Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015 Ran by Andrzej (administrator) on LENOVO-PC on 08-07-2015 15:55:40 Running from C:\Users\User\Downloads Loaded Profiles: Andrzej (Available Profiles: Andrzej) Platform: Windows 8.1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-06-10] (Realtek semiconductor) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor) HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-05] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-09-05] (Lenovo(beijing) Limited) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-4290222556-2955140376-1757130449-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-4290222556-2955140376-1757130449-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com HKU\S-1-5-21-4290222556-2955140376-1757130449-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4290222556-2955140376-1757130449-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A24S0043S0043&ts=1423059455&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4290222556-2955140376-1757130449-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A24S0043S0043&ts=1423059455&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4290222556-2955140376-1757130449-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A24S0043S0043&ts=1423059455&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4290222556-2955140376-1757130449-1001 -> {C8A0050F-5BBC-431B-B0BA-2532FAA91DD5} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A24S0043S0043&ts=1423059455&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4290222556-2955140376-1757130449-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX61A24S0043S0043&ts=1423059455&type=default&q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-07] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-07] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-28] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-28] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-07] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 10.0.0.4 Tcpip\..\Interfaces\{A0BF8A54-3567-4E68-91EE-3298044E3E3E}: [DhcpNameServer] 192.168.10.1 10.0.0.4 Tcpip\..\Interfaces\{A55D6174-38DA-4DF5-BB02-A19D144E41A9}: [DhcpNameServer] 169.254.224.91 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\94qe9rvf.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-02] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-02] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-28] (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-07] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-07] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-07] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found] Chrome: ======= CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 6 CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-17] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET) R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [125168 2014-12-12] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-16] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.) R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-09-05] (Lenovo(beijing) Limited) S3 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-05] (Lenovo(beijing) Limited) S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [37624 2014-04-21] (Lenovo(beijing) Limited) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation) S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) S2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [0 2014-10-29] () <==== ATTENTION (zero byte File/Folder) R2 WSearch; C:\Windows\system32\SearchIndexer.exe [903168 2015-04-01] (Microsoft Corporation) [File not signed] R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [710144 2015-04-01] (Microsoft Corporation) [File not signed] S3 WwanSvc; C:\Windows\System32\wwansvc.dll [513536 2014-10-29] (Microsoft Corporation) [File not signed] S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation) S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-02-23] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-02-23] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-02-23] (ESET) R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-02-23] (ESET) R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2015-02-23] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-02-23] (ESET) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [231152 2014-12-12] (Intel Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-07-08] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [103424 2014-10-29] (Microsoft Corporation) [File not signed] R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-24] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9121496 2014-06-10] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-03-07] (Synaptics Incorporated) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-08 15:55 - 2015-07-08 15:56 - 00018225 _____ C:\Users\User\Downloads\FRST.txt 2015-07-08 15:54 - 2015-07-08 15:55 - 00000000 ____D C:\FRST 2015-07-08 15:53 - 2015-07-08 15:53 - 02112512 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2015-07-08 08:47 - 2015-07-08 14:26 - 00143360 _____ C:\Users\User\Desktop\Sklepy z częściami samochodowymi_AB_08.07.2015.xls 2015-07-07 18:19 - 2015-07-08 15:43 - 00000484 _____ C:\WINDOWS\Tasks\RegCure Pro Startup.job 2015-07-07 18:19 - 2015-07-07 18:19 - 07139680 _____ (ParetoLogic, Inc.) C:\Users\User\Downloads\RegCureProSetup_2877E93E-D8BC-4A0A-ACE6-E564E25C8240_.exe 2015-07-07 18:19 - 2015-07-07 18:19 - 00004006 _____ C:\WINDOWS\System32\Tasks\RegCure Pro_sch_FD93BBE9-24C3-11E5-8279-303A64D732A9 2015-07-07 18:19 - 2015-07-07 18:19 - 00003264 _____ C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3 2015-07-07 18:19 - 2015-07-07 18:19 - 00003140 _____ C:\WINDOWS\System32\Tasks\ParetoLogic Registration3 2015-07-07 18:19 - 2015-07-07 18:19 - 00002928 _____ C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3_triggeronce 2015-07-07 18:19 - 2015-07-07 18:19 - 00002622 _____ C:\WINDOWS\System32\Tasks\RegCure Pro Startup 2015-07-07 18:19 - 2015-07-07 18:19 - 00001221 _____ C:\Users\User\Desktop\RegCure Pro.lnk 2015-07-07 18:19 - 2015-07-07 18:19 - 00000587 _____ C:\WINDOWS\Tasks\RegCure Pro_sch_FD93BBE9-24C3-11E5-8279-303A64D732A9.job 2015-07-07 18:19 - 2015-07-07 18:19 - 00000492 _____ C:\WINDOWS\Tasks\ParetoLogic Registration3.job 2015-07-07 18:19 - 2015-07-07 18:19 - 00000466 _____ C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job 2015-07-07 18:19 - 2015-07-07 18:19 - 00000466 _____ C:\WINDOWS\Tasks\ParetoLogic Update Version3.job 2015-07-07 18:19 - 2015-07-07 18:19 - 00000000 ____D C:\Users\User\AppData\Roaming\ParetoLogic 2015-07-07 18:19 - 2015-07-07 18:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic 2015-07-07 18:19 - 2015-07-07 18:19 - 00000000 ____D C:\ProgramData\ParetoLogic 2015-07-07 18:19 - 2015-07-07 18:19 - 00000000 ____D C:\Program Files (x86)\ParetoLogic 2015-07-07 17:30 - 2015-07-07 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-07-07 17:28 - 2015-07-07 17:27 - 00181124 _____ C:\WINDOWSARIALNI.tt2 2015-07-07 17:28 - 2015-07-07 17:27 - 00180740 _____ C:\WINDOWSARIALNB.tt2 2015-07-07 17:28 - 2015-07-07 17:27 - 00180084 _____ C:\WINDOWSARIALNBI.tt2 2015-07-07 17:28 - 2015-07-07 17:27 - 00175956 _____ C:\WINDOWSARIALN.tt2 2015-07-07 17:27 - 2015-07-07 17:27 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-07-07 17:18 - 2015-07-07 17:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 15 2015-07-07 17:03 - 2015-07-07 17:03 - 01096936 _____ (Microsoft Corporation) C:\Users\User\Desktop\Setup.X86.pl-PL_HomeStudentRetail_fd3c037b-ecd8-424e-bc11-783f5b95a8a2_TX_DB_.exe 2015-07-07 16:50 - 2015-07-07 16:50 - 01096936 _____ (Microsoft Corporation) C:\Users\User\Downloads\Setup.X86.pl-PL_HomeStudentRetail_fd3c037b-ecd8-424e-bc11-783f5b95a8a2_TX_DB_ (1).exe 2015-07-07 16:46 - 2015-07-07 16:46 - 01096936 _____ (Microsoft Corporation) C:\Users\User\Downloads\Setup.X86.pl-PL_HomeStudentRetail_fd3c037b-ecd8-424e-bc11-783f5b95a8a2_TX_DB_.exe 2015-07-07 11:06 - 2015-07-07 11:06 - 11032736 _____ (SurfRight B.V.) C:\Users\User\Downloads\HitmanPro_x64 (2).exe 2015-07-07 10:57 - 2015-07-07 10:58 - 10113976 _____ (SurfRight B.V.) C:\Users\User\Downloads\HitmanPro.exe 2015-07-07 10:52 - 2015-07-07 10:53 - 11032736 _____ (SurfRight B.V.) C:\Users\User\Downloads\HitmanPro_x64 (1).exe 2015-07-07 09:31 - 2015-07-07 09:31 - 11032736 _____ (SurfRight B.V.) C:\Users\User\Downloads\HitmanPro_x64.exe 2015-07-07 08:40 - 2015-07-07 14:21 - 00002296 _____ C:\Users\User\Desktop\Google Chrome.lnk 2015-07-07 08:16 - 2015-07-07 08:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-07-07 08:15 - 2015-07-08 15:42 - 00001066 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-07 08:15 - 2015-07-08 15:20 - 00001070 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-07 08:15 - 2015-07-07 08:16 - 00000000 ____D C:\Program Files (x86)\Google 2015-07-07 08:15 - 2015-07-07 08:15 - 00004042 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-07 08:15 - 2015-07-07 08:15 - 00003806 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-07 06:46 - 2015-07-07 06:46 - 00000000 __SHD C:\found.000 2015-07-03 07:40 - 2015-07-03 13:55 - 00336384 _____ C:\Users\User\Desktop\Meble do sypialni 03.07.2015.xls 2015-07-03 06:56 - 2015-07-03 06:56 - 00012215 _____ C:\Users\User\Desktop\Fiszka_Andrzej_Białas_06.07-10.07.2015.xlsx 2015-07-01 07:12 - 2015-07-01 07:12 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2015-07-01 06:47 - 2015-07-07 06:47 - 00000690 _____ C:\WINDOWS\PFRO.log 2015-06-26 07:00 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-06-26 07:00 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-06-26 07:00 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-06-26 07:00 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-06-26 07:00 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2015-06-26 07:00 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-06-26 07:00 - 2015-05-21 15:08 - 00000000 _____ C:\WINDOWS\system32\devinv.dll 2015-06-26 07:00 - 2015-04-17 00:07 - 00000000 _____ C:\WINDOWS\system32\aepdu.dll 2015-06-25 06:54 - 2015-07-01 06:57 - 00001283 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk 2015-06-23 06:48 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-06-23 06:48 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-06-23 06:48 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-06-23 06:48 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll 2015-06-23 06:48 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2015-06-23 06:48 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2015-06-23 06:48 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2015-06-23 06:48 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll 2015-06-23 06:48 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll 2015-06-23 06:47 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-06-23 06:47 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2015-06-23 06:47 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll 2015-06-23 06:47 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-06-23 06:47 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-06-23 06:47 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll 2015-06-23 06:47 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-06-23 06:47 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-06-23 06:47 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2015-06-23 06:47 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2015-06-23 06:47 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll 2015-06-23 06:47 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2015-06-23 06:47 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2015-06-23 06:47 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-06-23 06:47 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2015-06-23 06:47 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2015-06-23 06:47 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2015-06-23 06:47 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2015-06-23 06:47 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2015-06-23 06:47 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-06-23 06:47 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2015-06-11 04:02 - 2015-06-11 04:02 - 00829264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll 2015-06-11 04:02 - 2015-06-11 04:02 - 00608080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll 2015-06-10 06:45 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-06-10 06:45 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-06-10 06:45 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-06-10 06:45 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2015-06-10 06:45 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-06-10 06:45 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-06-10 06:45 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2015-06-10 06:45 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-06-10 06:45 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-06-10 06:45 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-06-10 06:45 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-06-10 06:45 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-06-10 06:45 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-06-10 06:45 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-06-10 06:45 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-06-10 06:45 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-06-10 06:45 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-06-10 06:45 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-06-10 06:45 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-06-10 06:45 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-06-10 06:45 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-06-10 06:45 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-06-10 06:45 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2015-06-10 06:45 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-06-10 06:45 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-06-10 06:45 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-06-10 06:45 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2015-06-10 06:45 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-06-10 06:45 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-06-10 06:45 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-06-10 06:45 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-06-10 06:45 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-06-10 06:45 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-06-10 06:45 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-06-10 06:45 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-06-10 06:45 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-06-10 06:45 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-06-10 06:45 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-06-10 06:45 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-06-10 06:45 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-06-10 06:45 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-06-10 06:45 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2015-06-10 06:45 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-08 15:56 - 2014-12-20 16:46 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype 2015-07-08 15:47 - 2014-12-12 21:58 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4290222556-2955140376-1757130449-1001 2015-07-08 15:42 - 2015-01-04 17:34 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-07-08 15:42 - 2014-09-05 11:30 - 01496135 _____ C:\WINDOWS\WindowsUpdate.log 2015-07-08 15:15 - 2013-08-22 16:46 - 00034565 _____ C:\WINDOWS\setupact.log 2015-07-08 15:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-07-08 11:24 - 2014-12-21 20:52 - 00000000 __RDO C:\Users\User\OneDrive 2015-07-08 11:24 - 2014-12-20 10:47 - 00003102 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4290222556-2955140376-1757130449-1001 2015-07-08 07:01 - 2014-12-22 16:32 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-07-08 07:01 - 2014-12-20 16:45 - 00000000 ____D C:\ProgramData\Skype 2015-07-07 15:31 - 2014-12-20 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2015-07-07 15:31 - 2014-12-20 21:17 - 00000000 ____D C:\Program Files (x86)\Canon 2015-07-07 14:23 - 2014-12-23 11:07 - 00000000 ____D C:\Users\User\AppData\Local\Adobe 2015-07-07 08:40 - 2014-12-12 22:07 - 00000000 ____D C:\Users\User\AppData\Local\Google 2015-07-07 06:47 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-07-06 10:54 - 2014-12-12 21:52 - 00000000 ____D C:\Users\User\AppData\Local\Packages 2015-07-01 07:41 - 2014-12-12 16:10 - 00000000 ____D C:\ProgramData\LU 2015-07-01 07:12 - 2014-09-05 11:49 - 00000000 ____D C:\Program Files (x86)\Intel 2015-07-01 07:12 - 2014-09-05 11:29 - 00044406 _____ C:\WINDOWS\DPINST.LOG 2015-07-01 06:46 - 2014-12-12 17:22 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2015-07-01 06:46 - 2014-12-12 17:22 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-07-01 06:46 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-06-26 07:15 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-06-25 06:47 - 2015-04-09 06:50 - 00005118 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVO-PC-Andrzej Lenovo-PC 2015-06-24 15:08 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-06-24 08:50 - 2014-12-12 16:49 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-06-24 08:43 - 2014-12-12 16:49 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-06-20 05:02 - 2014-12-12 17:31 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-06-20 05:02 - 2014-12-12 17:31 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-19 07:22 - 2014-12-23 11:08 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-06-19 07:22 - 2013-08-22 16:44 - 00383560 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-06-12 14:42 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions ==================== Files in the root of some directories ======= 2015-07-07 18:19 - 2015-07-08 15:51 - 0000115 _____ () C:\Users\User\AppData\Roaming\LogFile.txt 2014-12-20 12:40 - 2014-12-20 12:40 - 1249792 _____ (http://www.ruby-lang.org/) C:\Users\User\AppData\Roaming\msvcr90-ruby191.dll 2014-12-22 16:37 - 2014-12-22 16:37 - 0000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg 2014-09-05 12:07 - 2014-09-05 12:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\User\AppData\Local\Temp\ose00000.exe C:\Users\User\AppData\Local\Temp\SkypeSetup.exe C:\Users\User\AppData\Local\Temp\uninst.exe Some zero byte size files/folders: ========================== C:\Windows\SysWOW64\activeds.dll C:\Windows\SysWOW64\dllhst3g.exe C:\Windows\SysWOW64\efsui.exe C:\Windows\SysWOW64\EhStorAuthn.exe C:\Windows\SysWOW64\fde.dll C:\Windows\SysWOW64\fmifs.dll C:\Windows\SysWOW64\fontview.exe C:\Windows\SysWOW64\iscsiwmi.dll C:\Windows\SysWOW64\ktmw32.dll C:\Windows\SysWOW64\mdminst.dll C:\Windows\SysWOW64\mspatchc.dll C:\Windows\SysWOW64\net.exe C:\Windows\SysWOW64\net1.exe C:\Windows\SysWOW64\ntdsapi.dll C:\Windows\SysWOW64\sc.exe C:\Windows\SysWOW64\sqmapi.dll C:\Windows\SysWOW64\wscproxystub.dll C:\Windows\SysWOW64\WSShared.dll C:\Windows\System32\aepdu.dll C:\Windows\System32\d3d10level9.dll C:\Windows\System32\devinv.dll C:\Windows\System32\drmv2clt.dll C:\Windows\System32\FXSST.dll C:\Windows\System32\FXSTIFF.dll C:\Windows\System32\loadperf.dll C:\Windows\System32\mfasfsrcsnk.dll C:\Windows\System32\mfc110jpn.dll C:\Windows\System32\MicrosoftAccountTokenProvider.dll C:\Windows\System32\mispace.dll C:\Windows\System32\netid.dll C:\Windows\System32\ntprint.exe C:\Windows\System32\printui.exe C:\Windows\System32\remotepg.dll C:\Windows\System32\SnippingTool.exe C:\Windows\System32\SrTasks.exe C:\Windows\System32\SSShim.dll C:\Windows\System32\Startupscan.dll C:\Windows\System32\StorageContextHandler.dll C:\Windows\System32\SystemSettingsDatabase.dll C:\Windows\System32\taskhostex.exe C:\Windows\System32\w32tm.exe C:\Windows\System32\WerFault.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-02 08:26 ==================== End of log ============================