010-06-03 10:34 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2014-01-23 11:59 - 2011-11-20 04:40 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-21 13:01 - 2014-01-21 13:01 - 00000000 ____D C:\Users\Maciek\AppData\Roaming\Windows Net Data
2014-01-21 12:56 - 2014-01-21 12:56 - 00401736 _____ (Softonic                                        ) C:\Users\Maciek\Downloads\SoftonicDownloader_for_cain-abel.exe
2014-01-21 12:54 - 2014-01-21 12:53 - 03447205 _____ C:\Users\Maciek\Downloads\aircrack-ng-1.2-beta2.tar.gz
2014-01-20 08:36 - 2014-01-20 08:36 - 00000000 ____D C:\Users\Maciek\Downloads\hydra-7.6(1)
2014-01-20 08:36 - 2014-01-20 08:35 - 00557045 _____ C:\Users\Maciek\Downloads\hydra-7.6(1).tar.gz
2014-01-20 08:25 - 2014-01-20 08:25 - 00557045 _____ C:\Users\Maciek\Downloads\hydra-7.6.tar.gz
2014-01-20 08:14 - 2014-01-20 08:14 - 00000000 ____D C:\Program Files (x86)\WinPcap
2014-01-20 08:13 - 2014-01-20 08:11 - 08074686 _____ C:\Users\Maciek\Downloads\ca_setup.exe
2014-01-20 08:10 - 2014-01-20 08:10 - 00003140 _____ C:\Windows\System32\Tasks\{1ACFCBDB-325E-4994-8827-2E5C3D2BDB06}
2014-01-20 08:07 - 2014-01-20 08:06 - 03936725 _____ C:\Users\Maciek\Downloads\john179j5w.zip
2014-01-20 08:02 - 2014-01-20 08:02 - 02076892 _____ C:\Users\Maciek\Downloads\john179w2.zip
2014-01-20 07:37 - 2014-01-20 07:37 - 00157573 _____ C:\Users\Maciek\Downloads\brutus-the-remote-password-cracker(1).zip
2014-01-20 07:35 - 2010-05-28 09:47 - 00000000 ___RD C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-20 07:23 - 2014-01-20 07:23 - 00157573 _____ C:\Users\Maciek\Downloads\brutus-the-remote-password-cracker.zip
2014-01-20 07:23 - 2010-05-28 10:53 - 00000000 ____D C:\Users\Maciek\AppData\Roaming\Adobe
2014-01-20 06:57 - 2014-01-20 06:57 - 00338947 _____ C:\Users\Maciek\Downloads\brutus-aet2.zip
2014-01-14 18:44 - 2011-09-16 12:20 - 00000000 ____D C:\Program Files (x86)\Wiedźmin 2
2014-01-12 16:22 - 2013-04-08 17:09 - 00000000 ____D C:\Users\Maciek\Desktop\M71
2014-01-12 13:32 - 2012-09-19 01:24 - 00000000 ____D C:\Users\Maciek\.gimp-2.8
2014-01-12 13:15 - 2014-01-12 13:15 - 00002387 _____ C:\Users\Maciek\AppData\Local\recently-used.xbel
2014-01-12 08:18 - 2014-01-11 19:44 - 02764500 _____ C:\Users\Maciek\Documents\Ogródek projekt.xcf
2014-01-08 05:38 - 2013-06-09 19:12 - 00000000 ____D C:\Users\Maciek\Desktop\moje prace
2014-01-07 07:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-06 09:33 - 2013-12-27 20:11 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForMaciek.job
2014-01-06 07:43 - 2013-12-27 20:11 - 00003194 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMaciek
2014-01-06 07:43 - 2013-09-18 00:01 - 00003414 _____ C:\Windows\System32\Tasks\EPUpdater
2014-01-06 07:43 - 2013-01-14 11:12 - 00003358 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2217048273-749565549-1661794791-1001
2014-01-06 07:43 - 2013-01-11 10:26 - 00003226 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2217048273-749565549-1661794791-1001
2014-01-05 15:34 - 2014-01-05 06:44 - 00000000 ____D C:\Program Files (x86)\CASAnova
2014-01-05 14:30 - 2010-05-28 09:21 - 00000000 ____D C:\Users\Maciek
2014-01-05 06:54 - 2014-01-05 06:50 - 04737166 _____ (Fachgebiet Bauphysik & Solarenergie, Universität Siegen     ) C:\Users\Maciek\Downloads\CASAnova_Setup.exe
2014-01-05 06:21 - 2010-05-28 09:48 - 00001421 _____ C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-05 06:16 - 2014-01-05 06:05 - 00000000 ____D C:\Program Files (x86)\IminentToolbar
2014-01-05 06:05 - 2014-01-05 06:03 - 00000000 ____D C:\Support
2014-01-05 06:03 - 2014-01-05 06:03 - 00002604 _____ C:\Windows\System32\Tasks\couponsupport-S-649636217
2014-01-05 06:03 - 2014-01-05 06:03 - 00000000 ____D C:\Program Files (x86)\PSupport
2014-01-05 06:02 - 2014-01-05 06:01 - 00000000 ____D C:\ProgramData\a56c2342e434e434
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Casanova Demo
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Maciek\AppData\Local\Torch
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Maciek\AppData\Local\Packages
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Maciek\AppData\Local\Comodo
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Google
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\HomeGroupUser$
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Gość\AppData\Local\Torch
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Gość\AppData\Local\Google
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Gość\AppData\Local\Comodo
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Gość
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Administrator\AppData\Local\Torch
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comodo
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Users\Administrator
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\ProgramData\SaveClicker
2014-01-05 06:01 - 2014-01-05 06:01 - 00000000 ____D C:\Program Files (x86)\SaveClicker
2014-01-05 06:01 - 2010-06-02 12:38 - 00000000 ____D C:\Users\Maciek\AppData\Local\Google
2014-01-05 05:56 - 2014-01-05 05:56 - 00000000 ____D C:\Program Files (x86)\Bizzybolt
2014-01-04 16:24 - 2014-01-04 16:24 - 00315257 _____ C:\Users\Maciek\Downloads\Nasz dom 1.xlsx
2014-01-04 15:41 - 2012-11-06 09:16 - 00000000 ____D C:\Users\Maciek\AppData\Local\GG
2013-12-29 11:05 - 2012-11-06 09:19 - 00000000 ___SD C:\Users\Maciek\GG dysk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 06:47

==================== End Of Log ============================