Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-10-2014
Ran by michal (administrator) on MICHAL-TOSH on 12-10-2014 00:52:39
Running from C:\Users\michal\Downloads
Loaded Profile: michal (Available profiles: michal)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(OldTimer Tools) C:\Users\michal\Downloads\OTL (1).exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2929919424-3581435416-278190595-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-09-29] (Electronic Arts)
HKU\S-1-5-21-2929919424-3581435416-278190595-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2929919424-3581435416-278190595-1000\...\Policies\Explorer: [NoWinKeys] 1
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID=226786&Mkt=pl-PL&Src=MSE&Tid=00002D7A&OHP=http%3A%2F%2Fdomredi.com%2F1%2F&OSP=http%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26rls%3Dcom.microsoft%3A%7Blanguage%7D%3A%7Breferrer%3Asource%3F%7D%26ie%3D%7BinputEncoding%7D%26oe%3D%7BoutputEncoding%7D%26sourceid%3Die7%26rlz%3D1I7TSEH%5FplPL397PL397
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 - {513350EB-0065-4CAC-A7BA-2B87F87F57AE} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481033
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {11BEB82F-DAE2-40DF-8E4B-8F8825E74D3B} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
SearchScopes: HKCU - {513350EB-0065-4CAC-A7BA-2B87F87F57AE} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481033
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKCU - {8E267C72-B19A-44DD-BBEA-DC6B66C13AF5} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
SearchScopes: HKCU - {8F5495F4-58B7-40B9-B0B7-6848E764610C} URL = http://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms}
BHO: TinyBHO Class -> {00e71626-0bef-11dc-8314-0864264c9a64} -> C:\Users\michal\AppData\Roaming\DownloaderGold\ieplug.dll ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: TinyBHO Class -> {00e71626-0bef-11dc-8314-0800200c9a66} -> C:\Users\michal\AppData\Roaming\DownloaderGold\ieplug.dll ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {78F3A78C-DFF0-BB26-3802-C5689ACFE07E} ->  No File
BHO-x32: BetTerrPriCeCheuc -> {9EC7F5CB-3A98-9475-FC4C-4010C29429CA} -> C:\ProgramData\BetTerrPriCeCheuc\xd.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npVividasPlayer.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npVividasPlayer.dll ( )
FF Extension: Vividas player plugin - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default\Extensions\player@vividas.com [2011-04-13]
FF Extension: Tab Scope - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default\Extensions\tabscope@xuldev.org [2013-09-08]
FF Extension: Speed Dial - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66} [2013-06-05]
FF Extension: Easy YouTube Video Downloader - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} [2013-07-20]
FF Extension: NASA Night Launch - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default\Extensions\nasanightlaunch@example.com.xpi [2013-09-13]
FF Extension: Tab Scope - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default\Extensions\tabscope@xuldev.org.xpi [2013-08-16]
FF Extension: YouTube to MP3 - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default\Extensions\youtube2mp3@mondayx.de.xpi [2011-07-28]
FF Extension: Flagfox - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-10]
FF Extension: Speed Dial - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2013-09-17]
FF Extension: Download YouTube Videos as MP4 - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-07-04]
FF Extension: Adblock Plus - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-31]
FF Extension: User Agent Switcher - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\tndnfply.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2012-05-26]
FF Extension: ArcaBit Ext. - C:\Program Files (x86)\Mozilla Firefox\extensions\arcabit@www.arcabit.pl [2014-07-23]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR HomePage: Default -> hxxp://search.babylon.com/?affID=112555&tt=4512_1&babsrc=HP_ss&mntrId=c43edba400000000000070f1a10c42de
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=112555&tt=4512_1&babsrc=HP_ss&mntrId=c43edba400000000000070f1a10c42de"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentacje Google) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-05]
CHR Extension: (RapidShare DownloadHelper) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\afpbkpjjkfakdcakapanjoeijlphieei [2014-09-06]
CHR Extension: (Dokumenty Google) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-05]
CHR Extension: (Dysk Google) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-05]
CHR Extension: (YouTube) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-05]
CHR Extension: (Tiles) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpjknlfokkbpdhafbdccnndgchglnfhj [2014-09-06]
CHR Extension: (Szukaj w Google) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-05]
CHR Extension: (Arkusze Google) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-05]
CHR Extension: (Adblock Super) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2014-09-06]
CHR Extension: (Real Madrid Theme) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaccghdncekgcpeiomoaldbbjhpglia [2014-10-05]
CHR Extension: (Google Wallet) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-06]
CHR Extension: (Gmail) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-05]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [File not signed]
S2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116104 2009-08-06] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [247576 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [270616 2014-07-02] (AVG Technologies CZ, s.r.o.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-10-18] () [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-12 00:52 - 2014-10-12 00:52 - 00009813 _____ () C:\Users\michal\Desktop\attach.txt
2014-10-12 00:52 - 2014-10-12 00:51 - 00018818 _____ () C:\Users\michal\Desktop\dds.txt
2014-10-12 00:49 - 2014-10-12 00:49 - 00688992 ____R (Swearware) C:\Users\michal\Downloads\dds.pif
2014-10-12 00:48 - 2014-10-12 00:48 - 00048087 _____ () C:\Users\michal\Desktop\Shortcut.txt
2014-10-12 00:48 - 2014-10-12 00:48 - 00039286 _____ () C:\Users\michal\Desktop\Addition.txt
2014-10-12 00:48 - 2014-10-12 00:48 - 00037297 _____ () C:\Users\michal\Desktop\FRST.txt
2014-10-12 00:47 - 2014-10-12 00:52 - 00048087 _____ () C:\Users\michal\Downloads\Shortcut.txt
2014-10-12 00:45 - 2014-10-12 00:52 - 00039286 _____ () C:\Users\michal\Downloads\Addition.txt
2014-10-12 00:44 - 2014-10-12 00:52 - 00020509 _____ () C:\Users\michal\Downloads\FRST.txt
2014-10-12 00:43 - 2014-10-12 00:52 - 00000000 ___DC () C:\FRST
2014-10-12 00:41 - 2014-10-12 00:42 - 02109952 _____ (Farbar) C:\Users\michal\Downloads\FRST64.exe
2014-10-12 00:38 - 2014-10-12 00:38 - 00099466 _____ () C:\Users\michal\Desktop\OTL.Txt
2014-10-12 00:38 - 2014-10-12 00:38 - 00084978 _____ () C:\Users\michal\Desktop\Extras.Txt
2014-10-12 00:31 - 2014-10-12 00:31 - 00084978 _____ () C:\Users\michal\Downloads\Extras.Txt
2014-10-12 00:28 - 2014-10-12 00:28 - 00099466 _____ () C:\Users\michal\Downloads\OTL.Txt
2014-10-11 23:17 - 2014-10-11 23:17 - 00602112 _____ (OldTimer Tools) C:\Users\michal\Downloads\OTL (1).exe
2014-10-11 23:13 - 2014-10-11 23:13 - 00003276 _____ () C:\Windows\System32\Tasks\{625B20B6-DB2C-4924-9E16-A07D261F2F2E}
2014-10-11 14:46 - 2014-10-11 14:46 - 00000000 ____D () C:\Users\michal\AppData\Local\{581F5762-C116-47A2-950F-1D5E26293408}
2014-10-10 15:02 - 2014-10-10 15:02 - 00000000 ____D () C:\ProgramData\Avg_Update_0914av
2014-10-10 14:58 - 2014-10-10 14:58 - 00000000 ____D () C:\Users\michal\AppData\Roaming\AVG2015
2014-10-10 14:56 - 2014-10-10 14:56 - 00001002 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-10-10 14:56 - 2014-10-10 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-10-10 14:53 - 2014-10-10 14:57 - 00000000 ____D () C:\ProgramData\AVG2015
2014-10-10 14:53 - 2014-10-10 14:53 - 00000000 __HDC () C:\$AVG
2014-10-10 14:51 - 2014-10-10 14:51 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-10 14:48 - 2014-10-10 23:59 - 00000000 ____D () C:\Users\michal\AppData\Local\Avg2015
2014-10-10 14:48 - 2014-10-10 14:48 - 00000000 ____D () C:\Users\michal\AppData\Local\MFAData
2014-10-10 14:45 - 2014-10-10 14:47 - 166267560 _____ (AVG Technologies) C:\Users\michal\Downloads\avg_free_x64_all_2015_5315a8160.exe
2014-10-09 23:00 - 2014-10-09 23:00 - 00602112 _____ (OldTimer Tools) C:\Users\michal\Downloads\OTL.exe
2014-10-09 22:44 - 2014-10-09 22:45 - 01375089 _____ () C:\Users\michal\Downloads\adwcleaner_3.311 (1).exe
2014-10-09 18:04 - 2014-10-09 18:04 - 00000000 ____D () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
2014-10-08 20:22 - 2014-10-08 20:22 - 11429888 _____ () C:\Users\michal\Downloads\Przekładnie mechaniczne.ppt
2014-10-08 20:21 - 2014-10-08 20:21 - 02735616 _____ () C:\Users\michal\Downloads\prezentacja.ppt
2014-10-08 09:31 - 2014-10-08 09:31 - 00599040 _____ () C:\Users\michal\Downloads\nitowanie w pigulce.pps
2014-10-07 09:35 - 2014-10-07 09:35 - 17999246 _____ () C:\Users\michal\Downloads\Pkm T1 - M.D.rar
2014-10-07 09:34 - 2014-10-07 09:34 - 01139712 _____ () C:\Users\michal\Downloads\Łożyska toczne.ppt
2014-10-07 09:33 - 2014-10-07 09:33 - 01544192 _____ () C:\Users\michal\Downloads\PKM - lozyska toczne.ppt
2014-10-05 00:51 - 2014-10-05 00:51 - 00000004 _____ () C:\Users\michal\AppData\Roaming\appdataFr2.bin
2014-10-05 00:46 - 2014-10-05 00:46 - 00044995 ____C () C:\ComboFix.txt
2014-10-05 00:24 - 2014-10-05 00:47 - 00000000 ___DC () C:\ComboFix
2014-10-05 00:19 - 2014-10-05 00:20 - 05582481 ____R (Swearware) C:\Users\michal\Downloads\ComboFix.exe
2014-10-05 00:04 - 2014-10-11 23:57 - 00714788 _____ () C:\Windows\PFRO.log
2014-10-04 23:58 - 2014-10-11 23:54 - 00000000 ___DC () C:\AdwCleaner
2014-10-04 23:57 - 2014-10-04 23:58 - 01375089 _____ () C:\Users\michal\Downloads\adwcleaner_3.311.exe
2014-10-04 23:27 - 2014-10-04 23:27 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\michal\Downloads\yet_another_cleaner_avae.exe
2014-10-03 23:52 - 2014-10-03 23:53 - 00000000 ____D () C:\Users\michal\AppData\Local\{E173D7FB-D7DE-42A1-87A7-01A175ED4615}
2014-10-01 23:52 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 23:52 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 13:23 - 2014-09-29 13:23 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-29 12:33 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-09-29 12:33 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-09-29 12:33 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-09-29 12:33 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-09-29 12:33 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-09-29 12:33 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-09-29 12:33 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-09-29 12:33 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-09-29 12:33 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-09-29 12:33 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-09-29 12:33 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-09-29 12:33 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-09-29 12:33 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-09-29 12:33 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-09-29 12:33 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-09-29 12:33 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-09-29 12:33 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-09-29 12:33 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-09-29 12:33 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-09-29 12:33 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-09-29 12:33 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-09-29 12:33 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-09-29 12:33 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-09-29 12:33 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-09-29 12:33 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-09-29 12:33 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-09-29 12:33 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-09-29 12:33 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-09-29 12:33 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-09-29 12:33 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-09-29 12:33 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-09-29 12:33 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-09-29 12:33 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-09-29 12:33 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-09-29 12:33 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-09-29 12:33 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-09-29 12:33 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-09-29 12:33 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-09-29 12:33 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-09-29 12:33 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-09-29 12:33 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-09-29 12:33 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-09-29 12:33 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-09-29 12:33 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-09-29 12:33 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-09-29 12:33 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-09-29 12:33 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-09-29 12:33 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-09-29 12:14 - 2014-09-29 12:32 - 00025390 _____ () C:\Windows\DirectX.log
2014-09-29 11:21 - 2014-09-29 11:21 - 00000000 ____D () C:\Users\michal\Documents\FIFA 15 Demo
2014-09-29 11:17 - 2014-09-29 11:13 - 00058687 _____ () C:\Users\michal\Desktop\dxcpl.rar
2014-09-29 11:13 - 2014-09-29 11:13 - 00058687 _____ () C:\Users\michal\Downloads\dxcpl.rar
2014-09-29 11:01 - 2014-09-29 11:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-29 10:47 - 2014-09-29 10:52 - 00000000 ____D () C:\Users\michal\AppData\Local\Origin
2014-09-29 10:46 - 2014-09-29 10:46 - 00000986 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-29 10:45 - 2014-09-29 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-29 10:41 - 2014-09-29 10:41 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\michal\Downloads\OriginThinSetup.exe
2014-09-28 20:09 - 2014-09-28 20:09 - 00323542 _____ () C:\Users\michal\Downloads\rozkl_sem_zimowy 14-15 - nowe-sale.xlsx
2014-09-28 20:09 - 2014-09-28 20:09 - 00323542 _____ () C:\Users\michal\Downloads\rozkl_sem_zimowy 14-15 - nowe-sale (1).xlsx
2014-09-28 09:06 - 2014-10-11 23:57 - 00000336 _____ () C:\Windows\setupact.log
2014-09-28 09:06 - 2014-09-28 09:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-25 23:45 - 2014-09-25 23:45 - 00810788 _____ () C:\Users\michal\Downloads\instagram_2014-09-25.zip
2014-09-24 12:32 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 12:32 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 22:58 - 2014-09-23 22:59 - 00000000 ____D () C:\Users\michal\Desktop\Rap

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-12 00:46 - 2009-07-14 06:45 - 00019248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-12 00:46 - 2009-07-14 06:45 - 00019248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-12 00:17 - 2010-09-14 17:13 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-12 00:06 - 2013-09-17 15:58 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-12 00:05 - 2011-12-30 20:36 - 01986790 _____ () C:\Windows\WindowsUpdate.log
2014-10-11 23:59 - 2012-11-02 21:24 - 00000000 ____D () C:\ProgramData\Origin
2014-10-11 23:58 - 2013-09-04 15:23 - 00000000 ____D () C:\Users\michal\AppData\Local\HTC MediaHub
2014-10-11 23:57 - 2012-11-02 21:23 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-11 23:57 - 2010-09-14 17:13 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-11 23:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-11 23:21 - 2011-03-23 20:29 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-11 23:19 - 2009-09-11 10:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-10-11 23:17 - 2009-09-11 10:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-11 23:17 - 2009-09-11 10:03 - 00000000 ____D () C:\Program Files\TOSHIBA
2014-10-11 23:14 - 2009-09-11 10:04 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2014-10-11 23:08 - 2013-06-26 11:44 - 00000000 ____D () C:\Users\michal\AppData\Local\Unity
2014-10-11 20:27 - 2010-12-18 14:29 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-11 14:46 - 2010-12-22 22:53 - 00000000 ____D () C:\Users\michal\AppData\Roaming\Windows Live Writer
2014-10-10 22:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-10 14:56 - 2010-10-23 19:37 - 00000000 ____D () C:\Users\michal\AppData\Roaming\TuneUp Software
2014-10-06 20:44 - 2014-08-30 23:59 - 00030720 _____ () C:\Users\michal\Desktop\Plan.xls
2014-10-05 00:46 - 2012-06-22 14:56 - 00000000 ___DC () C:\Qoobox
2014-10-05 00:42 - 2009-07-14 04:34 - 00000215 ____C () C:\Windows\system.ini
2014-10-05 00:26 - 2013-02-11 19:59 - 00000000 ____D () C:\Users\michal\Desktop\szmery bajery
2014-10-05 00:02 - 2010-10-15 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-05 00:02 - 2010-09-14 16:16 - 00000966 _____ () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-05 00:02 - 2010-09-14 11:26 - 00000000 ____D () C:\Users\michal
2014-10-03 23:53 - 2010-10-22 14:21 - 00000000 ____D () C:\Users\michal\AppData\Local\Windows Live
2014-09-29 13:21 - 2011-04-22 20:12 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-29 13:21 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-29 12:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-29 10:52 - 2012-11-02 22:11 - 00000000 ____D () C:\Users\michal\AppData\Roaming\Origin
2014-09-24 09:32 - 2012-09-18 14:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-24 09:19 - 2014-05-07 14:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-23 22:59 - 2014-05-02 14:40 - 00000000 ____D () C:\Program Files (x86)\Grupa IMAGE
2014-09-23 22:58 - 2011-11-25 09:52 - 00000000 ____D () C:\Users\michal\Desktop\Zdjęcia
2014-09-23 22:03 - 2013-09-17 15:58 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 22:03 - 2012-04-02 09:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 22:03 - 2011-11-29 17:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 22:02 - 2014-09-11 12:44 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-22 08:42 - 2010-10-17 13:17 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\michal\DTLite4402-0131.exe


Some content of TEMP:
====================
C:\Users\michal\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-08 00:02

==================== End Of Log ============================