Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-09-2013
Ran by User (administrator) on USER-KOMPUTER on 05-09-2013 12:42:42
Running from C:\Users\User\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Valve Corporation) D:\Programy\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(FreeVoipDeal) C:\Program Files (x86)\FreeVoipDeal.com\FreeVoipDeal\FreeVoipDeal.exe
(alch) C:\Program Files (x86)\ClamWin\bin\ClamTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [ASRockXTU] -  [x]
HKCU\...\Run: [AdobeBridge] -  [x]
HKCU\...\Run: [Steam] - D:\Programy\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [Google Update] - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-17] (Google Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKCU\...\Run: [KiesHelper] - C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s [x]
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-06-08] ()
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKCU\...\Run: [FreeVoipDeal] - C:\Program Files (x86)\FreeVoipDeal.com\FreeVoipDeal\FreeVoipDeal.exe [19614536 2013-07-23] (FreeVoipDeal)
MountPoints2: {323e8d07-41cb-11e1-aea1-bc5ff40a7c84} - K:\autorun.exe
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ClamWin] - C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2012-06-28] (alch)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3521464 2012-06-08] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\system32\NeroCheck.exe [x]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [245872 2013-02-26] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-26] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://startsear.ch/?aff=2&src=sp&cf=681ed5ad-fc3d-11e1-8d08-bc5ff40a7c84&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://startsear.ch/?aff=2&src=sp&cf=681ed5ad-fc3d-11e1-8d08-bc5ff40a7c84&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DebugBar BHO - {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - C:\Program Files (x86)\Core Services\DebugBar\DebugInfoBar.dll (Core Services)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - DebugBar (Toolbar) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files (x86)\Core Services\DebugBar\DebugToolBar.dll (Core Services)
Tcpip\Parameters: [DhcpNameServer] 95.160.170.92 88.156.222.92

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\v7mrzcy8.default
FF NewTab: user_pref("browser.newtab.url", "");
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Pixel Perfect - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\v7mrzcy8.default\Extensions\pixelperfectplugin@openhouseconcepts.com
FF Extension: firebug - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\v7mrzcy8.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: firerainbow - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\v7mrzcy8.default\Extensions\firerainbow@hildebrand.cz.xpi
FF Extension: info - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\v7mrzcy8.default\Extensions\info@cssUpdater.com.xpi
FF Extension: sroussey - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\v7mrzcy8.default\Extensions\sroussey@illumination-for-developers.com.xpi
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\v7mrzcy8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Injovo Extension Plugin) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.440_0\npbrowserext.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Google Update) - C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR StartMenuInternet: Google Chrome - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [624856 2012-04-06] (Pandora.TV)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-02-04] ()

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-01-18] (DT Soft Ltd)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 GPU-Z; \??\C:\Users\User\AppData\Local\Temp\GPU-Z.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-05 12:31 - 2013-09-05 12:31 - 00980480 _____ C:\Users\User\Downloads\MicrosoftFixit50267 (1).msi
2013-09-05 12:28 - 2013-09-05 12:28 - 00980480 _____ C:\Users\User\Downloads\MicrosoftFixit50267.msi
2013-09-05 12:28 - 2013-09-05 12:28 - 00448512 _____ (OldTimer Tools) C:\Users\User\Downloads\TFC.exe
2013-09-05 12:27 - 2013-09-05 12:27 - 00026655 _____ C:\Users\User\Desktop\AdwCleaner[S0].txt
2013-09-05 12:12 - 2013-09-05 12:13 - 00000000 ____D C:\AdwCleaner
2013-09-05 12:09 - 2013-09-05 12:09 - 01037222 _____ C:\Users\User\Downloads\AdwCleaner.exe
2013-09-04 19:35 - 2013-09-04 19:35 - 00077898 _____ C:\Users\User\Downloads\WhoIs.zip
2013-09-04 19:22 - 2013-09-04 19:22 - 487209402 _____ C:\Windows\MEMORY.DMP
2013-09-04 19:22 - 2013-09-04 19:22 - 00262144 _____ C:\Windows\Minidump\090413-17284-01.dmp
2013-09-04 18:39 - 2013-09-04 18:39 - 00891144 _____ C:\Users\User\Downloads\SecurityCheck.exe
2013-09-04 16:55 - 2013-09-04 16:55 - 00103236 _____ C:\Users\User\Downloads\Extras.Txt
2013-09-04 16:54 - 2013-09-04 16:54 - 00150448 _____ C:\Users\User\Downloads\OTL.Txt
2013-09-04 16:46 - 2013-09-04 16:46 - 00602112 _____ (OldTimer Tools) C:\Users\User\Downloads\OTL.exe
2013-09-04 16:45 - 2013-09-04 16:45 - 00048927 _____ C:\Users\User\Downloads\Addition.txt
2013-09-04 16:43 - 2013-09-04 16:43 - 00000000 ____D C:\FRST
2013-09-04 14:56 - 2013-09-04 14:56 - 00377856 _____ C:\Users\User\Downloads\vzd9kk9q.exe
2013-09-04 05:41 - 2013-09-04 05:42 - 00262144 _____ C:\Windows\Minidump\090413-17113-01.dmp
2013-09-03 23:16 - 2013-09-03 23:16 - 00262144 _____ C:\Windows\Minidump\090313-26176-01.dmp
2013-09-03 14:04 - 2013-09-03 14:05 - 06745704 _____ (Finarea S.A. Switzerland                                    ) C:\Users\User\Downloads\setupFreeVoipDeal.exe
2013-09-03 13:08 - 2013-09-03 13:09 - 00377856 _____ C:\Users\User\Downloads\ndovrosw.exe
2013-09-03 13:05 - 2013-09-03 13:05 - 00005550 _____ C:\Users\User\Downloads\KillWhite1.0 (1).zip
2013-09-03 12:58 - 2013-09-03 12:58 - 21883403 _____ C:\Users\User\Downloads\pixelbenderplugin_p3_pscs5-1_64bit_061711 (1).mxp
2013-09-03 12:47 - 2013-09-03 12:47 - 00000000 ____D C:\Users\User\Downloads\pixelbender_toolkit_2.5 (1)
2013-09-03 12:45 - 2013-09-03 12:46 - 58661931 _____ C:\Users\User\Downloads\pixelbender_toolkit_2.5 (1).zip
2013-09-03 12:44 - 2013-09-03 12:44 - 00005550 _____ C:\Users\User\Downloads\KillWhite1.0.zip
2013-09-02 15:38 - 2013-09-02 15:39 - 21883403 _____ C:\Users\User\Downloads\pixelbenderplugin_p3_pscs5-1_64bit_061711.mxp
2013-09-02 11:01 - 2013-09-03 06:57 - 00000000 ____D C:\Users\User\Downloads\fonty
2013-09-02 10:55 - 2013-09-02 10:55 - 00627240 _____ C:\Users\User\Downloads\BickhamScriptPro-Semibold.otf
2013-09-02 10:55 - 2013-09-02 10:55 - 00612936 _____ C:\Users\User\Downloads\BickhamScriptPro-Bold.otf
2013-09-02 10:55 - 2013-09-02 10:55 - 00603684 _____ C:\Users\User\Downloads\BickhamScriptPro-Regular.otf
2013-09-02 10:46 - 2013-09-02 10:49 - 00000000 ____D C:\Users\User\Downloads\s
2013-09-02 10:45 - 2013-09-02 10:45 - 00000000 ____D C:\Users\User\Downloads\dark_exa
2013-09-02 10:37 - 2013-09-02 10:37 - 01191834 _____ C:\Users\User\Downloads\ProcessExplorer.zip
2013-09-02 10:34 - 2013-09-02 10:34 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2013-09-02 10:33 - 2013-09-03 06:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-02 10:33 - 2013-09-02 10:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 22:04 - 2013-09-01 22:04 - 00000000 ____D C:\Users\User\Documents\Adobe Scripts
2013-09-01 21:55 - 2013-09-01 21:55 - 03543659 _____ C:\Users\User\Downloads\Vertex.zip
2013-09-01 21:55 - 2013-09-01 21:55 - 00780403 _____ C:\Users\User\Downloads\ArtSee.zip
2013-09-01 21:53 - 2013-09-02 11:21 - 00000000 ____D C:\Users\User\Downloads\Hirens.BootCD.15.2
2013-09-01 21:49 - 2013-09-01 21:50 - 58661931 _____ C:\Users\User\Downloads\pixelbender_toolkit_2.5.zip
2013-09-01 21:46 - 2013-09-01 21:46 - 00098322 _____ C:\Users\User\Downloads\KillWhite.zip
2013-09-01 19:32 - 2013-09-01 19:32 - 00576922 _____ C:\Users\User\Downloads\modium_d.gz
2013-09-01 19:32 - 2013-09-01 19:32 - 00469266 _____ C:\Users\User\Downloads\modium_dm.gz
2013-09-01 19:32 - 2013-09-01 19:32 - 00329234 _____ C:\Users\User\Downloads\modium_db.gz
2013-09-01 19:32 - 2013-09-01 19:32 - 00001058 _____ C:\Users\User\Downloads\modium_test.gz
2013-09-01 19:30 - 2013-09-01 19:30 - 00024038 _____ C:\Users\User\Desktop\settings.php
2013-09-01 19:20 - 2013-09-01 19:20 - 00000000 ____D C:\Users\User\Downloads\wordpress-3.6-pl_PL
2013-09-01 19:19 - 2013-09-01 19:19 - 06511193 _____ C:\Users\User\Downloads\wordpress-3.6-pl_PL.zip
2013-09-01 19:17 - 2013-09-01 19:28 - 621283886 _____ C:\Users\User\Downloads\Hirens.BootCD.15.2.zip
2013-09-01 14:22 - 2013-09-04 20:48 - 00000000 ____D C:\Users\User\Desktop\jesli moglbys to zostaw to do mojego wyjazdu
2013-09-01 13:44 - 2013-09-01 13:48 - 00000035 _____ C:\Users\User\Desktop\Nowy dokument tekstowy.txt
2013-09-01 13:25 - 2013-09-02 11:21 - 00000000 ____D C:\Users\User\AppData\Roaming\TeamViewer
2013-09-01 13:23 - 2013-09-01 13:23 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-08-30 18:30 - 2013-09-04 18:53 - 00000000 ____D C:\Users\User\AppData\Roaming\FreeVoipDeal
2013-08-30 18:30 - 2013-08-30 18:30 - 00000000 ____D C:\Program Files (x86)\FreeVoipDeal.com
2013-08-28 19:57 - 2013-08-28 19:58 - 29544447 _____ C:\Users\User\Downloads\Załącznik Nr 11 - Dokumentacja techniczna (1).rar
2013-08-27 23:46 - 2013-08-27 23:46 - 01209473 _____ C:\Users\User\Downloads\Diagnoza_raport_wstepny_2013.zip
2013-08-27 18:58 - 2013-08-27 18:58 - 01461856 _____ C:\Users\User\Downloads\UM_Krosno_Staszica_klatka schodowa projekt.dwg
2013-08-27 14:46 - 2013-08-27 14:46 - 00247392 _____ C:\Users\User\Downloads\kd_logo.zip
2013-08-14 19:45 - 2013-08-14 19:45 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-14 19:28 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 19:28 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 19:28 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 19:28 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 19:28 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 19:28 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 19:28 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 19:28 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 19:28 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 19:28 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 19:28 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 19:28 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 19:28 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 19:28 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 19:28 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 19:28 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 19:28 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 19:28 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 19:28 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 19:28 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 19:28 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 19:28 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 19:28 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 19:28 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 19:28 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 19:28 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 19:28 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 19:28 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 19:28 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 19:28 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 19:28 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 19:24 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 19:24 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 19:24 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 19:24 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 19:24 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 19:24 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 19:24 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 19:24 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 19:23 - 2013-08-14 19:25 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 19:23 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 19:23 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 19:23 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 19:23 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 19:22 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 19:22 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 19:22 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 19:22 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 19:22 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 19:22 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 19:22 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 19:22 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 19:22 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 19:22 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 19:22 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 19:22 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 19:22 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 19:22 - 2012-11-30 07:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-08-14 19:22 - 2012-11-30 07:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-08-14 19:22 - 2012-11-30 07:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-08-14 19:22 - 2012-11-30 07:41 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-08-14 19:22 - 2012-11-30 07:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-14 19:22 - 2012-11-30 06:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 05:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-08-14 19:22 - 2012-11-30 04:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 04:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 04:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 19:22 - 2012-11-30 04:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-14 19:21 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 19:21 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-08 18:35 - 2013-08-08 18:35 - 01278929 _____ C:\Users\User\Downloads\99253-900-3d-dwg.zip
2013-08-08 18:35 - 2013-08-08 18:35 - 00090179 _____ C:\Users\User\Downloads\99169-dwg.zip
2013-08-08 18:34 - 2013-08-08 18:34 - 00689023 _____ C:\Users\User\Downloads\99235-dwg (3).zip
2013-08-08 18:29 - 2013-08-08 18:29 - 00845183 _____ C:\Users\User\Downloads\XBK0380-dwg.zip
2013-08-08 18:24 - 2013-08-08 18:24 - 01921240 _____ C:\Users\User\Downloads\68465-dwg (2).zip
2013-08-07 23:55 - 2013-08-07 23:55 - 00065024 _____ C:\Users\User\Downloads\drzwi góra.dwg
2013-08-07 22:16 - 2013-08-07 22:16 - 00566930 _____ C:\Users\User\Downloads\MON-GRABIE - koncepcja klatki ewakuacyjnej - 5 lipiec 2013.dwg

==================== One Month Modified Files and Folders =======

2013-09-05 12:42 - 2009-07-14 06:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-05 12:42 - 2009-07-14 06:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-05 12:41 - 2013-09-05 12:41 - 01947160 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2013-09-05 12:37 - 2012-11-04 14:54 - 00000000 ___RD C:\Users\User\Dysk Google
2013-09-05 12:33 - 2012-11-04 14:51 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-05 12:33 - 2012-01-16 17:50 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-05 12:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-05 12:33 - 2009-07-14 06:51 - 00130164 _____ C:\Windows\setupact.log
2013-09-05 12:32 - 2012-01-16 21:20 - 01206131 _____ C:\Windows\WindowsUpdate.log
2013-09-05 12:31 - 2013-09-05 12:31 - 00980480 _____ C:\Users\User\Downloads\MicrosoftFixit50267 (1).msi
2013-09-05 12:29 - 2012-06-27 10:50 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-05 12:28 - 2013-09-05 12:28 - 00980480 _____ C:\Users\User\Downloads\MicrosoftFixit50267.msi
2013-09-05 12:28 - 2013-09-05 12:28 - 00448512 _____ (OldTimer Tools) C:\Users\User\Downloads\TFC.exe
2013-09-05 12:27 - 2013-09-05 12:27 - 00026655 _____ C:\Users\User\Desktop\AdwCleaner[S0].txt
2013-09-05 12:20 - 2012-02-17 11:40 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2699162920-3857950008-3738035857-1000UA.job
2013-09-05 12:13 - 2013-09-05 12:12 - 00000000 ____D C:\AdwCleaner
2013-09-05 12:12 - 2012-11-04 14:51 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-05 12:09 - 2013-09-05 12:09 - 01037222 _____ C:\Users\User\Downloads\AdwCleaner.exe
2013-09-04 20:48 - 2013-09-01 14:22 - 00000000 ____D C:\Users\User\Desktop\jesli moglbys to zostaw to do mojego wyjazdu
2013-09-04 19:35 - 2013-09-04 19:35 - 00077898 _____ C:\Users\User\Downloads\WhoIs.zip
2013-09-04 19:22 - 2013-09-04 19:22 - 487209402 _____ C:\Windows\MEMORY.DMP
2013-09-04 19:22 - 2013-09-04 19:22 - 00262144 _____ C:\Windows\Minidump\090413-17284-01.dmp
2013-09-04 19:22 - 2012-04-18 00:06 - 00000000 ____D C:\Windows\Minidump
2013-09-04 19:22 - 2010-11-21 05:47 - 00013238 _____ C:\Windows\PFRO.log
2013-09-04 18:53 - 2013-08-30 18:30 - 00000000 ____D C:\Users\User\AppData\Roaming\FreeVoipDeal
2013-09-04 18:39 - 2013-09-04 18:39 - 00891144 _____ C:\Users\User\Downloads\SecurityCheck.exe
2013-09-04 18:21 - 2012-02-17 11:41 - 00002368 _____ C:\Users\User\Desktop\Google Chrome.lnk
2013-09-04 16:55 - 2013-09-04 16:55 - 00103236 _____ C:\Users\User\Downloads\Extras.Txt
2013-09-04 16:54 - 2013-09-04 16:54 - 00150448 _____ C:\Users\User\Downloads\OTL.Txt
2013-09-04 16:46 - 2013-09-04 16:46 - 00602112 _____ (OldTimer Tools) C:\Users\User\Downloads\OTL.exe
2013-09-04 16:45 - 2013-09-04 16:45 - 00048927 _____ C:\Users\User\Downloads\Addition.txt
2013-09-04 16:43 - 2013-09-04 16:43 - 00000000 ____D C:\FRST
2013-09-04 14:56 - 2013-09-04 14:56 - 00377856 _____ C:\Users\User\Downloads\vzd9kk9q.exe
2013-09-04 10:20 - 2012-02-17 11:40 - 00001002 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2699162920-3857950008-3738035857-1000Core.job
2013-09-04 05:42 - 2013-09-04 05:41 - 00262144 _____ C:\Windows\Minidump\090413-17113-01.dmp
2013-09-03 23:21 - 2012-05-22 11:05 - 00011685 _____ C:\Windows\system32\plot.log
2013-09-03 23:21 - 2012-04-11 15:13 - 00000000 ____D C:\Users\User\AppData\Local\cache
2013-09-03 23:16 - 2013-09-03 23:16 - 00262144 _____ C:\Windows\Minidump\090313-26176-01.dmp
2013-09-03 23:14 - 2012-01-17 17:03 - 00000000 ____D C:\Users\User\AppData\Roaming\foobar2000
2013-09-03 22:51 - 2012-02-29 00:18 - 00062201 _____ C:\Users\User\Documents\plot.log
2013-09-03 14:05 - 2013-09-03 14:04 - 06745704 _____ (Finarea S.A. Switzerland                                    ) C:\Users\User\Downloads\setupFreeVoipDeal.exe
2013-09-03 13:19 - 2012-01-18 18:13 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla
2013-09-03 13:09 - 2013-09-03 13:08 - 00377856 _____ C:\Users\User\Downloads\ndovrosw.exe
2013-09-03 13:05 - 2013-09-03 13:05 - 00005550 _____ C:\Users\User\Downloads\KillWhite1.0 (1).zip
2013-09-03 12:58 - 2013-09-03 12:58 - 21883403 _____ C:\Users\User\Downloads\pixelbenderplugin_p3_pscs5-1_64bit_061711 (1).mxp
2013-09-03 12:57 - 2012-01-16 16:20 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2013-09-03 12:47 - 2013-09-03 12:47 - 00000000 ____D C:\Users\User\Downloads\pixelbender_toolkit_2.5 (1)
2013-09-03 12:46 - 2013-09-03 12:45 - 58661931 _____ C:\Users\User\Downloads\pixelbender_toolkit_2.5 (1).zip
2013-09-03 12:44 - 2013-09-03 12:44 - 00005550 _____ C:\Users\User\Downloads\KillWhite1.0.zip
2013-09-03 06:57 - 2013-09-02 11:01 - 00000000 ____D C:\Users\User\Downloads\fonty
2013-09-03 06:57 - 2013-09-02 10:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-03 06:57 - 2012-12-03 11:32 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-09-03 06:57 - 2012-07-01 20:21 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-03 06:57 - 2012-04-11 15:13 - 00000000 ____D C:\ProgramData\FLEXnet
2013-09-03 06:57 - 2012-02-17 11:41 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-03 06:57 - 2012-02-15 18:38 - 00000000 ____D C:\Program Files (x86)\PANDORA.TV
2013-09-03 06:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-03 06:21 - 2012-01-16 14:37 - 00000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2013-09-03 06:20 - 2012-01-16 14:34 - 00103472 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-03 06:16 - 2011-04-12 15:21 - 00737730 _____ C:\Windows\system32\perfh015.dat
2013-09-03 06:16 - 2011-04-12 15:21 - 00154418 _____ C:\Windows\system32\perfc015.dat
2013-09-03 06:16 - 2009-07-14 07:13 - 01662556 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-02 15:39 - 2013-09-02 15:38 - 21883403 _____ C:\Users\User\Downloads\pixelbenderplugin_p3_pscs5-1_64bit_061711.mxp
2013-09-02 11:21 - 2013-09-01 21:53 - 00000000 ____D C:\Users\User\Downloads\Hirens.BootCD.15.2
2013-09-02 11:21 - 2013-09-01 13:25 - 00000000 ____D C:\Users\User\AppData\Roaming\TeamViewer
2013-09-02 10:55 - 2013-09-02 10:55 - 00627240 _____ C:\Users\User\Downloads\BickhamScriptPro-Semibold.otf
2013-09-02 10:55 - 2013-09-02 10:55 - 00612936 _____ C:\Users\User\Downloads\BickhamScriptPro-Bold.otf
2013-09-02 10:55 - 2013-09-02 10:55 - 00603684 _____ C:\Users\User\Downloads\BickhamScriptPro-Regular.otf
2013-09-02 10:49 - 2013-09-02 10:46 - 00000000 ____D C:\Users\User\Downloads\s
2013-09-02 10:45 - 2013-09-02 10:45 - 00000000 ____D C:\Users\User\Downloads\dark_exa
2013-09-02 10:37 - 2013-09-02 10:37 - 01191834 _____ C:\Users\User\Downloads\ProcessExplorer.zip
2013-09-02 10:34 - 2013-09-02 10:34 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2013-09-02 10:33 - 2013-09-02 10:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 22:04 - 2013-09-01 22:04 - 00000000 ____D C:\Users\User\Documents\Adobe Scripts
2013-09-01 21:55 - 2013-09-01 21:55 - 03543659 _____ C:\Users\User\Downloads\Vertex.zip
2013-09-01 21:55 - 2013-09-01 21:55 - 00780403 _____ C:\Users\User\Downloads\ArtSee.zip
2013-09-01 21:50 - 2013-09-01 21:49 - 58661931 _____ C:\Users\User\Downloads\pixelbender_toolkit_2.5.zip
2013-09-01 21:46 - 2013-09-01 21:46 - 00098322 _____ C:\Users\User\Downloads\KillWhite.zip
2013-09-01 19:32 - 2013-09-01 19:32 - 00576922 _____ C:\Users\User\Downloads\modium_d.gz
2013-09-01 19:32 - 2013-09-01 19:32 - 00469266 _____ C:\Users\User\Downloads\modium_dm.gz
2013-09-01 19:32 - 2013-09-01 19:32 - 00329234 _____ C:\Users\User\Downloads\modium_db.gz
2013-09-01 19:32 - 2013-09-01 19:32 - 00001058 _____ C:\Users\User\Downloads\modium_test.gz
2013-09-01 19:30 - 2013-09-01 19:30 - 00024038 _____ C:\Users\User\Desktop\settings.php
2013-09-01 19:28 - 2013-09-01 19:17 - 621283886 _____ C:\Users\User\Downloads\Hirens.BootCD.15.2.zip
2013-09-01 19:20 - 2013-09-01 19:20 - 00000000 ____D C:\Users\User\Downloads\wordpress-3.6-pl_PL
2013-09-01 19:19 - 2013-09-01 19:19 - 06511193 _____ C:\Users\User\Downloads\wordpress-3.6-pl_PL.zip
2013-09-01 13:48 - 2013-09-01 13:44 - 00000035 _____ C:\Users\User\Desktop\Nowy dokument tekstowy.txt
2013-09-01 13:23 - 2013-09-01 13:23 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-08-30 18:30 - 2013-08-30 18:30 - 00000000 ____D C:\Program Files (x86)\FreeVoipDeal.com
2013-08-29 07:15 - 2012-01-17 16:08 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2013-08-28 19:58 - 2013-08-28 19:57 - 29544447 _____ C:\Users\User\Downloads\Załącznik Nr 11 - Dokumentacja techniczna (1).rar
2013-08-27 23:46 - 2013-08-27 23:46 - 01209473 _____ C:\Users\User\Downloads\Diagnoza_raport_wstepny_2013.zip
2013-08-27 19:39 - 2012-04-27 06:36 - 00007596 _____ C:\Users\User\Downloads\plot.log
2013-08-27 18:58 - 2013-08-27 18:58 - 01461856 _____ C:\Users\User\Downloads\UM_Krosno_Staszica_klatka schodowa projekt.dwg
2013-08-27 18:31 - 2012-01-16 21:13 - 00000000 ____D C:\Windows\Panther
2013-08-27 14:46 - 2013-08-27 14:46 - 00247392 _____ C:\Users\User\Downloads\kd_logo.zip
2013-08-21 14:29 - 2012-06-27 10:50 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 14:29 - 2012-06-27 10:50 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-21 14:29 - 2012-01-16 21:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-20 20:57 - 2012-05-09 21:42 - 00000000 ____D C:\Users\User\Desktop\temporary
2013-08-14 19:45 - 2013-08-14 19:45 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-14 19:45 - 2013-02-26 19:04 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-08-14 19:45 - 2013-02-26 19:04 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-14 19:45 - 2012-03-06 22:29 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-14 19:45 - 2012-03-06 22:29 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-14 19:45 - 2012-03-06 22:29 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-14 19:45 - 2012-01-16 14:41 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-14 19:25 - 2013-08-14 19:23 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 19:23 - 2012-01-16 16:36 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-09 17:30 - 2012-06-03 12:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-08 21:27 - 2013-06-03 17:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-08 18:35 - 2013-08-08 18:35 - 01278929 _____ C:\Users\User\Downloads\99253-900-3d-dwg.zip
2013-08-08 18:35 - 2013-08-08 18:35 - 00090179 _____ C:\Users\User\Downloads\99169-dwg.zip
2013-08-08 18:34 - 2013-08-08 18:34 - 00689023 _____ C:\Users\User\Downloads\99235-dwg (3).zip
2013-08-08 18:29 - 2013-08-08 18:29 - 00845183 _____ C:\Users\User\Downloads\XBK0380-dwg.zip
2013-08-08 18:24 - 2013-08-08 18:24 - 01921240 _____ C:\Users\User\Downloads\68465-dwg (2).zip
2013-08-07 23:55 - 2013-08-07 23:55 - 00065024 _____ C:\Users\User\Downloads\drzwi góra.dwg
2013-08-07 22:16 - 2013-08-07 22:16 - 00566930 _____ C:\Users\User\Downloads\MON-GRABIE - koncepcja klatki ewakuacyjnej - 5 lipiec 2013.dwg
2013-08-07 04:22 - 2010-11-21 05:27 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\User\AppData\Local\Temp\_MEI25922\kernel32.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\mfc90.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\mfc90u.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\mfcm90.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\mfcm90u.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\msvcp100.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\msvcr100.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\psapi.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\python27.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\pythoncom27.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\PyWinTypes27.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\shell32.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\wxbase294u_net_vc90.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\wxbase294u_vc90.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\wxmsw294u_adv_vc90.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\wxmsw294u_core_vc90.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\wxmsw294u_html_vc90.dll
C:\Users\User\AppData\Local\Temp\_MEI25922\wxmsw294u_webview_vc90.dll
C:\Users\User\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-06-02 12:35

==================== End Of Log ============================