Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
Ran by Wioleta (administrator) on TADZIK (16-08-2015 14:03:22)
Running from C:\Users\Wioleta\Downloads
Loaded Profiles: Wioleta (Available Profiles: Wioleta)
Platform: Windows 8.1 (X64) Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Google Inc.) C:\Users\Wioleta\AppData\Local\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Users\Wioleta\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Wioleta\AppData\Local\Google\Chrome\Application\chrome.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Google Inc.) C:\Users\Wioleta\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Wioleta\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3940040 2015-06-12] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [PHEW06EN] => "C:\Program Files (x86)\ACD Systems\ACDSee Photo Editor 6\PhotoEditorInTouch2.exe" /pid PHEW06EN
HKLM-x32\...\Run: [Audioteka] => C:\Program Files (x86)\Audioteka.pl\Audioteka.exe [2300064 2012-08-09] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3281234712-2478978767-3473656501-1001\...\Run: [Google Update] => C:\Users\Wioleta\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-03] (Google Inc.)
HKU\S-1-5-21-3281234712-2478978767-3473656501-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3281234712-2478978767-3473656501-1001\...\Run: [GoogleChromeAutoLaunch_DBECAF7C245B528725C80B0CDCC0F80D] => C:\Users\Wioleta\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
HKU\S-1-5-21-3281234712-2478978767-3473656501-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3281234712-2478978767-3473656501-1001\...\MountPoints2: {63c61a6c-fb96-11e4-bf16-50b7c3f29cb1} - "D:\AutoRun.exe" 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3281234712-2478978767-3473656501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-is__alt__ddc_dsssyc_bd_com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150406
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3281234712-2478978767-3473656501-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-is__alt__ddc_dsssyc_bd_com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3281234712-2478978767-3473656501-1001 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-12-05] (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{D140FA59-9442-4883-BC69-EED767EDAACE}: [DhcpNameServer] 192.168.8.1 192.168.8.1

FireFox:
========
FF ProfilePath: C:\Users\Wioleta\AppData\Roaming\Mozilla\Firefox\Profiles\c2wp0hjf.default
FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=bl-bfr-is__alt__ddc_dsssyctab_bd_com
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bl-bfr-is__alt__ddc_dsssyc_bd_com
FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bfr-is__alt__ddc_dss_bd_com&p={searchTerms}
FF Plugin-x32: @audioteka.pl/Audioteka.pl,version=1.0.0.1 -> C:\Program Files (x86)\Audioteka.pl\Plugins\npaudiotekadesktop.dll [2012-08-09] (Audioteka.pl)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3281234712-2478978767-3473656501-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Wioleta\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-3281234712-2478978767-3473656501-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Wioleta\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-19] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Wioleta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Wioleta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-10]
CHR Extension: (Google Docs) - C:\Users\Wioleta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-03]
CHR Extension: (Google Drive) - C:\Users\Wioleta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-03]
CHR Extension: (YouTube) - C:\Users\Wioleta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-03]
CHR Extension: (Google Search) - C:\Users\Wioleta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-03]
CHR Extension: (Google Sheets) - C:\Users\Wioleta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-10]
CHR Extension: (Hangouts) - C:\Users\Wioleta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-06-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Wioleta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Gmail) - C:\Users\Wioleta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171664 2012-11-06] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1591176 2012-11-30] (Samsung Electronics CO., LTD.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246464 2015-06-12] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-22] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-04-06] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S0 is3srv; SySWOW64\drivers\is3srv64.sys [X]
S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X]
S0 szkg5; SySWOW64\drivers\szkg64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-16 13:50 - 2015-08-16 13:50 - 00000000 ___RD C:\Users\Wioleta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-08-16 13:44 - 2015-08-16 13:44 - 00619688 _____ (Duplex Secure Ltd) C:\Users\Wioleta\Downloads\SPTDinst-v187-x64 (1).exe
2015-08-16 13:44 - 2015-08-16 13:44 - 00619688 _____ (Duplex Secure Ltd) C:\Users\Wioleta\Downloads\Niepotwierdzony 262304.crdownload
2015-08-16 13:36 - 2015-08-16 13:36 - 00036912 _____ C:\Users\Wioleta\Downloads\Addition.txt
2015-08-16 13:35 - 2015-08-16 14:03 - 00015670 _____ C:\Users\Wioleta\Downloads\FRST.txt
2015-08-16 13:35 - 2015-08-16 14:03 - 00000000 ____D C:\FRST
2015-08-16 13:34 - 2015-08-16 13:34 - 02173952 _____ (Farbar) C:\Users\Wioleta\Downloads\FRST64.exe
2015-08-16 13:17 - 2015-08-16 13:47 - 00643418 _____ C:\WINDOWS\PFRO.log
2015-08-16 13:14 - 2015-08-16 13:16 - 00004703 _____ C:\AdwCleaner[C1].txt
2015-08-16 13:11 - 2015-08-16 13:14 - 00000000 ____D C:\AdwCleaner
2015-08-16 13:11 - 2015-08-16 13:13 - 00021719 _____ C:\AdwCleaner[S1].txt
2015-08-16 13:11 - 2015-08-16 13:11 - 01563648 _____ C:\Users\Wioleta\Downloads\adwcleaner_5.000.exe
2015-08-16 12:50 - 2015-08-16 13:47 - 00000231 _____ C:\WINDOWS\setupact.log
2015-08-16 12:50 - 2015-08-16 12:55 - 00001320 _____ C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2015-08-16 12:50 - 2015-08-16 12:50 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-16 12:25 - 2015-08-16 13:15 - 00000000 ____D C:\WINDOWS\system32\log
2015-08-16 12:22 - 2015-08-16 13:53 - 00044791 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-16 12:21 - 2015-08-16 12:21 - 00875472 _____ () C:\Users\Wioleta\Downloads\yet_another_cleaner_sk_7449892.exe
2015-08-16 12:00 - 2015-08-16 12:01 - 00001720 _____ C:\WINDOWS\SysWOW64\Drivers\kgpfr2.cfg
2015-08-16 11:57 - 2015-08-16 13:01 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-08-16 11:53 - 2015-08-16 11:53 - 02124768 _____ (iS3, Inc.) C:\Users\Wioleta\Downloads\STOPzillaASM_Setup.exe
2015-08-16 11:27 - 2015-08-16 11:29 - 39327864 _____ C:\Users\Wioleta\Downloads\360TS_Setup_7.2.0.1052.exe
2015-08-16 10:23 - 2015-08-16 10:23 - 00000000 _____ C:\autoexec.bat
2015-08-16 10:19 - 2015-08-16 10:20 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Wioleta\Downloads\SpyHunter-Installer.exe
2015-08-12 21:31 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 21:31 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 19:35 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 19:35 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 19:35 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 19:35 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 19:35 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 19:35 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 19:35 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 19:35 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 19:35 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 19:35 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 19:35 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 19:35 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 19:35 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 19:32 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 19:32 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 19:32 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 19:32 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 19:31 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 19:31 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 19:31 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 19:31 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 19:31 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 19:30 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 19:30 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 19:30 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 19:30 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 19:30 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 19:30 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 19:30 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 19:30 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-12 19:30 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 19:30 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 19:30 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 19:30 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 19:30 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 19:30 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 19:30 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-12 19:30 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 19:30 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 19:30 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 19:30 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 19:30 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 19:30 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 19:30 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 19:30 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 19:30 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 19:30 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 19:30 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 19:30 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 19:30 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 19:30 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 19:30 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 19:30 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 19:30 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 19:30 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 19:30 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 19:30 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 19:30 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 19:30 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 19:30 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 19:29 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 19:29 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 19:29 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 19:29 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 19:29 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 19:29 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 19:29 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 19:28 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 19:28 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 19:28 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 19:28 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 19:28 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 19:28 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 19:28 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 19:28 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 19:28 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 19:28 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 19:28 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 19:28 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 19:28 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 19:28 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 19:27 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 19:27 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 19:27 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 19:27 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 19:27 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 19:27 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 19:27 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 19:27 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-12 19:27 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 19:27 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 19:27 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-09 14:45 - 2015-08-09 14:45 - 00000000 ____D C:\ProgramData\Brother
2015-08-09 12:04 - 2015-08-09 12:04 - 00000000 ____D C:\Users\Wioleta\Downloads\32_64
2015-08-09 12:04 - 2014-10-31 06:04 - 00180224 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BROSNMP.DLL
2015-08-09 12:04 - 2014-10-31 06:04 - 00077824 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BRLMW03A.DLL
2015-08-09 12:04 - 2014-10-31 06:04 - 00045056 _____ C:\WINDOWS\SysWOW64\BRTCPCON.DLL
2015-08-09 12:04 - 2014-10-31 06:04 - 00025299 _____ (Brother Industries, Ltd) C:\WINDOWS\SysWOW64\BRLM03A.DLL
2015-08-09 12:04 - 2014-10-31 06:04 - 00000114 _____ C:\WINDOWS\SysWOW64\BRLMW03A.INI
2015-08-09 12:04 - 2014-10-31 06:03 - 00000050 _____ C:\WINDOWS\system32\BRADM13A.DAT
2015-08-09 12:04 - 2014-10-30 18:07 - 00227840 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BRCOM13A.DLL
2015-08-09 12:03 - 2015-08-09 12:04 - 17905312 _____ (A.I.SOFT,INC.) C:\Users\Wioleta\Downloads\Y14A_C1-hostm-170 (1).EXE
2015-08-09 12:00 - 2015-08-09 12:01 - 17905312 _____ (A.I.SOFT,INC.) C:\Users\Wioleta\Downloads\Y14A_C1-hostm-170.EXE
2015-07-19 13:11 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-07-19 03:00 - 2015-07-19 03:00 - 00002998 _____ C:\WINDOWS\System32\Tasks\SUPatchForW10Up

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-16 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-16 13:54 - 2013-07-03 20:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3281234712-2478978767-3473656501-1001
2015-08-16 13:53 - 2013-01-03 06:03 - 00000000 ____D C:\ProgramData\WinClon
2015-08-16 13:52 - 2014-04-12 10:31 - 00000000 ___DO C:\Users\Wioleta\SkyDrive
2015-08-16 13:51 - 2015-01-23 22:22 - 00000000 ____D C:\Users\Wioleta\AppData\Local\HTC MediaHub
2015-08-16 13:47 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-16 13:31 - 2013-01-03 06:05 - 00000000 ____D C:\ProgramData\Adobe
2015-08-16 13:31 - 2013-01-03 06:05 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-16 13:30 - 2013-01-03 06:12 - 00000000 ____D C:\ProgramData\Temp
2015-08-16 13:30 - 2013-01-03 04:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-16 13:29 - 2013-01-03 06:14 - 00000000 ____D C:\ProgramData\CyberLink
2015-08-16 13:16 - 2015-02-08 17:08 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3281234712-2478978767-3473656501-1001UA1d043b12abee03e.job
2015-08-16 13:16 - 2013-08-03 12:17 - 00001028 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3281234712-2478978767-3473656501-1001Core.job
2015-08-16 13:15 - 2013-12-21 11:32 - 00001222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Feature Mananger.lnk
2015-08-16 13:13 - 2013-08-03 12:17 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3281234712-2478978767-3473656501-1001UA.job
2015-08-16 12:48 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-16 12:47 - 2015-01-20 18:09 - 00000000 ____D C:\Users\Wioleta\AppData\Roaming\StPrsSW
2015-08-16 12:23 - 2013-07-03 20:11 - 00000000 ____D C:\Users\Wioleta\AppData\Local\CrashDumps
2015-08-16 12:01 - 2015-04-06 13:00 - 00000000 ____D C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56
2015-08-16 10:22 - 2013-10-30 19:25 - 00000000 ____D C:\Users\Wioleta
2015-08-16 09:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-16 09:39 - 2013-09-30 06:15 - 01825074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-16 09:39 - 2013-09-30 06:00 - 00807160 _____ C:\WINDOWS\system32\perfh015.dat
2015-08-16 09:39 - 2013-09-30 06:00 - 00163478 _____ C:\WINDOWS\system32\perfc015.dat
2015-08-14 08:14 - 2013-08-03 12:20 - 00002438 _____ C:\Users\Wioleta\Desktop\Google Chrome.lnk
2015-08-13 03:09 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-12 21:18 - 2013-08-22 16:44 - 00553568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-12 21:14 - 2015-04-06 13:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 21:14 - 2014-12-14 19:25 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 21:14 - 2014-07-19 10:55 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 21:14 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 21:14 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 21:14 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 21:14 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 21:13 - 2013-08-20 23:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 21:05 - 2013-07-08 03:05 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-09 12:05 - 2013-11-27 19:50 - 00227840 ___SH C:\Users\Wioleta\Downloads\Thumbs.db
2015-08-08 15:55 - 2015-03-12 21:27 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2015-03-12 21:27 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 21:52 - 2013-07-05 19:04 - 00000000 ____D C:\Users\Wioleta\Documents\+ Pliki
2015-07-26 03:10 - 2015-04-09 20:46 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-25 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-07-24 20:16 - 2013-07-03 20:12 - 00000000 ____D C:\Users\Wioleta\Documents\Bluetooth Folder
2015-07-22 21:27 - 2015-07-11 14:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-22 21:26 - 2015-04-09 20:46 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-22 21:26 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-22 21:26 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-07-21 21:43 - 2013-07-03 20:22 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-19 13:11 - 2015-02-08 17:09 - 00004030 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3281234712-2478978767-3473656501-1001UA1d043b12abee03e
2015-07-19 13:11 - 2013-08-03 12:17 - 00003650 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3281234712-2478978767-3473656501-1001Core
2015-07-19 03:00 - 2013-01-03 06:04 - 00000000 ____D C:\ProgramData\Samsung

==================== Files in the root of some directories =======

2013-08-11 18:18 - 2013-02-21 16:59 - 2063240 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-08-11 18:18 - 2013-01-12 23:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some files in TEMP:
====================
C:\Users\Wioleta\AppData\Local\Temp\sqlite3.dll
C:\Users\Wioleta\AppData\Local\Temp\{467E215E-D7BE-4A1A-9A71-83A5925BCA46}.dll
C:\Users\Wioleta\AppData\Local\Temp\{A86750EA-384E-4E63-BAA9-D133F25B3125}.dll
C:\Users\Wioleta\AppData\Local\Temp\{B3F50160-0772-4F30-8932-3CE7B877DAD8}.dll
C:\Users\Wioleta\AppData\Local\Temp\{C4698DAC-533F-40F1-896A-3F805216A86E}.dll
C:\Users\Wioleta\AppData\Local\Temp\{CA574724-A53D-4DF0-B949-30995882F01D}.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-16 11:42

==================== End of log ============================