Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-08-2015 Ran by MateuszK (administrator) on MK (14-08-2015 11:41:18) Running from C:\FRST Loaded Profiles: MateuszK (Available Profiles: MateuszK) Platform: Windows 8.1 (X64) Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe (Valid Applications) C:\ProgramData\qwUNTL\SjnjRsJv.exe (Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe (Spotify Ltd) C:\Users\MateuszK\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [1008128 2014-04-28] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-04-17] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA Corporation) HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation) HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-09] (AVAST Software) HKLM-x32\...\RunOnce: [Dumimasagace] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\MateuszK\AppData\Local\253CBA~1\Celadat.dat" Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2447186742-3676154164-1405930604-1001\...\Run: [Spotify Web Helper] => C:\Users\MateuszK\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-10] (Spotify Ltd) HKU\S-1-5-21-2447186742-3676154164-1405930604-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd) AppInit_DLLs: c:\progra~3\flashb~1\flashb~2.dll => c:\progra~3\flashb~1\flashb~2.dll File not found AppInit_DLLs-x32: c:\progra~3\flashb~1\flashb~1.dll => "c:\progra~3\flashb~1\flashb~1.dll" File not found Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-08-09] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-08-09] ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-09] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:65425;https=127.0.0.1:65425 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2447186742-3676154164-1405930604-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKU\S-1-5-21-2447186742-3676154164-1405930604-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2447186742-3676154164-1405930604-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c HKU\S-1-5-21-2447186742-3676154164-1405930604-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006 HKU\S-1-5-21-2447186742-3676154164-1405930604-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrPzQENNZPocWTwQ6NbMwwuoe_yDskTEHbbrdEsx51shnkTBINi-4YWA-NeYT5wlrxD7mQACqfwR0_Wk6VznF3pOn2JkrUVTrm-27R9VXhFgz3TjqhzX5L9bU9pp9capvahvGCrY2Of1ttCwQoyPg3lxUyw,,&q={searchTerms} SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrPzQENNZPocWTwQ6NbMwwuoe_yDskTEHbbrdEsx51shnkTBINi-4YWA-NeYT5wlrxD7mQACqfwR0_Wk6VznF3pOn2JkrUVTrm-27R9VXhFgz3TjqhzX5L9bU9pp9capvahvGCrY2Of1ttCwQoyPg3lxUyw,,&q={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2447186742-3676154164-1405930604-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKU\S-1-5-21-2447186742-3676154164-1405930604-1001 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrPzQENNZPocWTwQ6NbMwwuoe_yDskTEHbbrdEsx51shnkTBINi-4YWA-NeYT5wlrxD7mQACqfwR0_Wk6VznF3pOn2JkrUVTrm-27R9VXhFgz3TjqhzX5L9bU9pp9capvahvGCrY2Of1ttCwQoyPg3lxUyw,,&q={searchTerms} SearchScopes: HKU\S-1-5-21-2447186742-3676154164-1405930604-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-09] (AVAST Software) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-09] (AVAST Software) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-05-13] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-07-21] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-07-21] (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254 Tcpip\..\Interfaces\{B742EF64-B5E9-4950-AB23-ADB14A7FBB58}: [NameServer] 82.163.143.152,82.163.142.154 Tcpip\..\Interfaces\{B742EF64-B5E9-4950-AB23-ADB14A7FBB58}: [DhcpNameServer] 40.42.1.201 Tcpip\..\Interfaces\{C43087DB-D871-4E33-B86F-B16292DA0C84}: [NameServer] 82.163.143.152,82.163.142.154 Tcpip\..\Interfaces\{E2A3490F-386B-4AA6-A031-7953C8BF86C5}: [NameServer] 82.163.143.152,82.163.142.154 Tcpip\..\Interfaces\{E2A3490F-386B-4AA6-A031-7953C8BF86C5}: [DhcpNameServer] 192.168.1.254 192.168.1.254 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-07-21] () FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-07-21] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-09] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-03-11] Chrome: ======= CHR Profile: C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-11] CHR Extension: (Google Docs) - C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-11] CHR Extension: (Google Drive) - C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-11] CHR Extension: (Skype Calling) - C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-07-21] CHR Extension: (YouTube) - C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-11] CHR Extension: (Adblock Plus) - C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-21] CHR Extension: (Google Search) - C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-11] CHR Extension: (Google Sheets) - C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-11] CHR Extension: (Universe) - C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcicgpahfpikagbhofhehldknadneld [2015-07-11] CHR Extension: (Adblock Super) - C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-08-12] CHR Extension: (Chrome Web Store Payments) - C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-11] CHR Extension: (Gmail) - C:\Users\MateuszK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-11] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-09] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-09] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-09] (Avast Software) S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-11] (Broadcom Corporation.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-06-30] () R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-07-21] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R2 SjnjRsJv; C:\ProgramData\qwUNTL\SjnjRsJv.exe [2732800 2015-08-10] (Valid Applications) R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2014-08-05] (Toshiba Europe GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-09] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-09] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-09] (AVAST Software) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-03-11] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7545008 2015-03-11] (Broadcom Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.) R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-09] (AVAST Software) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [293592 2014-02-11] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-10] (Windows (R) Win 7 DDK provider) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-09] (Avast Software) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-13 23:53 - 2015-08-14 11:36 - 00000000 ____D C:\Users\MateuszK\AppData\Local\FinanceAlert 2015-08-13 23:28 - 2015-08-13 23:28 - 00029367 _____ C:\Users\MateuszK\Downloads\FRST.txt 2015-08-13 23:22 - 2015-08-13 23:24 - 00029391 _____ C:\Users\MateuszK\Downloads\Addition.txt 2015-08-13 23:20 - 2015-08-14 11:41 - 00000000 ____D C:\FRST 2015-08-13 23:07 - 2015-08-13 23:07 - 00000000 ____D C:\Users\MateuszK\AppData\Local\Apps\2.0 2015-08-13 16:16 - 2015-08-08 14:55 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-13 16:16 - 2015-08-08 14:55 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-13 16:09 - 2015-08-13 23:46 - 00000000 ____D C:\AdwCleaner 2015-08-13 16:08 - 2015-08-13 16:08 - 02248704 _____ C:\Users\MateuszK\Downloads\AdwCleaner.exe 2015-08-12 16:33 - 2015-07-30 15:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 16:33 - 2015-07-30 14:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 11:31 - 2015-08-13 23:47 - 00000580 _____ C:\Windows\setupact.log 2015-08-12 11:31 - 2015-08-13 23:41 - 00007424 _____ C:\Windows\PFRO.log 2015-08-12 11:31 - 2015-08-12 11:31 - 00000000 _____ C:\Windows\setuperr.log 2015-08-12 08:21 - 2015-08-12 08:21 - 00042657 _____ C:\Users\MateuszK\Downloads\[kat.cr]the.avengers.2012.1080p.bluray.dts.x264.publichd.torrent 2015-08-12 08:20 - 2015-08-12 08:20 - 00021032 _____ C:\Users\MateuszK\Downloads\[kat.cr]the.avengers.2012.720p.bluray.x264.yify.torrent 2015-08-12 08:20 - 2015-08-12 08:20 - 00012394 _____ C:\Users\MateuszK\Downloads\[kat.cr]the.avengers.2012.3d.brrip.x264.2.30.gb.yify.torrent 2015-08-12 08:06 - 2015-08-12 08:23 - 2070721687 _____ C:\Users\MateuszK\Downloads\Avengers Age of Ultron - (2015) - (720p) - [HDTS] - Makintos13.mkv 2015-08-12 08:06 - 2015-08-12 08:06 - 00020542 _____ C:\Users\MateuszK\Downloads\[kat.cr]avengers.age.of.ultron.2015.720p.hdts.makintos13.torrent 2015-08-12 07:02 - 2015-07-19 02:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-12 07:02 - 2015-07-18 19:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-12 07:02 - 2015-07-18 19:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-12 07:02 - 2015-07-18 19:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-12 07:02 - 2015-07-18 19:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-12 07:02 - 2015-07-18 19:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-08-12 07:02 - 2015-07-18 19:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-12 07:02 - 2015-07-18 19:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-12 07:02 - 2015-07-18 19:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-12 07:02 - 2015-07-18 19:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-12 07:02 - 2015-07-18 19:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-12 07:02 - 2015-07-18 19:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-12 07:02 - 2015-07-09 19:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-08-12 07:02 - 2015-06-27 04:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-08-12 07:02 - 2015-06-27 04:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-08-12 07:02 - 2015-06-27 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-08-12 07:01 - 2015-07-16 22:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-08-12 07:01 - 2015-07-16 21:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-08-12 07:01 - 2015-07-16 21:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-08-12 07:01 - 2015-07-16 21:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-08-12 07:01 - 2015-07-16 21:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-08-12 07:01 - 2015-07-16 21:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-08-12 07:01 - 2015-07-16 21:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-08-12 07:01 - 2015-07-16 21:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-08-12 07:01 - 2015-07-16 20:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-08-12 07:01 - 2015-07-16 20:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-08-12 07:01 - 2015-07-16 20:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-08-12 07:01 - 2015-07-16 20:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-08-12 07:01 - 2015-07-16 20:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-08-12 07:01 - 2015-07-16 20:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-08-12 07:01 - 2015-07-16 20:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-08-12 07:01 - 2015-07-16 20:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-08-12 07:01 - 2015-07-16 20:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-08-12 07:01 - 2015-07-16 20:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-08-12 07:01 - 2015-07-16 20:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-08-12 07:01 - 2015-07-16 20:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-08-12 07:01 - 2015-07-16 20:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-08-12 07:01 - 2015-07-16 20:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-08-12 07:01 - 2015-07-16 20:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-08-12 07:01 - 2015-07-16 20:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-08-12 07:01 - 2015-07-16 20:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-08-12 07:01 - 2015-07-16 20:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-08-12 07:01 - 2015-07-16 19:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-08-12 07:01 - 2015-07-16 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-08-12 07:01 - 2015-07-16 19:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-08-12 07:01 - 2015-07-16 19:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-08-12 07:01 - 2015-07-16 19:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-08-12 06:59 - 2015-07-16 01:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-08-12 06:59 - 2015-07-16 01:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-08-12 06:59 - 2015-07-16 01:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-08-12 06:59 - 2015-07-16 01:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-08-12 06:59 - 2015-07-10 18:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2015-08-12 06:59 - 2015-07-07 10:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2015-08-12 06:59 - 2015-07-07 10:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2015-08-12 06:59 - 2015-07-07 10:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2015-08-12 06:59 - 2015-07-01 23:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-08-12 06:59 - 2015-07-01 23:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-08-12 06:59 - 2015-07-01 22:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2015-08-12 06:59 - 2015-07-01 22:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2015-08-12 06:58 - 2015-07-29 15:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-08-12 06:58 - 2015-07-29 15:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-08-12 06:58 - 2015-07-29 15:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-08-12 06:58 - 2015-07-24 19:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-08-12 06:58 - 2015-07-24 19:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-08-12 06:58 - 2015-07-24 19:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-08-12 06:58 - 2015-07-24 18:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-08-12 06:58 - 2015-07-24 18:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-08-12 06:58 - 2015-07-14 04:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-08-12 06:58 - 2015-07-14 04:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-08-12 06:58 - 2015-07-13 20:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-08-12 06:58 - 2015-07-13 20:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2015-08-12 06:58 - 2015-07-10 19:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2015-08-12 06:58 - 2015-07-10 18:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-08-12 06:58 - 2015-07-10 18:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2015-08-12 06:58 - 2015-07-10 18:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-08-12 06:58 - 2015-07-10 17:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-08-12 06:58 - 2015-07-10 17:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-08-12 06:58 - 2015-07-09 18:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-08-12 06:58 - 2015-07-09 18:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-08-12 06:58 - 2015-07-09 17:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2015-08-12 06:58 - 2015-05-12 01:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-08-11 01:37 - 2015-08-11 02:26 - 4040090753 _____ C:\Users\MateuszK\Downloads\Captain.America.The.Winter.Soldier.2014.BDRip.1080p.Rus.Eng.mkv 2015-08-11 01:36 - 2015-08-11 01:36 - 00020816 _____ C:\Users\MateuszK\Downloads\[kat.cr]captain.america.the.winter.soldier.2014.bdrip.1080p.torrent 2015-08-10 10:30 - 2015-08-10 10:30 - 00000000 ____D C:\Windows\SysWOW64\vbox 2015-08-10 10:30 - 2015-08-10 10:30 - 00000000 ____D C:\Windows\system32\vbox 2015-08-10 00:21 - 2015-08-10 00:21 - 00000000 ____D C:\ProgramData\qwUNTL 2015-08-09 23:28 - 2015-08-14 11:25 - 00942002 _____ C:\Windows\WindowsUpdate.log 2015-08-09 22:36 - 2015-08-09 22:36 - 00002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2015-08-09 22:36 - 2015-08-09 22:36 - 00002304 _____ C:\Users\Public\Desktop\WinZip.lnk 2015-08-09 22:36 - 2015-08-09 22:36 - 00000000 ____D C:\Users\MateuszK\AppData\Local\WinZip 2015-08-09 22:36 - 2015-08-09 22:36 - 00000000 ____D C:\ProgramData\WinZip 2015-08-09 22:36 - 2015-08-09 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2015-08-09 22:35 - 2015-08-09 22:36 - 00000000 ____D C:\Program Files\WinZip 2015-08-09 22:24 - 2015-08-09 22:24 - 00000000 ____D C:\ProgramData\TOSHIBA Tempro 2015-08-09 22:24 - 2015-08-09 22:24 - 00000000 ____D C:\ProgramData\IsolatedStorage 2015-08-09 21:56 - 2015-08-09 21:56 - 00001949 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2015-08-09 21:56 - 2015-08-09 21:56 - 00000000 ____D C:\Users\MateuszK\AppData\Roaming\AVAST Software 2015-08-09 21:56 - 2015-08-09 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-08-09 21:55 - 2015-08-13 21:55 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2015-08-09 21:55 - 2015-08-09 21:55 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2015-08-09 21:55 - 2015-08-09 21:55 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-08-09 21:55 - 2015-08-09 21:55 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2015-08-09 21:55 - 2015-08-09 21:55 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-08-09 21:55 - 2015-08-09 21:55 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys 2015-08-09 21:55 - 2015-08-09 21:55 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-08-09 21:55 - 2015-08-09 21:55 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-08-09 21:55 - 2015-08-09 21:55 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2015-08-09 21:55 - 2015-08-09 21:55 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-08-09 21:55 - 2015-08-09 21:55 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2015-08-09 21:55 - 2015-08-09 21:55 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-08-09 21:52 - 2015-08-09 21:52 - 00000000 ____D C:\Program Files\AVAST Software 2015-08-09 21:51 - 2015-08-09 21:51 - 05481344 _____ (Avast Software s.r.o.) C:\Users\MateuszK\Downloads\avast_free_antivirus_setup_online_dobreprogramy.exe 2015-08-09 21:51 - 2015-08-09 21:51 - 00000000 ____D C:\ProgramData\AVAST Software 2015-08-09 21:42 - 2015-08-09 21:42 - 00002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-08-09 21:42 - 2015-08-09 21:42 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-08-09 21:42 - 2015-08-09 21:42 - 00000000 ____D C:\Program Files\CCleaner 2015-08-09 21:41 - 2015-08-09 21:41 - 06609608 _____ (Piriform Ltd) C:\Users\MateuszK\Downloads\ccsetup508.exe 2015-08-09 21:41 - 2015-08-09 21:41 - 00000258 __RSH C:\ProgramData\ntuser.pol 2015-08-09 21:40 - 2015-08-09 21:40 - 00802490 _____ C:\Users\MateuszK\Downloads\CCleaner-13061-dp.zip 2015-08-09 21:22 - 2015-08-09 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja 2015-08-09 21:16 - 2015-08-14 00:21 - 00000354 ____H C:\Windows\Tasks\NORWEWCFAEIREHUG.job 2015-08-09 21:16 - 2015-08-13 23:47 - 00000342 _____ C:\Windows\Tasks\EKTCHDIZSV1.job 2015-08-09 21:16 - 2015-08-09 21:16 - 00003368 _____ C:\Windows\System32\Tasks\NORWEWCFAEIREHUG 2015-08-09 21:16 - 2015-08-09 21:16 - 00002856 _____ C:\Windows\System32\Tasks\EKTCHDIZSV1 2015-08-09 21:16 - 2015-08-09 21:16 - 00000000 ____D C:\ProgramData\Service1291 2015-08-09 21:16 - 2015-08-09 21:16 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e 2015-08-09 21:16 - 2015-08-09 21:16 - 00000000 _____ C:\dummy.htm 2015-08-09 21:13 - 2015-08-09 21:13 - 00000000 ____D C:\Windows\wb 2015-08-09 20:56 - 2015-08-10 00:39 - 00000000 ____D C:\Program Files (x86)\F093FD3A-1439150210-3E4C-9C1E-3DA9C5C2584F 2015-08-09 20:55 - 2015-08-09 20:55 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-08-09 20:50 - 2015-08-09 20:50 - 00000000 ____D C:\Users\MateuszK\AppData\Roaming\Mozilla 2015-08-09 20:49 - 2015-08-09 20:58 - 00000000 ____D C:\Users\MateuszK\AppData\Roaming\Opera Software 2015-08-09 20:49 - 2015-08-09 20:58 - 00000000 ____D C:\Users\MateuszK\AppData\Local\Opera Software 2015-08-09 20:49 - 2015-08-09 20:49 - 00003490 _____ C:\Windows\System32\Tasks\snp 2015-08-09 20:49 - 2015-08-09 20:49 - 00003130 _____ C:\Windows\System32\Tasks\snf 2015-08-09 20:49 - 2015-08-09 20:49 - 00002385 _____ C:\Windows\SysWOW64\findit.xml 2015-08-09 20:49 - 2015-08-09 20:49 - 00000000 ____D C:\ProgramData\RemoteSavers 2015-08-09 20:48 - 2015-08-09 20:58 - 00000000 ____D C:\Program Files (x86)\Opera 2015-08-09 20:48 - 2015-08-09 20:54 - 00000000 ____D C:\ProgramData\RemoteSaver 2015-08-09 20:47 - 2015-08-13 16:11 - 00000000 ____D C:\Program Files\Controller 2015-08-09 20:47 - 2015-08-09 20:57 - 00000000 ____D C:\Users\MateuszK\AppData\Roaming\Baidu 2015-08-09 20:47 - 2015-08-09 20:57 - 00000000 ____D C:\Program Files (x86)\baidu 2015-08-09 20:47 - 2015-08-09 20:47 - 00000000 ____D C:\Users\MateuszK\AppData\Local\WinHTTPWeb 2015-08-09 20:47 - 2015-08-09 20:47 - 00000000 ____D C:\ProgramData\Baidu 2015-08-09 20:46 - 2015-08-13 23:09 - 00000000 ____D C:\ProgramData\ToolsUpdatePlatform 2015-08-09 20:46 - 2015-08-09 20:46 - 00000000 ____D C:\Users\Public\Documents\PC Faster 2015-08-09 20:46 - 2015-08-09 20:46 - 00000000 ____D C:\Users\Public\Documents\Guid 2015-08-09 20:46 - 2015-08-09 20:46 - 00000000 ____D C:\Users\Public\Documents\Baidu 2015-08-09 20:46 - 2015-08-09 20:46 - 00000000 ____D C:\Users\MateuszK\AppData\Local\MiniService 2015-08-09 20:44 - 2015-08-10 14:58 - 00000000 ____D C:\Program Files (x86)\F093FD3A-1439149499-3E4C-9C1E-3DA9C5C2584F 2015-08-09 20:44 - 2015-08-09 20:44 - 00000000 ____D C:\Program Files (x86)\mbot_gb_014010056 2015-08-09 20:16 - 2015-08-09 20:46 - 00000000 ____D C:\Users\MateuszK\Downloads\The Perks of Being a Wallflower (2012) BDrip XviD ENG-ITA - Noi Siamo Infinito 2015-08-09 01:03 - 2015-08-09 01:03 - 00000000 ___HD C:\Users\MateuszK\AppData\Local\253cbae829d7ca8d 2015-08-03 16:30 - 2015-08-03 16:30 - 00014842 _____ C:\Users\MateuszK\Desktop\OLA LETTER COVER.odt 2015-08-02 15:03 - 2015-08-09 01:03 - 00000098 _____ C:\Users\MateuszK\AppData\Roaming\WB.CFG 2015-08-02 14:06 - 2015-08-12 23:09 - 00000000 ____D C:\Users\MateuszK\AppData\Roaming\vlc 2015-08-02 14:06 - 2015-08-02 14:06 - 00000898 _____ C:\Users\Public\Desktop\VLC media player.lnk 2015-08-02 14:06 - 2015-08-02 14:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-08-02 14:05 - 2015-08-02 14:05 - 00000000 ____D C:\Program Files\VideoLAN 2015-08-02 14:03 - 2015-08-02 14:03 - 29833438 _____ C:\Users\MateuszK\Downloads\vlc-2.2.1-win64.exe 2015-08-02 14:02 - 2015-08-02 14:02 - 00802523 _____ C:\Users\MateuszK\Downloads\VLC-media-player-13060-dp.zip 2015-08-02 13:49 - 2015-08-02 13:49 - 00000000 ____D C:\Users\MateuszK\Documents\CyberLink 2015-08-02 13:49 - 2015-08-02 13:49 - 00000000 ____D C:\Users\MateuszK\AppData\Roaming\CyberLink 2015-08-02 13:49 - 2015-08-02 13:49 - 00000000 ____D C:\Users\MateuszK\AppData\Local\CyberLink 2015-08-02 13:31 - 2015-08-02 13:47 - 00000000 ____D C:\Users\MateuszK\Downloads\Tomorrowland 2015 HDTS x264 AC3-CPG 2015-08-01 16:45 - 2015-08-01 16:49 - 00000000 ____D C:\Users\MateuszK\Downloads\Heroes.of.Might.and.Magic.III.Gold.Edition.PL-Tenguken 2015-07-31 01:14 - 2015-07-31 01:14 - 00000000 ____D C:\Users\MateuszK\AppData\Roaming\NapiProjekt 2015-07-31 01:14 - 2015-07-31 01:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt 2015-07-31 01:14 - 2015-07-31 01:14 - 00000000 ____D C:\Program Files (x86)\NapiProjekt 2015-07-31 01:12 - 2015-07-31 01:12 - 09391243 _____ C:\Users\MateuszK\Downloads\setup.zip 2015-07-29 16:03 - 2015-07-29 16:03 - 00000000 ____D C:\Users\MateuszK\AppData\Local\CEF 2015-07-26 22:22 - 2015-08-01 16:54 - 00000000 ____D C:\Users\MateuszK\Downloads\True Story (2015) 2015-07-22 11:18 - 2015-07-22 11:18 - 00001839 _____ C:\Users\MateuszK\Desktop\Spotify.lnk 2015-07-22 11:18 - 2015-07-22 11:18 - 00001825 _____ C:\Users\MateuszK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-07-22 11:17 - 2015-07-22 11:17 - 00146080 _____ (Spotify Ltd) C:\Users\MateuszK\Downloads\SpotifySetup.exe 2015-07-21 19:09 - 2015-07-31 01:42 - 00003348 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare) 2015-07-21 19:09 - 2015-07-21 19:09 - 00000000 ____D C:\Program Files\Common Files\AV 2015-07-21 15:43 - 2015-08-09 20:53 - 00000000 ____D C:\Users\MateuszK\AppData\Local\SkypePlugin 2015-07-21 15:42 - 2015-07-21 15:43 - 06344704 _____ C:\Users\MateuszK\Downloads\SkypeWebPlugin.msi 2015-07-20 17:13 - 2015-08-03 15:53 - 00050812 _____ C:\Users\MateuszK\Downloads\OlaCV.odt 2015-07-20 17:09 - 2015-07-21 14:33 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-07-20 17:09 - 2015-07-21 14:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-20 17:09 - 2015-07-21 14:20 - 00000000 ____D C:\ProgramData\Adobe 2015-07-20 17:09 - 2015-07-20 17:09 - 00002038 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2015-07-20 17:09 - 2015-07-20 17:09 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-07-20 17:08 - 2015-07-20 17:11 - 00000000 ____D C:\Users\MateuszK\AppData\Local\Adobe 2015-07-20 17:06 - 2015-07-20 17:06 - 00000000 ____D C:\Users\MateuszK\AppData\Roaming\OpenOffice 2015-07-20 17:05 - 2015-07-20 17:05 - 00001158 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk 2015-07-20 17:05 - 2015-07-20 17:05 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2015-07-20 17:03 - 2015-07-20 17:04 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2015-07-20 17:00 - 2015-07-20 17:00 - 00000000 ____D C:\Users\MateuszK\Desktop\OpenOffice 4.1.1 (pl) Installation Files 2015-07-20 16:57 - 2015-07-20 16:59 - 131579802 _____ C:\Users\MateuszK\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_pl.exe 2015-07-20 16:43 - 2015-07-20 16:43 - 00000000 ____D C:\Users\MateuszK\Tracing 2015-07-20 16:42 - 2015-07-20 16:42 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-07-20 16:42 - 2015-07-20 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-07-20 13:51 - 2015-07-20 13:51 - 00000000 ____D C:\Gry 2015-07-20 13:50 - 2015-07-20 13:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-07-18 21:59 - 2015-07-18 21:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-07-17 01:54 - 2015-07-17 01:55 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-07-16 02:23 - 2015-06-28 06:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-07-16 02:23 - 2015-06-28 06:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-07-16 02:23 - 2015-06-28 06:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-07-16 02:23 - 2015-06-27 17:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-07-16 02:23 - 2015-06-27 04:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-07-16 02:23 - 2015-06-27 04:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-07-16 02:23 - 2015-06-27 04:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-07-16 02:23 - 2015-06-27 03:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-07-16 02:23 - 2015-06-27 02:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-07-16 02:22 - 2015-06-28 06:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-07-16 02:22 - 2015-06-27 03:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-07-16 02:22 - 2015-06-27 03:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-07-16 02:22 - 2015-06-27 02:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-07-16 02:22 - 2015-06-15 23:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-07-16 02:22 - 2015-06-15 23:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-07-16 02:22 - 2015-06-15 22:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2015-07-16 02:22 - 2015-06-15 22:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-07-16 02:22 - 2015-06-15 21:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-07-16 02:22 - 2015-06-15 20:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-07-16 02:22 - 2015-05-30 22:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2015-07-16 02:22 - 2015-05-30 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-07-16 02:22 - 2015-05-30 20:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-07-16 02:22 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll 2015-07-16 02:20 - 2015-06-15 23:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-07-16 02:20 - 2015-06-15 23:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2015-07-16 02:20 - 2015-06-15 22:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-07-16 02:20 - 2015-06-15 22:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-07-16 02:20 - 2015-06-15 22:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-07-16 02:20 - 2015-06-15 22:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-07-16 02:20 - 2015-06-15 21:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2015-07-16 02:20 - 2015-06-15 21:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-07-16 02:20 - 2015-06-15 21:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-07-16 02:20 - 2015-06-15 21:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-07-16 02:20 - 2015-06-15 21:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-07-16 02:20 - 2015-06-15 21:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-07-16 02:20 - 2015-06-15 21:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-07-16 02:20 - 2015-06-15 21:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-07-16 02:18 - 2015-06-16 06:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-07-16 02:18 - 2015-06-16 06:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2015-07-16 02:18 - 2015-06-11 04:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-07-16 02:18 - 2015-06-10 17:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-07-16 02:18 - 2015-05-07 17:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-07-16 02:18 - 2015-03-11 02:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-07-16 02:18 - 2015-03-11 02:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-14 11:41 - 2015-07-11 05:14 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0DAE6845-6601-4CC5-A01D-557DAA0483E8} 2015-08-14 11:35 - 2014-09-10 00:39 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-14 11:22 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru 2015-08-14 00:24 - 2015-07-10 17:27 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2447186742-3676154164-1405930604-1001 2015-08-13 23:47 - 2014-09-10 00:39 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-13 23:47 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-13 23:46 - 2015-03-11 03:01 - 02198164 _____ C:\Users\Public\CAFADEBUG.log 2015-08-13 16:37 - 2015-07-11 14:08 - 00002192 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-08-13 16:14 - 2013-08-22 15:44 - 00361808 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-13 16:13 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-08-13 16:12 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-13 16:12 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-13 16:12 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-13 16:12 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-13 16:12 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\en-GB 2015-08-13 16:12 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender 2015-08-13 16:12 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-08-12 23:07 - 2015-07-11 15:28 - 00000000 ____D C:\Users\MateuszK\AppData\Local\Spotify 2015-08-12 22:57 - 2015-07-11 15:28 - 00000000 ____D C:\Users\MateuszK\AppData\Roaming\Spotify 2015-08-12 16:34 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2015-08-12 13:58 - 2015-07-14 03:13 - 00000000 ____D C:\Windows\system32\MRT 2015-08-12 13:52 - 2015-07-14 03:12 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-12 11:36 - 2014-05-06 08:45 - 00310844 _____ C:\Windows\system32\perfh01D.dat 2015-08-12 11:36 - 2014-05-06 08:45 - 00046688 _____ C:\Windows\system32\perfc01D.dat 2015-08-12 11:36 - 2014-05-06 08:24 - 00315174 _____ C:\Windows\system32\perfh014.dat 2015-08-12 11:36 - 2014-05-06 08:24 - 00046540 _____ C:\Windows\system32\perfc014.dat 2015-08-12 11:36 - 2014-05-06 08:03 - 00297010 _____ C:\Windows\system32\perfh00B.dat 2015-08-12 11:36 - 2014-05-06 08:03 - 00048606 _____ C:\Windows\system32\perfc00B.dat 2015-08-12 11:36 - 2014-05-06 07:43 - 00322714 _____ C:\Windows\system32\perfh006.dat 2015-08-12 11:36 - 2014-05-06 07:43 - 00049112 _____ C:\Windows\system32\perfc006.dat 2015-08-12 11:36 - 2014-03-18 16:25 - 02278704 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-12 11:31 - 2015-03-11 03:20 - 00000000 ____D C:\Program Files (x86)\McAfee 2015-08-12 11:30 - 2015-07-12 22:29 - 00000000 ____D C:\Users\MateuszK\AppData\Roaming\uTorrent 2015-08-12 11:23 - 2015-03-11 03:20 - 00000000 ____D C:\Program Files\Common Files\McAfee 2015-08-11 11:03 - 2015-03-11 03:20 - 00000000 ____D C:\ProgramData\McAfee 2015-08-11 10:09 - 2015-07-11 07:38 - 00003064 _____ C:\Windows\System32\Tasks\McAfeeLogon 2015-08-11 10:09 - 2015-07-11 07:38 - 00000000 ____D C:\Windows\System32\Tasks\McAfee 2015-08-10 00:24 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports 2015-08-09 22:31 - 2015-07-11 18:45 - 00000000 ____D C:\Users\MateuszK\AppData\Roaming\Skype 2015-08-09 22:28 - 2014-09-10 00:40 - 00000000 ____D C:\ProgramData\Skype 2015-08-09 21:43 - 2014-09-11 00:40 - 00000000 ____D C:\Windows\Panther 2015-08-09 21:41 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-08-09 21:41 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2015-08-09 20:58 - 2015-07-11 05:14 - 00000000 __SHD C:\Users\MateuszK\AppData\Local\EmieUserList 2015-08-09 20:58 - 2015-07-11 05:14 - 00000000 __SHD C:\Users\MateuszK\AppData\Local\EmieSiteList 2015-08-09 20:49 - 2015-07-10 17:20 - 00001481 _____ C:\Users\MateuszK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-08-08 21:24 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2015-08-06 17:08 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2015-08-02 13:49 - 2015-03-11 03:01 - 00000000 ____D C:\ProgramData\CyberLink 2015-07-22 00:15 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2015-07-21 12:26 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-07-20 17:11 - 2015-07-10 17:20 - 00000000 ____D C:\Users\MateuszK\AppData\Roaming\Adobe 2015-07-20 16:43 - 2015-07-10 17:20 - 00000000 ____D C:\Users\MateuszK 2015-07-20 13:55 - 2013-08-22 12:22 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2015-07-20 13:55 - 2013-08-22 12:22 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe 2015-07-20 13:55 - 2013-08-22 12:17 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll 2015-07-20 13:55 - 2013-08-22 12:17 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll 2015-07-20 13:55 - 2013-08-22 12:17 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll 2015-07-20 13:55 - 2013-08-22 04:56 - 00377856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll 2015-07-20 13:55 - 2013-08-22 04:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe 2015-07-20 13:55 - 2013-08-22 04:51 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll 2015-07-20 13:55 - 2013-08-22 04:51 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll 2015-07-20 13:55 - 2013-08-22 04:51 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll 2015-07-18 23:41 - 2014-09-10 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-07-17 01:59 - 2014-03-18 16:00 - 00000000 ____D C:\Windows\SysWOW64\winrm 2015-07-17 01:59 - 2014-03-18 16:00 - 00000000 ____D C:\Windows\SysWOW64\WCN 2015-07-17 01:59 - 2014-03-18 16:00 - 00000000 ____D C:\Windows\SysWOW64\slmgr 2015-07-17 01:59 - 2014-03-18 16:00 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts 2015-07-17 01:59 - 2014-03-18 16:00 - 00000000 ____D C:\Windows\system32\winrm 2015-07-17 01:59 - 2014-03-18 16:00 - 00000000 ____D C:\Windows\system32\WCN 2015-07-17 01:59 - 2014-03-18 16:00 - 00000000 ____D C:\Windows\system32\slmgr 2015-07-17 01:59 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2015-07-17 01:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore 2015-07-17 01:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\MUI 2015-07-17 01:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Com 2015-07-17 01:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\MUI 2015-07-17 01:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\migwiz 2015-07-17 01:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-07-17 01:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\IME 2015-07-17 01:59 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2015-07-17 01:59 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System 2015-07-17 01:59 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2015-07-17 01:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\oobe 2015-07-17 01:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\Dism 2015-07-17 01:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Sysprep 2015-07-17 01:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe 2015-07-17 01:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Dism 2015-07-17 01:58 - 2014-03-18 16:00 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2015-07-17 01:58 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\SystemResetPlatform 2015-07-17 01:58 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Com 2015-07-17 01:58 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Help 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\sppui 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\setup 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\migwiz 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sr-Latn-RS 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sr-Latn-CS 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\MediaViewer 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\FileManager 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Camera 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Portable Devices 2015-07-17 01:56 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2015-07-17 01:56 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\servicing 2015-07-17 01:55 - 2013-08-22 16:36 - 00000000 ___SD C:\Windows\system32\dsc 2015-07-17 01:55 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\WinBioPlugIns 2015-07-17 01:55 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sppui 2015-07-17 01:55 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\setup 2015-07-17 01:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\InputMethod 2015-07-17 01:54 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\WindowsPowerShell 2015-07-17 01:54 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2015-07-17 01:54 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2015-07-16 01:30 - 2014-09-10 00:39 - 00004034 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-16 01:30 - 2014-09-10 00:39 - 00003798 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Files in the root of some directories ======= 2015-08-02 15:03 - 2015-08-09 01:03 - 0000098 _____ () C:\Users\MateuszK\AppData\Roaming\WB.CFG Some files in TEMP: ==================== C:\Users\MateuszK\AppData\Local\Temp\Quarantine.exe C:\Users\MateuszK\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-08-05 00:42 ==================== End of log ============================