Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Merix (administrator) on MERIX-KOMPUTER on 09-07-2014 11:50:58
Running from C:\Users\Merix\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxeacoms.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\HDD Password Tool\TosExtSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Kilgray\memoQserver40\MemoQ Server Manager.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
() C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\HDD Password Tool\TosExtCtrl.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(SDL) C:\Program Files (x86)\SDL\SDL MultiTerm\MultiTerm8\MultiTerm Widget.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SDL International) C:\Program Files (x86)\SDL International\SDL Trados Synergy 2007\Synergy.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\Plus Internet\Plus Internet.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Merix\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3179288 2010-01-06] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-17] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-03] (Dell Inc.)
HKLM\...\Run: [lxeamon.exe] => C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe [770728 2011-01-24] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe [148280 2011-01-24] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-12-15] ()
HKLM-x32\...\Run: [Lexmark S300-S400 Series] => C:\Program Files (x86)\Lexmark S300-S400 Series\fm3032.exe [316072 2011-01-24] ()
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-05-27] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Plus Internet] => C:\Program Files (x86)\Plus Internet\PlusInternetChecker.exe [497016 2012-03-13] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-29] (AVAST Software)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] - "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-05] (Dell)
HKU\S-1-5-21-3302502354-795164464-2874845416-1001\...\Run: [ISUSPM] => "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
HKU\S-1-5-21-3302502354-795164464-2874845416-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-3302502354-795164464-2874845416-1001\...\Run: [Google Update] => C:\Users\Merix\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-20] (Google Inc.)
HKU\S-1-5-21-3302502354-795164464-2874845416-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3302502354-795164464-2874845416-1001\...\MountPoints2: E - E:\AutoRun.exe /s
HKU\S-1-5-21-3302502354-795164464-2874845416-1001\...\MountPoints2: F - F:\AutoRun.exe /s
HKU\S-1-5-21-3302502354-795164464-2874845416-1001\...\MountPoints2: {4a74ae6f-2027-11e2-b7eb-f04da28dcedf} - E:\AutoRun.exe /s
HKU\S-1-5-21-3302502354-795164464-2874845416-1001\...\MountPoints2: {faae46e6-a92d-11e2-b7f6-1c659d2d6300} - E:\AutoRun.exe /s
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDD Password Tool.lnk
ShortcutTarget: HDD Password Tool.lnk -> C:\Program Files (x86)\TOSHIBA\HDD Password Tool\TosExtCtrl.exe (TOSHIBA CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SDL MultiTerm 2009 Widget.lnk
ShortcutTarget: SDL MultiTerm 2009 Widget.lnk -> C:\Program Files (x86)\SDL\SDL MultiTerm\MultiTerm8\MultiTerm Widget.exe (SDL)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SDL Trados 2007 Speed Launcher.lnk
ShortcutTarget: SDL Trados 2007 Speed Launcher.lnk -> C:\Program Files (x86)\SDL International\SDL Trados Synergy 2007\Synergy.exe (SDL International)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.msn.com/?ocid=U218DHP&pc=U218
SearchScopes: HKCU - CF9F2CE18B344362BBE5A4BA16DEC9D2 URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=7C4E1C659D2D6300&affID=124798&tt=080913_ctrl&tsp=4999
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Fast Search - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: WebSparkle - {9f56bab3-2739-40ed-a8d0-1451657a9742} - C:\Program Files (x86)\WebSparkle\WebSparkleBHO.dll No File
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 212.2.96.53 212.2.96.54

FireFox:
========
FF ProfilePath: C:\Users\Merix\AppData\Roaming\Mozilla\Firefox\Profiles\ou1k40ni.default-1368718070966
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Merix\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Merix\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Merix\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Merix\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Merix\AppData\Roaming\Mozilla\Firefox\Profiles\ou1k40ni.default-1368718070966\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\Merix\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Merix\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: No Name - C:\Users\Merix\AppData\Roaming\Mozilla\Firefox\Profiles\ou1k40ni.default-1368718070966\Extensions\staged [2014-06-18]
FF Extension: WebSparkle - C:\Users\Merix\AppData\Roaming\Mozilla\Firefox\Profiles\ou1k40ni.default-1368718070966\Extensions\{058899d6-9704-4de3-aae7-17e9fc44c761}.xpi [2014-01-31]
FF Extension: Adblock Plus - C:\Users\Merix\AppData\Roaming\Mozilla\Firefox\Profiles\ou1k40ni.default-1368718070966\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-13]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-01-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-07]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-27]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-27]
FF HKCU\...\Firefox\Extensions: [{88014c0d-a27c-484c-81ef-bf536a6f2a3d}] - C:\Program Files (x86)\BobyLyrics\132.xpi

Chrome: 
=======
CHR DefaultSearchURL: http://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR DefaultNewTabURL: 
CHR Extension: (Dokumenty Google) - C:\Users\Merix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-13]
CHR Extension: (Dysk Google) - C:\Users\Merix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-13]
CHR Extension: (Surf Canyon) - C:\Users\Merix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjagnifjocnddgeknajocbkkhlgibem [2014-05-13]
CHR Extension: (YouTube) - C:\Users\Merix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-13]
CHR Extension: (Szukaj w Google) - C:\Users\Merix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-13]
CHR Extension: (avast! Online Security) - C:\Users\Merix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-30]
CHR Extension: (Google Wallet) - C:\Users\Merix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-13]
CHR Extension: (Gmail) - C:\Users\Merix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-13]
CHR HKLM-x32\...\Chrome\Extension: [bcjagnifjocnddgeknajocbkkhlgibem] - C:\Program Files (x86)\Surf Canyon\surfcanyon.crx [2013-04-17]
CHR HKLM-x32\...\Chrome\Extension: [feehhilecblfddelccfipjokflgjpmad] - C:\Program Files (x86)\BobyLyrics\132.crx [2013-04-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-29]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-10-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-29] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2011-09-27] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )
R2 lxea_device; C:\Windows\SysWOW64\lxeacoms.exe [598696 2010-04-14] ( )
S2 MSSQL$MEMOQSERVER; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MEMOQSERVER\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)
S4 SQLAgent$MEMOQSERVER; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MEMOQSERVER\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TosExtSvc; C:\Program Files (x86)\TOSHIBA\HDD Password Tool\TosExtSvc.exe [1629560 2012-08-19] (TOSHIBA CORPORATION)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-03] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2011-09-06] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2011-09-06] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [35840 2011-09-06] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-29] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [28504 2012-02-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-29] ()
S3 massfilter_lte; C:\Windows\system32\drivers\massfilter_lte.sys [18456 2012-03-13] (HandSet Incorporated)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 TosExt; C:\Windows\System32\Drivers\TosExt.sys [25976 2012-08-19] (TOSHIBA Corporation)
R3 zgdcat; C:\Windows\System32\DRIVERS\zgdcat.sys [130200 2012-03-13] (ZTE Incorporated)
R3 zgdcdiag; C:\Windows\System32\DRIVERS\zgdcdiag.sys [130200 2012-03-13] (ZTE Incorporated)
R3 zgdcmdm; C:\Windows\System32\DRIVERS\zgdcmdm.sys [130200 2012-03-13] (ZTE Incorporated)
R3 zgdcnet; C:\Windows\System32\DRIVERS\zgdcnet.sys [169496 2012-03-13] (ZTE Incorporated)
R3 zgdcnmea; C:\Windows\System32\DRIVERS\zgdcnmea.sys [130200 2012-03-13] (ZTE Incorporated)
R1 {058899d6-9704-4de3-aae7-17e9fc44c761}Gw64; C:\Windows\System32\drivers\{058899d6-9704-4de3-aae7-17e9fc44c761}Gw64.sys [61120 2014-04-24] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-09 11:50 - 2014-07-09 11:51 - 00025758 _____ () C:\Users\Merix\Downloads\FRST.txt
2014-07-09 11:48 - 2014-07-09 11:51 - 00000000 ____D () C:\FRST
2014-07-09 11:47 - 2014-07-09 11:47 - 02084352 _____ (Farbar) C:\Users\Merix\Downloads\FRST64.exe
2014-07-09 11:46 - 2014-07-09 11:47 - 01074688 _____ (Farbar) C:\Users\Merix\Downloads\FRST.exe
2014-07-08 22:10 - 2014-07-08 22:10 - 00000000 ___HD () C:\Users\Merix\Desktop\.Trashes
2014-07-08 22:10 - 2014-07-08 22:10 - 00000000 ___HD () C:\Users\Merix\Desktop\.Spotlight-V100
2014-07-08 22:10 - 2014-07-08 22:10 - 00000000 ___HD () C:\Users\Merix\Desktop\.fseventsd
2014-07-08 21:09 - 2014-07-08 21:10 - 00000000 ____D () C:\Users\Merix\Documents\LOGI
2014-07-08 17:15 - 2014-07-08 17:15 - 00091760 _____ () C:\Users\Merix\Downloads\Extras.Txt
2014-07-08 17:12 - 2014-07-08 17:12 - 00145144 _____ () C:\Users\Merix\Downloads\OTL.Txt
2014-07-08 16:51 - 2014-07-08 16:51 - 00602112 _____ (OldTimer Tools) C:\Users\Merix\Downloads\OTL.exe
2014-07-07 19:40 - 2014-07-09 10:44 - 00000000 ____D () C:\Users\Merix\Documents\EXXON
2014-07-01 20:34 - 2014-07-03 21:37 - 00000000 ____D () C:\Users\Merix\Documents\BIZNES PLAN
2014-07-01 18:33 - 2014-07-01 18:33 - 00805846 _____ () C:\Users\Merix\Downloads\biznesplan_wypelniony.rar
2014-06-30 17:45 - 2014-06-30 17:45 - 00000000 ____D () C:\Users\Merix\AppData\Roaming\AVAST Software
2014-06-29 22:20 - 2014-06-29 22:20 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-06-29 22:20 - 2014-06-29 22:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 22:20 - 2014-06-29 22:20 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-29 22:20 - 2014-06-29 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-29 22:01 - 2014-06-29 22:08 - 91906368 _____ (AVAST Software) C:\Users\Merix\Downloads\avast_free_antivirus_setup.exe
2014-06-29 21:48 - 2014-06-29 21:48 - 00004212 _____ () C:\Users\Merix\Downloads\google (1).csv
2014-06-29 21:44 - 2014-06-29 21:44 - 00004212 _____ () C:\Users\Merix\Downloads\google.csv
2014-06-27 17:11 - 2014-06-27 17:11 - 00000843 _____ () C:\Users\Public\Desktop\ASGRAF EuroTEST 2014 PLUS.lnk
2014-06-27 17:11 - 2014-06-27 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASGRAF
2014-06-27 17:07 - 2014-06-27 17:07 - 00000000 __SHD () C:\Users\Merix\AppData\Local\EmieSiteList
2014-06-27 17:07 - 2014-06-27 17:07 - 00000000 ____D () C:\ASGRAF
2014-06-26 12:57 - 2014-07-09 10:37 - 00000376 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Merix.job
2014-06-26 12:57 - 2014-07-08 15:10 - 00002968 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Merix
2014-06-26 12:57 - 2014-07-08 15:10 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Merix.job
2014-06-26 12:57 - 2014-07-08 14:10 - 00002972 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Merix
2014-06-26 12:57 - 2014-07-08 14:10 - 00000370 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Merix.job
2014-06-26 12:57 - 2014-06-26 12:57 - 00003624 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Merix
2014-06-26 12:57 - 2014-06-26 12:57 - 00002676 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Merix
2014-06-24 10:44 - 2014-06-24 10:44 - 00103424 _____ () C:\Users\Merix\Downloads\'Department Store','Supermarket'.xls
2014-06-24 10:41 - 2014-06-24 10:41 - 00331264 _____ () C:\Users\Merix\Downloads\Foodstuff and Beverages Trading.xls
2014-06-18 15:29 - 2014-06-18 15:29 - 07987314 _____ () C:\Users\Merix\Downloads\MZ presentation 20 December 2013(1).pptx
2014-06-17 14:47 - 2014-06-17 14:47 - 01613069 _____ () C:\Users\Merix\Downloads\Gmail.zip
2014-06-17 10:13 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-17 10:13 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-17 10:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-17 10:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-17 10:13 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-17 10:13 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-17 10:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-17 10:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 12:27 - 2014-06-12 12:27 - 01677549 _____ () C:\Users\Merix\Downloads\logoexalo.zip
2014-06-11 13:55 - 2014-06-11 13:55 - 00000000 ____D () C:\Users\Merix\Documents\Wujek
2014-06-11 12:32 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 12:32 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 12:32 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 12:32 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 12:32 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 12:32 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 12:32 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 12:32 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 12:32 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 12:32 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 12:32 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 12:32 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 12:32 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 12:32 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 12:32 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 12:32 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 12:32 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 12:32 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 12:32 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 12:32 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 12:32 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 12:32 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 12:32 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 12:32 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 12:32 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 12:32 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 12:32 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 12:32 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 12:32 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 12:32 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 12:32 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 12:32 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 12:32 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 12:32 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 12:32 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 12:32 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 12:32 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 12:32 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 12:32 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 12:32 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 12:32 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 12:32 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 12:32 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 12:32 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 12:32 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 12:32 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 12:32 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 12:32 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 12:32 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 12:32 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 12:32 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 12:32 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 12:32 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 12:32 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 12:32 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 12:32 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 12:32 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 12:32 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

==================== One Month Modified Files and Folders =======

2014-07-09 11:51 - 2014-07-09 11:50 - 00025758 _____ () C:\Users\Merix\Downloads\FRST.txt
2014-07-09 11:51 - 2014-07-09 11:48 - 00000000 ____D () C:\FRST
2014-07-09 11:51 - 2010-09-07 19:22 - 01305501 _____ () C:\Windows\WindowsUpdate.log
2014-07-09 11:47 - 2014-07-09 11:47 - 02084352 _____ (Farbar) C:\Users\Merix\Downloads\FRST64.exe
2014-07-09 11:47 - 2014-07-09 11:46 - 01074688 _____ (Farbar) C:\Users\Merix\Downloads\FRST.exe
2014-07-09 11:32 - 2012-03-30 11:12 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-09 11:10 - 2011-04-21 20:16 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-09 10:54 - 2012-05-20 22:35 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3302502354-795164464-2874845416-1001UA.job
2014-07-09 10:53 - 2012-10-27 13:21 - 00119176 _____ () C:\Windows\5A5445_Autorun.log
2014-07-09 10:44 - 2014-07-07 19:40 - 00000000 ____D () C:\Users\Merix\Documents\EXXON
2014-07-09 10:41 - 2009-07-14 06:45 - 00013872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-09 10:41 - 2009-07-14 06:45 - 00013872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-09 10:37 - 2014-06-26 12:57 - 00000376 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Merix.job
2014-07-09 10:37 - 2011-09-10 21:16 - 00175128 _____ () C:\ProgramData\lxeascan.log
2014-07-09 10:37 - 2011-04-21 20:16 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-09 10:37 - 2011-02-20 18:34 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-07-09 10:37 - 2011-02-20 18:34 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-07-09 10:37 - 2010-09-07 20:29 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-07-09 10:33 - 2012-03-02 22:29 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-09 10:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-09 10:32 - 2012-12-31 17:18 - 00055367 _____ () C:\Windows\setupact.log
2014-07-08 22:11 - 2010-09-07 22:12 - 00807312 _____ () C:\Windows\system32\perfh015.dat
2014-07-08 22:11 - 2010-09-07 22:12 - 00181766 _____ () C:\Windows\system32\perfc015.dat
2014-07-08 22:11 - 2009-07-14 07:13 - 01859032 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-08 22:10 - 2014-07-08 22:10 - 00000000 ___HD () C:\Users\Merix\Desktop\.Trashes
2014-07-08 22:10 - 2014-07-08 22:10 - 00000000 ___HD () C:\Users\Merix\Desktop\.Spotlight-V100
2014-07-08 22:10 - 2014-07-08 22:10 - 00000000 ___HD () C:\Users\Merix\Desktop\.fseventsd
2014-07-08 21:32 - 2012-03-30 11:12 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 21:32 - 2012-03-30 11:12 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 21:32 - 2011-05-29 23:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 21:10 - 2014-07-08 21:09 - 00000000 ____D () C:\Users\Merix\Documents\LOGI
2014-07-08 19:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-07-08 17:15 - 2014-07-08 17:15 - 00091760 _____ () C:\Users\Merix\Downloads\Extras.Txt
2014-07-08 17:12 - 2014-07-08 17:12 - 00145144 _____ () C:\Users\Merix\Downloads\OTL.Txt
2014-07-08 16:53 - 2012-05-20 22:35 - 00001006 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3302502354-795164464-2874845416-1001Core.job
2014-07-08 16:51 - 2014-07-08 16:51 - 00602112 _____ (OldTimer Tools) C:\Users\Merix\Downloads\OTL.exe
2014-07-08 16:19 - 2011-04-21 20:15 - 00000000 ____D () C:\Users\Merix\AppData\Roaming\Skype
2014-07-08 15:10 - 2014-06-26 12:57 - 00002968 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Merix
2014-07-08 15:10 - 2014-06-26 12:57 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Merix.job
2014-07-08 14:10 - 2014-06-26 12:57 - 00002972 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Merix
2014-07-08 14:10 - 2014-06-26 12:57 - 00000370 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Merix.job
2014-07-08 11:50 - 2013-03-11 16:47 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-04 17:10 - 2011-09-07 22:03 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-03 21:37 - 2014-07-01 20:34 - 00000000 ____D () C:\Users\Merix\Documents\BIZNES PLAN
2014-07-03 21:37 - 2011-09-10 21:22 - 00001426 _____ () C:\ProgramData\lxea.log
2014-07-01 18:33 - 2014-07-01 18:33 - 00805846 _____ () C:\Users\Merix\Downloads\biznesplan_wypelniony.rar
2014-06-30 17:45 - 2014-06-30 17:45 - 00000000 ____D () C:\Users\Merix\AppData\Roaming\AVAST Software
2014-06-30 17:39 - 2010-09-07 20:26 - 00384312 _____ () C:\Windows\PFRO.log
2014-06-29 22:20 - 2014-06-29 22:20 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-06-29 22:20 - 2014-06-29 22:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 22:20 - 2014-06-29 22:20 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-29 22:20 - 2014-06-29 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-29 22:20 - 2013-03-11 16:47 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-29 22:20 - 2013-03-11 16:47 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-29 22:20 - 2012-03-14 01:57 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-29 22:20 - 2012-02-24 00:57 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-29 22:20 - 2011-09-07 22:03 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-06-29 22:20 - 2011-09-07 22:03 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-29 22:20 - 2011-09-07 22:03 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-29 22:17 - 2011-09-07 22:03 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-29 22:08 - 2014-06-29 22:01 - 91906368 _____ (AVAST Software) C:\Users\Merix\Downloads\avast_free_antivirus_setup.exe
2014-06-29 21:48 - 2014-06-29 21:48 - 00004212 _____ () C:\Users\Merix\Downloads\google (1).csv
2014-06-29 21:44 - 2014-06-29 21:44 - 00004212 _____ () C:\Users\Merix\Downloads\google.csv
2014-06-29 16:53 - 2013-04-28 18:27 - 00389632 ___SH () C:\Users\Merix\Desktop\Thumbs.db
2014-06-28 12:24 - 2013-06-07 15:25 - 00000000 ____D () C:\Users\Merix\Desktop\kor pl
2014-06-27 17:11 - 2014-06-27 17:11 - 00000843 _____ () C:\Users\Public\Desktop\ASGRAF EuroTEST 2014 PLUS.lnk
2014-06-27 17:11 - 2014-06-27 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASGRAF
2014-06-27 17:07 - 2014-06-27 17:07 - 00000000 __SHD () C:\Users\Merix\AppData\Local\EmieSiteList
2014-06-27 17:07 - 2014-06-27 17:07 - 00000000 ____D () C:\ASGRAF
2014-06-26 16:48 - 2012-05-20 22:35 - 00004028 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3302502354-795164464-2874845416-1001UA
2014-06-26 16:48 - 2012-05-20 22:35 - 00003632 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3302502354-795164464-2874845416-1001Core
2014-06-26 12:57 - 2014-06-26 12:57 - 00003624 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Merix
2014-06-26 12:57 - 2014-06-26 12:57 - 00002676 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Merix
2014-06-26 10:05 - 2011-04-21 20:16 - 00004042 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 10:05 - 2011-04-21 20:16 - 00003790 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-24 10:44 - 2014-06-24 10:44 - 00103424 _____ () C:\Users\Merix\Downloads\'Department Store','Supermarket'.xls
2014-06-24 10:41 - 2014-06-24 10:41 - 00331264 _____ () C:\Users\Merix\Downloads\Foodstuff and Beverages Trading.xls
2014-06-18 15:29 - 2014-06-18 15:29 - 07987314 _____ () C:\Users\Merix\Downloads\MZ presentation 20 December 2013(1).pptx
2014-06-18 14:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-18 14:07 - 2014-01-25 13:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 14:47 - 2014-06-17 14:47 - 01613069 _____ () C:\Users\Merix\Downloads\Gmail.zip
2014-06-15 07:06 - 2011-02-22 22:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 13:44 - 2014-05-13 22:21 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 12:27 - 2014-06-12 12:27 - 01677549 _____ () C:\Users\Merix\Downloads\logoexalo.zip
2014-06-11 13:55 - 2014-06-11 13:55 - 00000000 ____D () C:\Users\Merix\Documents\Wujek
2014-06-10 10:05 - 2011-02-20 21:13 - 00000000 ____D () C:\Users\Merix\AppData\Roaming\Mozilla
2014-06-10 09:43 - 2014-05-15 18:51 - 00000000 ____D () C:\Users\Merix\Documents\VINCI CONSTRUCTION

Some content of TEMP:
====================
C:\Users\Merix\AppData\Local\Temp\BobyLyrics.exe
C:\Users\Merix\AppData\Local\Temp\BobyLyrics_1060-1090_v122.exe
C:\Users\Merix\AppData\Local\Temp\DeltaTB.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 14:05

==================== End Of Log ============================