Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-04-2014 01
Ran by Ela (administrator) on MONIKA-PC on 12-04-2014 20:55:56
Running from C:\Users\Ela\Desktop\logi
Microsoft® Windows Vista™ Home Basic  Service Pack 1 (X86) OS Language: Polish
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Somoto LTD) C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(Fujitsu Technology Solutions) C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Somoto LTD) C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(Somoto LTD) C:\Program Files\Movies Toolbar\SafetyNut\safetynut.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
() C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Somoto) C:\Users\Ela\AppData\Local\FilesFrog Update Checker\update_checker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Fujitsu Technology Solutions) C:\Program Files\Fujitsu OSD Utility\OSDUtility.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Users\Ela\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files\Google\Update\Install\{D273F005-0ECF-4FB8-8B16-27570BC684E9}\34.0.1847.116_chrome_installer.exe
(Google Inc.) C:\Windows\TEMP\CR_233C4.tmp\setup.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6609440 2008-10-31] (Realtek Semiconductor)
HKLM\...\Run: [Fujitsu OSD Utility] - C:\Program Files\Fujitsu OSD Utility\OSDUtility.exe [733184 2009-04-03] (Fujitsu Technology Solutions)
HKLM\...\Policies\Explorer\Run: [61029] - C:\PROGRA~2\LOCALS~1\Temp\ccqmkzdie.pif No File
HKU\.DEFAULT\...\Run: [Picasa Media Detector] - C:\Program Files\Picasa2\PicasaMediaDetector.exe [443968 2008-02-26] (Google Inc.)
HKU\.DEFAULT\...\Run: [fts-reg] - c:\fts-reg\ftsreg.exe
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1707032505-553885810-4120097439-1002\...\Run: [FLV Player] - C:\Users\Ela\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-26] ()
HKU\S-1-5-21-1707032505-553885810-4120097439-1002\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe [841096 2014-03-13] (Adobe Systems Incorporated)
HKU\S-1-5-21-1707032505-553885810-4120097439-1002\...\CurrentVersion\Windows: [Load] C:\Users\Ela\LOCALS~1\Temp\cclyyuoom.exe <===== ATTENTION
HKU\S-1-5-21-1707032505-553885810-4120097439-1002\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-1707032505-553885810-4120097439-1002\...\MountPoints2: {15cc391b-b3f8-11e1-985b-806e6f6e6963} - G:\application\Setup.exe
HKU\S-1-5-21-1707032505-553885810-4120097439-1002\...\MountPoints2: {2075a5c7-a74b-11e1-ac1e-001e101f1ed9} - G:\AutoRun.exe
HKU\S-1-5-21-1707032505-553885810-4120097439-1002\...\MountPoints2: {44e31e40-658f-11e2-a375-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-1707032505-553885810-4120097439-1002\...\MountPoints2: {f38225fd-2072-11e3-8342-00238bf1c9cd} - G:\start.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\safetynut\x64\safetycrt.dll
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\SafetyNut\safetycrt.dll [490504 2014-04-07] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10640A&gct=hp&d=473-108&v=a12281-257&t=4
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.pl/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
URLSearchHook: HKLM - gry Toolbar - {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - C:\Program Files\gry\prxtbgry.dll (Conduit Ltd.)
URLSearchHook: HKCU - gry Toolbar - {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - C:\Program Files\gry\prxtbgry.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2417076
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=108&systemid=473&v=a12281-257&apn_uid=6870899205544012&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2417076
SearchScopes: HKLM - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
SearchScopes: HKCU - {0388404D-6072-4CEB-B521-8F090FEAEE57} URL = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=PL&install_date=20110815&user_guid=91B0C43CB494414385882BABE5096E2A&machine_id=c021039c160099d988692e42b99f78a9&browser=IE&os=win&os_version=6.0-x86-SP1&iesrc={referrer:source}
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^PL&apn_uid=3A0A0ACA-68CB-4487-8D1F-1530291D4DCA&apn_sauid=F913F490-E9DE-4153-9306-543626F7A891
SearchScopes: HKCU - {3E9089D4-4E67-462F-9EC2-BE96D002B3A6} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=108&systemid=473&v=a12281-257&apn_uid=6870899205544012&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2417076
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: gry Toolbar - {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - C:\Program Files\gry\prxtbgry.dll (Conduit Ltd.)
BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
BHO: Movies Toolbar (Dist. by Somoto Ltd.) - {c75a2d66-6d1d-4735-8f63-9d85dcc026a6} - C:\PROGRA~1\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - gry Toolbar - {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - C:\Program Files\gry\prxtbgry.dll (Conduit Ltd.)
Toolbar: HKLM - Movies Toolbar (Dist. by Somoto Ltd.) - {c75a2d66-6d1d-4735-8f63-9d85dcc026a6} - C:\PROGRA~1\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll No File
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKCU - gry Toolbar - {8532A8B7-C06A-41BB-936A-8CE73E4711ED} - C:\Program Files\gry\prxtbgry.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ela\AppData\Roaming\Mozilla\Firefox\Profiles\ogygjrv0.default-1397220814751
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Ela\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Ask.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-07-01]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-07-01]

Chrome: 
=======
CHR HomePage: hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-108&v=a12281-257&t=4
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask.com
CHR DefaultSearchURL: http://dts.search.ask.com/sr?src=crb&gct=ds&appid=108&systemid=473&v=a12281-257&apn_uid=6870899205544012&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (AVG Internet Security) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Extension: (Movies Toolbar) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic [2014-02-13]
CHR Extension: (Dysk Google) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-08]
CHR Extension: (YouTube) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-08]
CHR Extension: (Szukaj w Google) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-08]
CHR Extension: (DealPly) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje [2013-05-24]
CHR Extension: (Google Wallet) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-08]
CHR HKLM\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Users\Ela\AppData\Local\somotomoviestoolbar181\GC\toolbar.crx [2014-01-24]
CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx [2012-05-09]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG10\Chrome\safesearch.crx [2012-05-09]
CHR HKCU\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx [2012-05-09]

========================== Services (Whitelisted) =================

R2 SafetyNutManager; C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe [3544072 2014-04-07] (Somoto LTD)
R2 TestHandler; C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Technology Solutions)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [237056 2010-09-08] (WDC)
R2 WDFME; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1034752 2010-09-08] ()
R2 WDSC; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [484352 2010-09-08] ()

==================== Drivers (Whitelisted) ====================

S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [173576 2008-05-27] (AMD Technologies Inc.)
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files\Movies Toolbar\SafetyNut\configmgrc1.cfg [31104 2014-04-07] (Somoto LTD)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2009-12-22] ()
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)
S3 nokiacpo; C:\Windows\System32\DRIVERS\nokiacpo.sys [19968 2009-08-05] (Icera Inc.)
S3 nokiappo; C:\Windows\System32\DRIVERS\nokiappo.sys [27648 2009-08-05] (Icera Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-01-23] (Duplex Secure Ltd.)
S3 adusbser; system32\DRIVERS\adusbser.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 DlinkUDSMBus; System32\Drivers\DlinkUDSMBus.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-12 20:55 - 2014-04-12 20:55 - 00000000 ____D () C:\FRST
2014-04-12 19:57 - 2014-04-12 20:55 - 00000000 ____D () C:\Users\Ela\Desktop\logi
2014-04-12 19:52 - 2014-04-12 19:52 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-12 19:51 - 2014-04-12 19:51 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-12 19:51 - 2014-04-12 19:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-12 19:51 - 2014-04-12 19:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-12 19:51 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-12 19:51 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-12 19:51 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-12 19:50 - 2014-04-12 19:51 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ela\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-11 15:43 - 2014-04-13 05:43 - 00000000 ____D () C:\2f5f2c55b3a59f517a823cff9a010f29
2014-04-11 15:43 - 2014-04-11 15:43 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-04-11 15:28 - 2014-04-11 15:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 15:14 - 2014-04-11 15:42 - 00002122 _____ () C:\Windows\epplauncher.mif
2014-04-11 15:08 - 2014-04-11 15:09 - 11270488 _____ (Microsoft Corporation) C:\Users\Ela\Downloads\mseinstall.exe
2014-04-11 14:56 - 2014-04-11 15:04 - 00678425 _____ () C:\Users\Ela\Downloads\avgremover.log
2014-04-11 14:56 - 2014-04-11 14:56 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Ela\Downloads\avg_remover_stf_x86_2014_4116.exe
2014-04-11 14:48 - 2011-04-12 16:53 - 00890368 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 05:33 - 2014-04-12 20:54 - 00000000 ____D () C:\ProgramData\SafetyNut
2014-04-01 16:59 - 2014-04-01 16:59 - 00773120 _____ () C:\Users\Ela\Downloads\Wykaz ulic w obwodach szkół podstawowych.xls
2014-04-01 16:59 - 2014-04-01 16:59 - 00773120 _____ () C:\Users\Ela\Downloads\Wykaz ulic w obwodach szkół podstawowych (1).xls
2014-04-01 15:45 - 2014-04-01 16:18 - 00000000 ____D () C:\Users\Ela\Desktop\Nowy folder
2014-03-23 10:08 - 2010-04-27 16:19 - 01214976 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athr.sys

==================== One Month Modified Files and Folders =======

2014-04-13 05:43 - 2014-04-11 15:43 - 00000000 ____D () C:\2f5f2c55b3a59f517a823cff9a010f29
2014-04-13 05:43 - 2010-03-13 22:32 - 00000000 ____D () C:\Users\Ela
2014-04-13 05:43 - 2010-03-13 22:17 - 00000000 ____D () C:\Users\Marta
2014-04-13 05:43 - 2009-05-07 16:35 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-04-13 05:43 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool
2014-04-13 05:43 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-04-13 05:43 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2014-04-13 05:43 - 2006-11-02 12:22 - 41156608 _____ () C:\Windows\system32\config\software_previous
2014-04-13 05:43 - 2006-11-02 12:22 - 25427968 _____ () C:\Windows\system32\config\system_previous
2014-04-13 05:39 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-04-13 05:39 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-04-12 20:56 - 2012-09-23 18:55 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-12 20:55 - 2014-04-12 20:55 - 00000000 ____D () C:\FRST
2014-04-12 20:55 - 2014-04-12 19:57 - 00000000 ____D () C:\Users\Ela\Desktop\logi
2014-04-12 20:55 - 2010-06-12 21:18 - 00000418 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7D8B24FF-76E7-4850-A0EF-B1007AA121E3}.job
2014-04-12 20:54 - 2014-04-08 05:33 - 00000000 ____D () C:\ProgramData\SafetyNut
2014-04-12 20:39 - 2010-05-06 16:10 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1000UA.job
2014-04-12 20:31 - 2012-12-12 18:16 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-12 20:28 - 2010-03-14 03:29 - 01701848 _____ () C:\Windows\WindowsUpdate.log
2014-04-12 20:25 - 2013-09-16 17:20 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1002UA.job
2014-04-12 19:52 - 2014-04-12 19:52 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-12 19:51 - 2014-04-12 19:51 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-12 19:51 - 2014-04-12 19:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-12 19:51 - 2014-04-12 19:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-12 19:51 - 2014-04-12 19:50 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ela\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-12 19:46 - 2012-09-23 18:55 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-12 19:46 - 2006-11-02 14:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-12 19:46 - 2006-11-02 14:45 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-12 19:46 - 2006-11-02 14:45 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-12 19:34 - 2012-06-28 22:23 - 00047628 _____ () C:\Windows\PFRO.log
2014-04-12 19:32 - 2006-11-02 12:22 - 40108032 _____ () C:\Windows\system32\config\components_previous
2014-04-12 19:32 - 2006-11-02 12:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2014-04-11 16:34 - 2012-07-26 21:51 - 00102857 _____ () C:\Windows\setupact.log
2014-04-11 15:43 - 2014-04-11 15:43 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-04-11 15:42 - 2014-04-11 15:14 - 00002122 _____ () C:\Windows\epplauncher.mif
2014-04-11 15:33 - 2006-11-02 14:58 - 00032548 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-11 15:33 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-04-11 15:32 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-11 15:32 - 2006-11-02 12:23 - 00000275 _____ () C:\Windows\win.ini
2014-04-11 15:31 - 2014-04-11 15:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 15:28 - 2013-01-18 21:34 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1001UA.job
2014-04-11 15:09 - 2014-04-11 15:08 - 11270488 _____ (Microsoft Corporation) C:\Users\Ela\Downloads\mseinstall.exe
2014-04-11 15:04 - 2014-04-11 14:56 - 00678425 _____ () C:\Users\Ela\Downloads\avgremover.log
2014-04-11 14:56 - 2014-04-11 14:56 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Ela\Downloads\avg_remover_stf_x86_2014_4116.exe
2014-04-11 14:49 - 2012-06-28 21:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-10 19:02 - 2013-06-12 17:33 - 00002475 _____ () C:\Users\Ela\Desktop\Microsoft Word.lnk
2014-04-10 18:28 - 2013-01-18 21:34 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1001Core.job
2014-04-10 17:49 - 2010-04-17 15:04 - 00090112 _____ () C:\Users\Ela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-10 17:48 - 2008-04-14 15:04 - 01495264 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 17:48 - 2008-04-14 14:21 - 00672140 _____ () C:\Windows\system32\perfh015.dat
2014-04-10 17:48 - 2008-04-14 14:21 - 00130516 _____ () C:\Windows\system32\perfc015.dat
2014-04-10 17:25 - 2013-09-16 17:20 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1002Core.job
2014-04-06 18:36 - 2013-05-02 19:01 - 00000000 ____D () C:\Program Files\Pando Networks
2014-04-06 16:17 - 2010-12-23 20:37 - 00000000 ____D () C:\Program Files\Java
2014-04-06 16:11 - 2009-05-07 16:39 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-05 21:06 - 2013-02-03 22:06 - 00000000 ____D () C:\Program Files\DealPly
2014-04-03 09:51 - 2014-04-12 19:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-12 19:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-12 19:51 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-01 16:59 - 2014-04-01 16:59 - 00773120 _____ () C:\Users\Ela\Downloads\Wykaz ulic w obwodach szkół podstawowych.xls
2014-04-01 16:59 - 2014-04-01 16:59 - 00773120 _____ () C:\Users\Ela\Downloads\Wykaz ulic w obwodach szkół podstawowych (1).xls
2014-04-01 16:18 - 2014-04-01 15:45 - 00000000 ____D () C:\Users\Ela\Desktop\Nowy folder
2014-04-01 16:17 - 2013-06-09 17:07 - 00000000 ____D () C:\Users\Ela\Desktop\ZDJĘCIA - wszystkie pendrive
2014-03-31 03:51 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-03-29 22:06 - 2013-12-19 22:06 - 00000125 _____ () C:\Users\Ela\AppData\Roaming\WB.CFG
2014-03-15 07:39 - 2010-05-06 16:10 - 00001010 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1000Core.job
2014-03-15 05:44 - 2011-04-20 18:50 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 08:31 - 2012-12-12 18:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-13 08:31 - 2012-12-12 18:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Ela\AppData\Local\Temp\2deh_0on.dll
C:\Users\Ela\AppData\Local\Temp\8-axwglc.dll
C:\Users\Ela\AppData\Local\Temp\APNStub.exe
C:\Users\Ela\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Ela\AppData\Local\Temp\bitool.dll
C:\Users\Ela\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Ela\AppData\Local\Temp\cppslllw.dll
C:\Users\Ela\AppData\Local\Temp\Delta.exe
C:\Users\Ela\AppData\Local\Temp\DeltaTB.exe
C:\Users\Ela\AppData\Local\Temp\EAD17B4.exe
C:\Users\Ela\AppData\Local\Temp\EAD1A72.exe
C:\Users\Ela\AppData\Local\Temp\EAD4BDE.exe
C:\Users\Ela\AppData\Local\Temp\EAD4E.exe
C:\Users\Ela\AppData\Local\Temp\EAD4F.exe
C:\Users\Ela\AppData\Local\Temp\EAD50E.exe
C:\Users\Ela\AppData\Local\Temp\EAD532E.exe
C:\Users\Ela\AppData\Local\Temp\EAD60B.exe
C:\Users\Ela\AppData\Local\Temp\EAD65F3.exe
C:\Users\Ela\AppData\Local\Temp\EAD6F55.exe
C:\Users\Ela\AppData\Local\Temp\EAD71A6.exe
C:\Users\Ela\AppData\Local\Temp\EAD7416.exe
C:\Users\Ela\AppData\Local\Temp\EAD74F0.exe
C:\Users\Ela\AppData\Local\Temp\EAD7A1E.exe
C:\Users\Ela\AppData\Local\Temp\EAD8A73.exe
C:\Users\Ela\AppData\Local\Temp\EAD8DEC.exe
C:\Users\Ela\AppData\Local\Temp\EAD9137.exe
C:\Users\Ela\AppData\Local\Temp\EAD9F2B.exe
C:\Users\Ela\AppData\Local\Temp\EADA0D0.exe
C:\Users\Ela\AppData\Local\Temp\EADA62D.exe
C:\Users\Ela\AppData\Local\Temp\EADA811.exe
C:\Users\Ela\AppData\Local\Temp\EADA9E5.exe
C:\Users\Ela\AppData\Local\Temp\EADAA23.exe
C:\Users\Ela\AppData\Local\Temp\EADAFFD.exe
C:\Users\Ela\AppData\Local\Temp\EADB357.exe
C:\Users\Ela\AppData\Local\Temp\EADB605.exe
C:\Users\Ela\AppData\Local\Temp\EADB8F2.exe
C:\Users\Ela\AppData\Local\Temp\EADBA59.exe
C:\Users\Ela\AppData\Local\Temp\EADBD07.exe
C:\Users\Ela\AppData\Local\Temp\EADBE5E.exe
C:\Users\Ela\AppData\Local\Temp\EADBEBC.exe
C:\Users\Ela\AppData\Local\Temp\EADC4E3.exe
C:\Users\Ela\AppData\Local\Temp\EADC669.exe
C:\Users\Ela\AppData\Local\Temp\EADCE75.exe
C:\Users\Ela\AppData\Local\Temp\EADCF20.exe
C:\Users\Ela\AppData\Local\Temp\EADD374.exe
C:\Users\Ela\AppData\Local\Temp\EADD42F.exe
C:\Users\Ela\AppData\Local\Temp\EADD4FA.exe
C:\Users\Ela\AppData\Local\Temp\EADD509.exe
C:\Users\Ela\AppData\Local\Temp\EADD7D7.exe
C:\Users\Ela\AppData\Local\Temp\EADD99B.exe
C:\Users\Ela\AppData\Local\Temp\EADDBEC.exe
C:\Users\Ela\AppData\Local\Temp\EADDCE6.exe
C:\Users\Ela\AppData\Local\Temp\EADE187.exe
C:\Users\Ela\AppData\Local\Temp\EADE771.exe
C:\Users\Ela\AppData\Local\Temp\EADEAAB.exe
C:\Users\Ela\AppData\Local\Temp\EADEB57.exe
C:\Users\Ela\AppData\Local\Temp\EADED79.exe
C:\Users\Ela\AppData\Local\Temp\EADEDA8.exe
C:\Users\Ela\AppData\Local\Temp\EADEDD7.exe
C:\Users\Ela\AppData\Local\Temp\EADF1CD.exe
C:\Users\Ela\AppData\Local\Temp\EADF3EF.exe
C:\Users\Ela\AppData\Local\Temp\EADF42D.exe
C:\Users\Ela\AppData\Local\Temp\EADF4D9.exe
C:\Users\Ela\AppData\Local\Temp\EADF650.exe
C:\Users\Ela\AppData\Local\Temp\EADF890.exe
C:\Users\Ela\AppData\Local\Temp\EADFA64.exe
C:\Users\Ela\AppData\Local\Temp\EADFCC5.exe
C:\Users\Ela\AppData\Local\Temp\EADFD03.exe
C:\Users\Ela\AppData\Local\Temp\EADFD90.exe
C:\Users\Ela\AppData\Local\Temp\EADFDED.exe
C:\Users\Ela\AppData\Local\Temp\EADFE5A.exe
C:\Users\Ela\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Ela\AppData\Local\Temp\j6tuavzy.dll
C:\Users\Ela\AppData\Local\Temp\lb7w7alg.dll
C:\Users\Ela\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Ela\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Ela\AppData\Local\Temp\p2eipdbv.dll
C:\Users\Ela\AppData\Local\Temp\p7m6rnvf.dll
C:\Users\Ela\AppData\Local\Temp\radBA2A4.tmp_update.exe
C:\Users\Ela\AppData\Local\Temp\s6a2w__6.dll
C:\Users\Ela\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Ela\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Ela\AppData\Local\Temp\t.dll
C:\Users\Ela\AppData\Local\Temp\Uninstall.exe
C:\Users\Ela\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Ela\AppData\Local\Temp\uninstaller.exe
C:\Users\Ela\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Ela\AppData\Local\Temp\WhiteLabelSetup.exe
C:\Users\Ela\AppData\Local\Temp\WSSetup.exe
C:\Users\Ela\AppData\Local\Temp\{14F51975-D793-4580-95BE-69061309D72C}-GoogleUpdateB6998767.exe
C:\Users\Marta\AppData\Local\Temp\gg10.upgr.exe
C:\Users\Marta\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marta\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Marta\AppData\Local\Temp\UnityWebPlayer4467338599738517455.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-12 19:51

==================== End Of Log ============================