Anonim / 3 lata, 5 miesięcy temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Ola (administrator) on OLA-HP on 22-05-2014 13:35:12
Running from C:\Users\Ola\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(HP) C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Spotify Ltd) C:\Users\Ola\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Ola\AppData\Roaming\Dropbox\bin\Dropbox.exe
(LiveChat, Inc.) C:\Program Files (x86)\LiveChat\LIVECHAT.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Ola\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Ola\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ola\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ola\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ola\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ola\AppData\Roaming\Spotify\Data\SpotifyHelper.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4033033148-594284185-1145904960-1002\...\Run: [Spotify Web Helper] => C:\Users\Ola\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-17] (Spotify Ltd)
HKU\S-1-5-21-4033033148-594284185-1145904960-1002\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\S-1-5-21-4033033148-594284185-1145904960-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-4033033148-594284185-1145904960-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4033033148-594284185-1145904960-1002\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4033033148-594284185-1145904960-1002\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-4033033148-594284185-1145904960-1002\...\MountPoints2: F - F:\cdstart.exe
HKU\S-1-5-21-4033033148-594284185-1145904960-1002\...\MountPoints2: {e5245427-a152-11e3-8c66-685d43888b86} - G:\HTC_Sync_Manager_PC.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245432 2012-12-03] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201136 2012-12-03] (NVIDIA Corporation)
Startup: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ola\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LIVECHAT Operator.lnk
ShortcutTarget: LIVECHAT Operator.lnk -> C:\Program Files (x86)\LiveChat\LIVECHAT.exe (LiveChat, Inc.)
Startup: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.msn.com/?pc=UP97&ocid=UP97DHP
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {AF2EBD99-ED67-4682-823C-F6577951E5CD} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {AF2EBD99-ED67-4682-823C-F6577951E5CD} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {AF2EBD99-ED67-4682-823C-F6577951E5CD} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62

FireFox:
========
FF ProfilePath: C:\Users\Ola\AppData\Roaming\Mozilla\Firefox\Profiles\xwfxb21u.default
FF DefaultSearchEngine: AOL Search
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: AOL Search
FF Homepage: hxxp://pl.msn.com/?pc=UP97&ocid=UP97DHP
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Ola\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Ola\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Ola\AppData\Roaming\Mozilla\Firefox\Profiles\xwfxb21u.default\searchplugins\aol-search.xml
FF SearchPlugin: C:\Users\Ola\AppData\Roaming\Mozilla\Firefox\Profiles\xwfxb21u.default\searchplugins\wyszukiwarka-aol.xml
FF Extension: Winamp Toolbar - C:\Users\Ola\AppData\Roaming\Mozilla\Firefox\Profiles\xwfxb21u.default\Extensions\{8b9fe9be-f7dd-451e-ac96-0e568e0ecc10} [2013-02-09]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-05-22]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-05-22]

Chrome: 
=======
CHR HomePage: hxxp://pl.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: "https://www.google.pl/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Ola\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Dokumenty Google) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-23]
CHR Extension: (Dysk Google) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-23]
CHR Extension: (YouTube) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-23]
CHR Extension: (Szukaj w Google) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-23]
CHR Extension: (AdBlock) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-15]
CHR Extension: (Website Logon) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfgjjhcgfbfkkoelpepohanhmbhdanh [2013-07-23]
CHR Extension: (Google Wallet) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-23]
CHR HKLM-x32\...\Chrome\Extension: [jpfgjjhcgfbfkkoelpepohanhmbhdanh] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2011-12-09]

==================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP)
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-16] (Hewlett-Packard)
S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-10-15] (TuneUp Software)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R3 hswpan; C:\Windows\system32\drivers\hswpan.sys [108288 2011-12-07] (Ozmo Inc)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [20016 2011-10-14] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-12-06] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
U3 ad15jplt; C:\Windows\System32\Drivers\ad15jplt.sys [0 ] (Advanced Micro Devices)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-22 11:13 - 2014-05-22 11:14 - 00042809 _____ () C:\Users\Ola\Downloads\Addition.txt
2014-05-22 11:11 - 2014-05-22 13:35 - 00019568 _____ () C:\Users\Ola\Downloads\FRST.txt
2014-05-22 11:11 - 2014-05-22 13:35 - 00000000 ____D () C:\FRST
2014-05-22 11:10 - 2014-05-22 11:10 - 02067456 _____ (Farbar) C:\Users\Ola\Downloads\FRST64.exe
2014-05-22 11:01 - 2014-05-22 11:01 - 01056768 _____ (Farbar) C:\Users\Ola\Downloads\FRST.exe
2014-05-22 10:43 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-22 10:37 - 2014-05-22 10:37 - 01326389 _____ () C:\Users\Ola\Downloads\adwcleaner_3.210.exe
2014-05-22 09:35 - 2014-05-22 09:35 - 00076704 _____ () C:\Users\Ola\Downloads\Extras.Txt
2014-05-22 09:34 - 2014-05-22 09:34 - 00145826 _____ () C:\Users\Ola\Downloads\OTL.Txt
2014-05-22 09:00 - 2014-05-22 09:00 - 00602112 _____ (OldTimer Tools) C:\Users\Ola\Downloads\OTL.exe
2014-05-22 08:16 - 2014-05-22 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-05-22 08:16 - 2014-05-22 08:16 - 00000000 ____D () C:\ProgramData\ESET
2014-05-22 08:03 - 2014-05-22 08:03 - 00001024 _____ () C:\Users\Ola\Downloads\Aktualna licencja do Pakietów ESET SMART NOD.txt
2014-05-22 07:23 - 2014-05-22 13:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-22 07:22 - 2014-05-22 07:22 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-22 07:22 - 2014-05-22 07:22 - 00001062 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-22 07:22 - 2014-05-22 07:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-22 07:22 - 2014-05-22 07:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-22 07:22 - 2014-05-22 07:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-22 07:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-22 07:22 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-22 07:22 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-22 07:20 - 2014-05-22 07:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ola\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-20 11:20 - 2014-05-20 11:20 - 00000855 _____ () C:\Users\Ola\AppData\Local\recently-used.xbel
2014-05-19 14:09 - 2014-05-19 14:09 - 00000000 ____D () C:\Users\Ola\.thumbnails
2014-05-19 14:08 - 2014-05-20 11:57 - 00000000 ____D () C:\Users\Ola\.gimp-2.8
2014-05-19 14:08 - 2014-05-19 14:08 - 00000000 ____D () C:\Users\Ola\AppData\Local\gegl-0.2
2014-05-19 12:24 - 2014-05-19 12:24 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-05-19 12:23 - 2014-05-19 12:24 - 00000000 ____D () C:\Program Files\GIMP 2
2014-05-19 12:17 - 2014-05-19 12:19 - 90396104 _____ (The GIMP Team ) C:\Users\Ola\Downloads\gimp-2.8.10-setup.exe
2014-05-19 12:03 - 2014-05-19 12:03 - 00798560 _____ () C:\Users\Ola\Downloads\dieta tydzień 001.tif
2014-05-18 12:30 - 2014-05-18 12:30 - 00000000 ____D () C:\Users\Ola\AppData\Roaming\OpenOffice
2014-05-18 12:19 - 2014-05-18 12:19 - 00001142 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-05-18 12:19 - 2014-05-18 12:19 - 00001142 _____ () C:\ProgramData\Desktop\OpenOffice 4.1.0.lnk
2014-05-18 12:19 - 2014-05-18 12:19 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-05-18 12:18 - 2014-05-18 12:18 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-05-18 12:13 - 2014-05-18 12:13 - 00000000 ____D () C:\Users\Ola\Desktop\OpenOffice 4.1.0 (pl) Installation Files
2014-05-18 12:12 - 2014-05-18 12:13 - 131573539 _____ () C:\Users\Ola\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_pl.exe
2014-05-16 17:05 - 2014-05-16 17:05 - 00000000 ____D () C:\Users\Ola\AppData\Roaming\DropboxMaster
2014-05-16 16:50 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 16:50 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 16:50 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 16:50 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 16:50 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 16:50 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 14:25 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 14:25 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 14:25 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 14:25 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 14:24 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 14:24 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 14:24 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 14:24 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 14:24 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 14:24 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 14:24 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 14:24 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 14:24 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 14:24 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 14:24 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 14:24 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 14:24 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 14:24 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 14:24 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 14:24 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 14:24 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 14:24 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 14:24 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 14:24 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 14:24 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 14:24 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 14:24 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 14:24 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 14:24 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 14:24 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 14:24 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 14:24 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 14:24 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 14:24 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 14:24 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 14:24 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 14:24 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 14:24 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 14:24 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 14:24 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 14:24 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 14:24 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 14:24 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 14:24 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 14:24 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-15 11:45 - 2014-05-15 11:57 - 00000000 ____D () C:\Users\Ola\AppData\Local\Ashampoo Movie Studio
2014-05-15 11:45 - 2014-05-15 11:45 - 00001260 _____ () C:\Users\Public\Desktop\Ashampoo WinOptimizer 11.lnk
2014-05-15 11:45 - 2014-05-15 11:45 - 00001260 _____ () C:\ProgramData\Desktop\Ashampoo WinOptimizer 11.lnk
2014-05-15 11:45 - 2014-05-15 11:45 - 00000214 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-05-15 11:45 - 2014-05-15 11:45 - 00000214 _____ () C:\ProgramData\Desktop\Your Software Deals.url
2014-05-15 11:44 - 2014-05-15 11:44 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-05-15 11:43 - 2014-05-15 11:43 - 173926240 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Ola\Downloads\ashampoo_movie_studio_sm.exe
2014-05-15 11:42 - 2014-05-15 11:42 - 00702752 _____ () C:\Users\Ola\Downloads\Ashampoo-Movie-Studio(43446).exe
2014-05-15 11:25 - 2014-05-15 11:25 - 02944974 _____ () C:\Users\Ola\Downloads\czasnarelaks.wp.pl (1).pptx
2014-05-15 11:24 - 2014-05-15 11:24 - 02944974 _____ () C:\Users\Ola\Downloads\czasnarelaks.wp.pl.pptx
2014-05-15 11:15 - 2014-05-15 11:15 - 00190584 _____ () C:\Users\Ola\Downloads\Plan_Startowy_SALESmanago.zip
2014-05-15 09:20 - 2014-05-15 09:21 - 00029184 _____ () C:\Users\Ola\Desktop\KARTA_MONITORINGU_KMW.xls
2014-05-13 13:39 - 2014-05-22 13:14 - 00000534 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4033033148-594284185-1145904960-1002.job
2014-05-13 13:39 - 2014-05-13 13:39 - 00003556 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4033033148-594284185-1145904960-1002
2014-05-13 13:39 - 2014-05-13 13:39 - 00000000 ____D () C:\Users\Ola\AppData\Local\Citrix
2014-05-13 13:39 - 2014-05-13 13:39 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-05-12 07:41 - 2014-05-12 07:41 - 00041528 _____ () C:\Users\Ola\Downloads\zestawienie_Kalorynka_2014-04-01_-_2014-04-30.zip
2014-05-08 10:12 - 2014-05-08 10:12 - 00000600 _____ () C:\Users\Ola\Downloads\kobiety.csv
2014-05-08 09:15 - 2014-05-08 09:15 - 00000600 _____ () C:\Users\Ola\Downloads\Mezczyzni.csv
2014-05-07 21:46 - 2014-05-16 16:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-07 11:37 - 2014-05-07 11:37 - 00013461 _____ () C:\Users\Ola\Downloads\WiadomosciAutomatyczne (1).xlsx
2014-05-07 11:36 - 2014-05-07 11:36 - 00013461 _____ () C:\Users\Ola\Downloads\WiadomosciAutomatyczne.xlsx
2014-05-05 10:16 - 2014-05-05 10:16 - 53462024 _____ () C:\Users\Ola\Downloads\karty3004.zip
2014-04-29 15:57 - 2014-04-29 15:57 - 00023316 _____ () C:\Users\Ola\Downloads\kody beta.csv
2014-04-29 12:43 - 2014-04-29 12:43 - 00023328 _____ () C:\Users\Ola\Downloads\8df5cf0b-7a1d-4508-b54a-1d8d4bc4fc19.csv
2014-04-29 12:14 - 2014-04-29 12:14 - 106571768 _____ () C:\Users\Ola\Downloads\Karty2804 (1).zip
2014-04-29 12:02 - 2014-04-29 12:03 - 106571768 _____ () C:\Users\Ola\Downloads\Karty2804.zip
2014-04-22 16:25 - 2014-04-22 16:26 - 08708059 _____ () C:\Users\Ola\Downloads\tydzien_z_diety__Marta_Kalinowska.zip

==================== One Month Modified Files and Folders =======

2014-05-22 13:35 - 2014-05-22 11:11 - 00019568 _____ () C:\Users\Ola\Downloads\FRST.txt
2014-05-22 13:35 - 2014-05-22 11:11 - 00000000 ____D () C:\FRST
2014-05-22 13:35 - 2013-01-08 12:37 - 00000000 ____D () C:\Users\Ola\AppData\Roaming\Skype
2014-05-22 13:34 - 2013-02-14 17:52 - 00000000 ____D () C:\Users\Ola\AppData\Roaming\Spotify
2014-05-22 13:31 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-22 13:31 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-22 13:29 - 2012-03-03 02:44 - 00744036 _____ () C:\Windows\system32\perfh015.dat
2014-05-22 13:29 - 2012-03-03 02:44 - 00157486 _____ () C:\Windows\system32\perfc015.dat
2014-05-22 13:29 - 2009-07-14 07:13 - 01679274 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-22 13:25 - 2013-11-14 14:46 - 00000000 ___RD () C:\Users\Ola\Dropbox
2014-05-22 13:25 - 2013-11-14 14:43 - 00000000 ____D () C:\Users\Ola\AppData\Roaming\Dropbox
2014-05-22 13:23 - 2014-05-22 07:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-22 13:23 - 2014-01-31 19:40 - 00001038 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-22 13:22 - 2012-12-06 22:54 - 00000196 _____ () C:\Windows\Tasks\AutoKMS.job
2014-05-22 13:22 - 2010-11-21 05:47 - 01113112 _____ () C:\Windows\PFRO.log
2014-05-22 13:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-22 13:22 - 2009-07-14 06:51 - 00107696 _____ () C:\Windows\setupact.log
2014-05-22 13:21 - 2012-12-06 11:46 - 01240898 _____ () C:\Windows\WindowsUpdate.log
2014-05-22 13:15 - 2012-03-02 18:13 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-22 13:14 - 2014-05-13 13:39 - 00000534 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4033033148-594284185-1145904960-1002.job
2014-05-22 13:03 - 2014-01-31 19:40 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 13:02 - 2012-03-02 18:27 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-22 12:56 - 2013-01-14 00:25 - 10072064 ___SH () C:\Users\Ola\Desktop\Thumbs.db
2014-05-22 12:53 - 2012-12-06 13:51 - 00000000 ____D () C:\Users\Ola\AppData\Roaming\Adobe
2014-05-22 12:53 - 2012-03-02 18:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-22 11:14 - 2014-05-22 11:13 - 00042809 _____ () C:\Users\Ola\Downloads\Addition.txt
2014-05-22 11:10 - 2014-05-22 11:10 - 02067456 _____ (Farbar) C:\Users\Ola\Downloads\FRST64.exe
2014-05-22 11:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-05-22 11:01 - 2014-05-22 11:01 - 01056768 _____ (Farbar) C:\Users\Ola\Downloads\FRST.exe
2014-05-22 10:56 - 2012-12-25 15:09 - 00000000 ____D () C:\Users\Ola\Desktop\PRACA
2014-05-22 10:37 - 2014-05-22 10:37 - 01326389 _____ () C:\Users\Ola\Downloads\adwcleaner_3.210.exe
2014-05-22 09:35 - 2014-05-22 09:35 - 00076704 _____ () C:\Users\Ola\Downloads\Extras.Txt
2014-05-22 09:34 - 2014-05-22 09:34 - 00145826 _____ () C:\Users\Ola\Downloads\OTL.Txt
2014-05-22 09:00 - 2014-05-22 09:00 - 00602112 _____ (OldTimer Tools) C:\Users\Ola\Downloads\OTL.exe
2014-05-22 08:16 - 2014-05-22 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-05-22 08:16 - 2014-05-22 08:16 - 00000000 ____D () C:\ProgramData\ESET
2014-05-22 08:16 - 2012-12-06 14:19 - 00000000 ____D () C:\Program Files\ESET
2014-05-22 08:03 - 2014-05-22 08:03 - 00001024 _____ () C:\Users\Ola\Downloads\Aktualna licencja do Pakietów ESET SMART NOD.txt
2014-05-22 07:22 - 2014-05-22 07:22 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-22 07:22 - 2014-05-22 07:22 - 00001062 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-22 07:22 - 2014-05-22 07:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-22 07:22 - 2014-05-22 07:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-22 07:22 - 2014-05-22 07:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-22 07:21 - 2014-05-22 07:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ola\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-22 07:09 - 2012-12-06 13:49 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B2E81E4E-3499-4678-B29F-8975517F73FB}
2014-05-22 07:08 - 2012-12-07 00:42 - 00129024 _____ () C:\Windows\AutoKMS.log
2014-05-22 07:07 - 2013-11-08 11:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-20 19:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-20 11:57 - 2014-05-19 14:08 - 00000000 ____D () C:\Users\Ola\.gimp-2.8
2014-05-20 11:20 - 2014-05-20 11:20 - 00000855 _____ () C:\Users\Ola\AppData\Local\recently-used.xbel
2014-05-19 14:09 - 2014-05-19 14:09 - 00000000 ____D () C:\Users\Ola\.thumbnails
2014-05-19 14:09 - 2012-12-06 11:46 - 00000000 ____D () C:\Users\Ola
2014-05-19 14:08 - 2014-05-19 14:08 - 00000000 ____D () C:\Users\Ola\AppData\Local\gegl-0.2
2014-05-19 12:24 - 2014-05-19 12:24 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-05-19 12:24 - 2014-05-19 12:23 - 00000000 ____D () C:\Program Files\GIMP 2
2014-05-19 12:19 - 2014-05-19 12:17 - 90396104 _____ (The GIMP Team ) C:\Users\Ola\Downloads\gimp-2.8.10-setup.exe
2014-05-19 12:03 - 2014-05-19 12:03 - 00798560 _____ () C:\Users\Ola\Downloads\dieta tydzień 001.tif
2014-05-19 08:01 - 2009-07-14 06:45 - 02302368 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-18 19:09 - 2012-12-06 13:52 - 00092560 _____ () C:\Users\Ola\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-18 12:30 - 2014-05-18 12:30 - 00000000 ____D () C:\Users\Ola\AppData\Roaming\OpenOffice
2014-05-18 12:19 - 2014-05-18 12:19 - 00001142 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-05-18 12:19 - 2014-05-18 12:19 - 00001142 _____ () C:\ProgramData\Desktop\OpenOffice 4.1.0.lnk
2014-05-18 12:19 - 2014-05-18 12:19 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-05-18 12:18 - 2014-05-18 12:18 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-05-18 12:17 - 2014-02-24 09:44 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2014-05-18 12:15 - 2012-12-06 13:48 - 00000000 ___RD () C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-18 12:13 - 2014-05-18 12:13 - 00000000 ____D () C:\Users\Ola\Desktop\OpenOffice 4.1.0 (pl) Installation Files
2014-05-18 12:13 - 2014-05-18 12:12 - 131573539 _____ () C:\Users\Ola\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_pl.exe
2014-05-17 17:35 - 2013-01-12 19:03 - 00000000 ____D () C:\Program Files (x86)\steam
2014-05-17 12:17 - 2013-02-14 17:53 - 00000000 ____D () C:\Users\Ola\AppData\Local\Spotify
2014-05-16 17:05 - 2014-05-16 17:05 - 00000000 ____D () C:\Users\Ola\AppData\Roaming\DropboxMaster
2014-05-16 17:05 - 2013-11-14 14:46 - 00001009 _____ () C:\Users\Ola\Desktop\Dropbox.lnk
2014-05-16 17:05 - 2013-11-14 14:44 - 00000000 ____D () C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-16 17:02 - 2012-12-06 13:48 - 00000000 ___RD () C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 16:58 - 2014-05-07 21:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 16:52 - 2012-12-06 22:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-16 16:48 - 2013-07-25 08:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 16:44 - 2012-12-07 11:23 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 12:50 - 2012-12-25 11:11 - 00000000 ____D () C:\Users\Ola\Desktop\OLA
2014-05-16 08:02 - 2014-01-31 19:42 - 00002149 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-16 08:02 - 2014-01-31 19:42 - 00002149 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2014-05-15 11:57 - 2014-05-15 11:45 - 00000000 ____D () C:\Users\Ola\AppData\Local\Ashampoo Movie Studio
2014-05-15 11:45 - 2014-05-15 11:45 - 00001260 _____ () C:\Users\Public\Desktop\Ashampoo WinOptimizer 11.lnk
2014-05-15 11:45 - 2014-05-15 11:45 - 00001260 _____ () C:\ProgramData\Desktop\Ashampoo WinOptimizer 11.lnk
2014-05-15 11:45 - 2014-05-15 11:45 - 00000214 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-05-15 11:45 - 2014-05-15 11:45 - 00000214 _____ () C:\ProgramData\Desktop\Your Software Deals.url
2014-05-15 11:44 - 2014-05-15 11:44 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-05-15 11:43 - 2014-05-15 11:43 - 173926240 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Ola\Downloads\ashampoo_movie_studio_sm.exe
2014-05-15 11:42 - 2014-05-15 11:42 - 00702752 _____ () C:\Users\Ola\Downloads\Ashampoo-Movie-Studio(43446).exe
2014-05-15 11:25 - 2014-05-15 11:25 - 02944974 _____ () C:\Users\Ola\Downloads\czasnarelaks.wp.pl (1).pptx
2014-05-15 11:24 - 2014-05-15 11:24 - 02944974 _____ () C:\Users\Ola\Downloads\czasnarelaks.wp.pl.pptx
2014-05-15 11:15 - 2014-05-15 11:15 - 00190584 _____ () C:\Users\Ola\Downloads\Plan_Startowy_SALESmanago.zip
2014-05-15 09:21 - 2014-05-15 09:20 - 00029184 _____ () C:\Users\Ola\Desktop\KARTA_MONITORINGU_KMW.xls
2014-05-13 21:15 - 2012-03-02 18:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 21:15 - 2012-03-02 18:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 21:15 - 2012-03-02 18:13 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 15:13 - 2013-01-11 14:43 - 00000000 ____D () C:\Users\Ola\Documents\Pliki programu Outlook
2014-05-13 13:39 - 2014-05-13 13:39 - 00003556 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4033033148-594284185-1145904960-1002
2014-05-13 13:39 - 2014-05-13 13:39 - 00000000 ____D () C:\Users\Ola\AppData\Local\Citrix
2014-05-13 13:39 - 2014-05-13 13:39 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-05-12 22:01 - 2012-12-06 14:52 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-05-12 07:41 - 2014-05-12 07:41 - 00041528 _____ () C:\Users\Ola\Downloads\zestawienie_Kalorynka_2014-04-01_-_2014-04-30.zip
2014-05-12 07:26 - 2014-05-22 07:22 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-22 07:22 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-22 07:22 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 19:02 - 2014-03-15 15:39 - 00000000 ____D () C:\Users\Ola\.VirtualBox
2014-05-09 08:14 - 2014-05-15 14:25 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 14:25 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 10:12 - 2014-05-08 10:12 - 00000600 _____ () C:\Users\Ola\Downloads\kobiety.csv
2014-05-08 09:15 - 2014-05-08 09:15 - 00000600 _____ () C:\Users\Ola\Downloads\Mezczyzni.csv
2014-05-08 06:58 - 2014-01-31 19:40 - 00004038 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 06:58 - 2014-01-31 19:40 - 00003786 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 13:06 - 2012-12-06 23:27 - 00000000 ____D () C:\Users\Ola\AppData\Local\CrashDumps
2014-05-07 11:37 - 2014-05-07 11:37 - 00013461 _____ () C:\Users\Ola\Downloads\WiadomosciAutomatyczne (1).xlsx
2014-05-07 11:36 - 2014-05-07 11:36 - 00013461 _____ () C:\Users\Ola\Downloads\WiadomosciAutomatyczne.xlsx
2014-05-06 06:40 - 2014-05-16 16:50 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-16 16:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-16 16:50 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-16 16:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-16 16:50 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-16 16:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 10:16 - 2014-05-05 10:16 - 53462024 _____ () C:\Users\Ola\Downloads\karty3004.zip
2014-04-30 16:36 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-29 15:57 - 2014-04-29 15:57 - 00023316 _____ () C:\Users\Ola\Downloads\kody beta.csv
2014-04-29 12:43 - 2014-04-29 12:43 - 00023328 _____ () C:\Users\Ola\Downloads\8df5cf0b-7a1d-4508-b54a-1d8d4bc4fc19.csv
2014-04-29 12:14 - 2014-04-29 12:14 - 106571768 _____ () C:\Users\Ola\Downloads\Karty2804 (1).zip
2014-04-29 12:03 - 2014-04-29 12:02 - 106571768 _____ () C:\Users\Ola\Downloads\Karty2804.zip
2014-04-22 16:26 - 2014-04-22 16:25 - 08708059 _____ () C:\Users\Ola\Downloads\tydzien_z_diety__Marta_Kalinowska.zip

Some content of TEMP:
====================
C:\Users\Ola\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcqaj3n.dll
C:\Users\Ola\AppData\Local\Temp\MovieStudio.exe
C:\Users\Ola\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-20 19:19

==================== End Of Log ============================