Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-02-2014
Ran by JoannaM (administrator) on JOANNA on 21-02-2014 11:40:19
Running from D:\hmm
Windows 8 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\windows\system32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(arvato digital services llc) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) c:\program files (x86)\mcafee\siteadvisor\saui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\windows\system32\msiexec.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Bitcasa] - C:\Program Files\Bitcasa\Bitcasa.exe [3952128 2012-11-27] (Bitcasa, Inc)
HKLM\...\Run: [VDownloader] - C:\Program Files\VDownloader\VDownloader.exe [882176 2013-12-20] (Vitzo)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\MountPoints2: {2b26de89-d20d-11e2-be81-c48508e4860c} - "G:\NokiaPCIA_Autorun.exe" 
HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\MountPoints2: {d22e0267-56b2-11e2-be74-806e6f6e6963} - "E:\autorun.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-12] (NVIDIA Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/
SearchScopes: HKLM - DefaultScope {779A2E64-4866-4DC0-893A-609F3F79FCD6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {779A2E64-4866-4DC0-893A-609F3F79FCD6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {779A2E64-4866-4DC0-893A-609F3F79FCD6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {779A2E64-4866-4DC0-893A-609F3F79FCD6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {779A2E64-4866-4DC0-893A-609F3F79FCD6} URL = 
SearchScopes: HKCU - {779A2E64-4866-4DC0-893A-609F3F79FCD6} URL = 
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206

FireFox:
========
FF ProfilePath: C:\Users\JoannaM\AppData\Roaming\Mozilla\Firefox\Profiles\qjp2dfaw.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\program files\mcafee\msc\npmcsnffpl64.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @ganymede/MAHJONG,version=1.0 - C:\Program Files (x86)\Ganymede\Plugins\MAHJONG\NPMAHJONG.dll (Ganymede Technologies)
FF Plugin-x32: @ganymede/MARBLES,version=1.0 - C:\Program Files (x86)\Ganymede\Plugins\MARBLES\NPMARBLES.dll (Ganymede Technologies)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\program files (x86)\mcafee\msc\npmcsnffpl.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPMAHJONG.dll (Ganymede Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPMARBLES.dll (Ganymede Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-12-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-12-27]

Chrome: 
=======
CHR Extension: (Dokumenty Google) - C:\Users\JoannaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-20]
CHR Extension: (Dysk Google) - C:\Users\JoannaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-20]
CHR Extension: (YouTube) - C:\Users\JoannaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-20]
CHR Extension: (Szukaj w Google) - C:\Users\JoannaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-20]
CHR Extension: (SiteAdvisor) - C:\Users\JoannaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-02-20]
CHR Extension: (Google Wallet) - C:\Users\JoannaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-20]
CHR Extension: (Gmail) - C:\Users\JoannaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-20]

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171664 2012-11-05] (Adobe Systems Incorporated)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1591176 2012-11-30] (Samsung Electronics CO., LTD.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [55120 2012-11-01] (Condusiv Technologies)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)
S3 McAWFwk; c:\program files\common files\mcafee\actwiz\mcawfwk.exe [334608 2013-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-12-05] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [184800 2013-12-05] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2876024 2012-12-10] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-12-05] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-07] (DT Soft Ltd)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [28496 2012-11-01] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [104272 2012-11-01] (Condusiv Technologies)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-12-05] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-12-05] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-12-05] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-12-05] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782616 2013-12-05] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-12-05] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-20 19:53 - 2014-02-20 19:54 - 00293464 _____ () C:\windows\Minidump\022014-25156-01.dmp
2014-02-20 19:40 - 2014-02-20 19:53 - 868241503 _____ () C:\windows\MEMORY.DMP
2014-02-20 19:40 - 2014-02-20 19:41 - 00296168 _____ () C:\windows\Minidump\022014-27000-01.dmp
2014-02-20 19:39 - 2014-02-20 19:39 - 00368705 _____ () C:\Users\JoannaM\Downloads\gm (1).zip
2014-02-20 19:39 - 2014-02-20 19:39 - 00000000 ____D () C:\Users\JoannaM\Downloads\gm
2014-02-20 19:31 - 2014-02-20 19:31 - 00048100 _____ () C:\Users\JoannaM\Desktop\FRST.txt
2014-02-20 19:30 - 2014-02-20 19:30 - 00035465 _____ () C:\Users\JoannaM\Desktop\Addition.txt
2014-02-20 19:27 - 2014-02-21 11:28 - 00000000 ____D () C:\FRST
2014-02-20 19:21 - 2014-02-20 19:21 - 00156156 _____ () C:\Users\JoannaM\Desktop\OTL.txt
2014-02-20 19:21 - 2014-02-20 19:21 - 00072548 _____ () C:\Users\JoannaM\Desktop\Extras.txt
2014-02-20 18:45 - 2014-02-20 18:45 - 00602112 _____ (OldTimer Tools) C:\Users\JoannaM\Downloads\OTL.com
2014-02-20 18:42 - 2014-02-20 18:42 - 00027137 _____ () C:\Users\JoannaM\Desktop\dds.txt
2014-02-20 18:42 - 2014-02-20 18:42 - 00006828 _____ () C:\Users\JoannaM\Desktop\attach.txt
2014-02-20 18:40 - 2014-02-20 18:41 - 00688992 ____R (Swearware) C:\Users\JoannaM\Downloads\dds.scr
2014-02-20 18:19 - 2014-02-20 18:19 - 00000000 ____D () C:\rsit
2014-02-20 18:19 - 2014-02-20 18:19 - 00000000 ____D () C:\Program Files\trend micro
2014-02-20 18:14 - 2014-02-20 18:17 - 00935175 _____ () C:\Users\JoannaM\Downloads\RSITx64.exe
2014-02-20 18:08 - 2014-02-20 18:12 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\Wise Registry Cleaner
2014-02-20 18:08 - 2014-02-20 18:08 - 02176336 _____ (WiseCleaner.com ) C:\Users\JoannaM\Downloads\WRCFree.exe
2014-02-20 18:08 - 2014-02-20 18:08 - 00001255 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2014-02-20 18:08 - 2014-02-20 18:08 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-02-20 18:07 - 2014-02-20 18:08 - 00673640 _____ ( ) C:\Users\JoannaM\Downloads\Wise-Registry-Cleaner(13347).exe
2014-02-20 16:57 - 2014-02-20 16:57 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-02-20 12:55 - 2014-02-20 12:56 - 00000000 ____D () C:\Users\JoannaM\Desktop\ENGLISH!!!
2014-02-17 18:10 - 2014-02-17 18:13 - 146516601 _____ () C:\Users\JoannaM\Downloads\The Basic Course In Estonian.zip
2014-02-14 16:38 - 2014-02-14 16:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-11 21:02 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-11 21:02 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-11 20:55 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-11 20:55 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-11 20:55 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-11 20:55 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-11 20:55 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-11 20:55 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-11 20:55 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-11 20:55 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-11 20:55 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-02-11 20:54 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-11 20:54 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-11 20:54 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-11 20:54 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-11 20:54 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-11 20:54 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-11 20:54 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-11 20:54 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-11 20:54 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-11 20:54 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-11 20:54 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-11 20:54 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-11 20:54 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-11 20:54 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-11 20:54 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-11 20:54 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-11 20:54 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-11 20:54 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-11 20:54 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-11 20:54 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-11 20:54 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-11 20:54 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-11 20:54 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-11 20:54 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-11 20:50 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-11 20:50 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-11 20:49 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-11 20:49 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-11 20:49 - 2013-11-27 01:19 - 00385614 _____ () C:\windows\system32\ApnDatabase.xml
2014-02-11 20:49 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-02-11 20:49 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-02-11 20:45 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-11 20:45 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-11 20:45 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-11 20:45 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-09 12:26 - 2014-02-09 12:26 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-02-07 12:29 - 2014-02-07 12:29 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-07 12:29 - 2014-02-07 12:29 - 00000000 ____D () C:\Users\JoannaM\AppData\Local\Skype
2014-02-05 11:53 - 2014-01-30 22:10 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 11:53 - 2014-01-30 22:10 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 21:45 - 2014-02-04 21:45 - 00000000 ____D () C:\Program Files (x86)\Edgard Multimedia
2014-02-03 11:19 - 2014-02-03 11:19 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2008
2014-02-03 11:19 - 2014-02-03 11:19 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-02-03 11:19 - 2014-02-03 11:19 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2008
2014-02-03 11:19 - 2014-02-03 11:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-02-02 23:43 - 2014-02-02 23:43 - 00000000 ____D () C:\Users\JoannaM\Documents\Moje palety
2014-02-02 23:42 - 2014-02-04 21:54 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\Corel
2014-02-02 23:42 - 2014-02-02 23:43 - 00000000 ____D () C:\ProgramData\Protexis64
2014-02-02 23:34 - 2014-02-04 23:18 - 00000000 ____D () C:\Users\JoannaM\Documents\Corel
2014-02-02 23:33 - 2014-02-03 11:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-02 23:33 - 2014-02-02 23:33 - 00000000 ____D () C:\Users\JoannaM\Documents\Visual Studio 2008
2014-02-02 23:33 - 2014-02-02 23:33 - 00000000 ____D () C:\Users\JoannaM\AppData\Local\Microsoft Help
2014-02-02 23:33 - 2014-02-02 23:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.0
2014-02-02 23:33 - 2014-02-02 23:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-02-02 23:32 - 2014-02-02 23:32 - 00000000 ____D () C:\Program Files\Common Files\Corel
2014-02-02 23:31 - 2014-02-02 23:42 - 00000000 ____D () C:\ProgramData\Corel
2014-02-02 23:31 - 2014-02-02 23:31 - 00000000 ____D () C:\Program Files\Common Files\Protexis
2014-02-02 23:29 - 2014-02-02 23:29 - 00000000 ____D () C:\Users\Public\Documents\Corel
2014-02-02 23:29 - 2014-02-02 23:29 - 00000000 ____D () C:\Program Files\Corel
2014-02-02 23:25 - 2014-02-02 23:35 - 00000000 ____D () C:\ProgramData\CorelDRAW Graphics Suite X6
2014-01-28 22:07 - 2014-01-28 22:07 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\pl.ydp.maturarom.geografia
2014-01-28 22:02 - 2014-01-28 22:02 - 00000000 ____D () C:\Program Files (x86)\MaturaRom
2014-01-28 22:01 - 2014-01-28 22:01 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\YDP
2014-01-28 19:07 - 2014-01-28 19:07 - 21331096 _____ (Mooii) C:\Users\JoannaM\Downloads\PhotoScape_V3.6.5(dobreprogramy.pl).exe
2014-01-24 02:32 - 2013-12-05 16:44 - 00184800 _____ (McAfee, Inc.) C:\windows\system32\mfevtps.exe
2014-01-23 11:49 - 2014-01-28 19:07 - 00000000 ____D () C:\Program Files (x86)\PhotoScape

==================== One Month Modified Files and Folders =======

2014-02-21 11:40 - 2014-02-20 19:27 - 00000000 ____D () C:\FRST
2014-02-21 11:34 - 2013-05-02 15:26 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1735395495-2726210869-181527219-1002
2014-02-21 11:32 - 2012-12-17 12:02 - 01283180 _____ () C:\windows\WindowsUpdate.log
2014-02-21 11:28 - 2013-12-26 15:50 - 00001060 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-21 11:27 - 2013-07-02 12:58 - 01115988 _____ () C:\windows\PFRO.log
2014-02-21 11:27 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-21 11:17 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-02-21 02:11 - 2013-12-26 15:50 - 00001064 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-21 02:10 - 2013-10-05 15:10 - 00000930 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-02-21 01:34 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\NDF
2014-02-20 21:43 - 2013-08-17 22:00 - 00000000 ____D () C:\AdwCleaner
2014-02-20 20:10 - 2013-10-05 15:10 - 00003818 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 19:59 - 2012-12-17 13:19 - 00000000 ____D () C:\ProgramData\WinClon
2014-02-20 19:54 - 2014-02-20 19:53 - 00293464 _____ () C:\windows\Minidump\022014-25156-01.dmp
2014-02-20 19:53 - 2014-02-20 19:40 - 868241503 _____ () C:\windows\MEMORY.DMP
2014-02-20 19:53 - 2013-08-28 01:52 - 00000000 ____D () C:\windows\Minidump
2014-02-20 19:41 - 2014-02-20 19:40 - 00296168 _____ () C:\windows\Minidump\022014-27000-01.dmp
2014-02-20 19:39 - 2014-02-20 19:39 - 00368705 _____ () C:\Users\JoannaM\Downloads\gm (1).zip
2014-02-20 19:39 - 2014-02-20 19:39 - 00000000 ____D () C:\Users\JoannaM\Downloads\gm
2014-02-20 19:31 - 2014-02-20 19:31 - 00048100 _____ () C:\Users\JoannaM\Desktop\FRST.txt
2014-02-20 19:30 - 2014-02-20 19:30 - 00035465 _____ () C:\Users\JoannaM\Desktop\Addition.txt
2014-02-20 19:21 - 2014-02-20 19:21 - 00156156 _____ () C:\Users\JoannaM\Desktop\OTL.txt
2014-02-20 19:21 - 2014-02-20 19:21 - 00072548 _____ () C:\Users\JoannaM\Desktop\Extras.txt
2014-02-20 18:45 - 2014-02-20 18:45 - 00602112 _____ (OldTimer Tools) C:\Users\JoannaM\Downloads\OTL.com
2014-02-20 18:42 - 2014-02-20 18:42 - 00027137 _____ () C:\Users\JoannaM\Desktop\dds.txt
2014-02-20 18:42 - 2014-02-20 18:42 - 00006828 _____ () C:\Users\JoannaM\Desktop\attach.txt
2014-02-20 18:41 - 2014-02-20 18:40 - 00688992 ____R (Swearware) C:\Users\JoannaM\Downloads\dds.scr
2014-02-20 18:19 - 2014-02-20 18:19 - 00000000 ____D () C:\rsit
2014-02-20 18:19 - 2014-02-20 18:19 - 00000000 ____D () C:\Program Files\trend micro
2014-02-20 18:17 - 2014-02-20 18:14 - 00935175 _____ () C:\Users\JoannaM\Downloads\RSITx64.exe
2014-02-20 18:12 - 2014-02-20 18:08 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\Wise Registry Cleaner
2014-02-20 18:08 - 2014-02-20 18:08 - 02176336 _____ (WiseCleaner.com ) C:\Users\JoannaM\Downloads\WRCFree.exe
2014-02-20 18:08 - 2014-02-20 18:08 - 00001255 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2014-02-20 18:08 - 2014-02-20 18:08 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-02-20 18:08 - 2014-02-20 18:07 - 00673640 _____ ( ) C:\Users\JoannaM\Downloads\Wise-Registry-Cleaner(13347).exe
2014-02-20 17:06 - 2013-12-26 15:50 - 00004036 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-20 17:06 - 2013-12-26 15:50 - 00003800 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-20 16:57 - 2014-02-20 16:57 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-02-20 12:56 - 2014-02-20 12:55 - 00000000 ____D () C:\Users\JoannaM\Desktop\ENGLISH!!!
2014-02-20 12:49 - 2013-12-26 15:50 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-20 11:49 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-02-20 11:45 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-02-20 00:04 - 2012-12-17 20:23 - 00794946 _____ () C:\windows\system32\perfh015.dat
2014-02-20 00:04 - 2012-12-17 20:23 - 00159530 _____ () C:\windows\system32\perfc015.dat
2014-02-20 00:04 - 2012-07-26 08:28 - 01793398 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-18 13:35 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-02-17 18:13 - 2014-02-17 18:10 - 146516601 _____ () C:\Users\JoannaM\Downloads\The Basic Course In Estonian.zip
2014-02-17 08:52 - 2013-07-17 14:24 - 00000000 ____D () C:\windows\system32\MRT
2014-02-17 08:49 - 2013-05-03 11:12 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-16 12:47 - 2013-06-09 16:15 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\uTorrent
2014-02-16 12:41 - 2013-05-02 18:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 22:57 - 2013-05-20 11:43 - 00018432 ____H () C:\Users\JoannaM\Desktop\photothumb.db
2014-02-14 16:38 - 2014-02-14 16:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-12 22:28 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache
2014-02-12 16:59 - 2013-12-27 23:04 - 03527544 _____ () C:\windows\system32\FNTCACHE.DAT
2014-02-09 12:26 - 2014-02-09 12:26 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-02-09 12:26 - 2013-05-06 19:26 - 00000000 ____D () C:\Program Files\Unlocker
2014-02-09 01:43 - 2013-10-06 21:13 - 00000000 ____D () C:\Program Files\VDownloader
2014-02-09 00:25 - 2013-05-07 01:25 - 00000000 ____D () C:\Users\JoannaM\AppData\Local\CrashDumps
2014-02-07 12:37 - 2013-05-15 13:22 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\Skype
2014-02-07 12:29 - 2014-02-07 12:29 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-07 12:29 - 2014-02-07 12:29 - 00000000 ____D () C:\Users\JoannaM\AppData\Local\Skype
2014-02-07 12:29 - 2013-09-05 18:13 - 00000795 _____ () C:\Users\JoannaM\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-02-07 12:29 - 2013-05-15 13:22 - 00000000 ____D () C:\ProgramData\Skype
2014-02-04 23:18 - 2014-02-02 23:34 - 00000000 ____D () C:\Users\JoannaM\Documents\Corel
2014-02-04 21:54 - 2014-02-02 23:42 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\Corel
2014-02-04 21:45 - 2014-02-04 21:45 - 00000000 ____D () C:\Program Files (x86)\Edgard Multimedia
2014-02-04 21:29 - 2013-12-27 23:16 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-02-03 11:19 - 2014-02-03 11:19 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2008
2014-02-03 11:19 - 2014-02-03 11:19 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-02-03 11:19 - 2014-02-03 11:19 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2008
2014-02-03 11:19 - 2014-02-03 11:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-02-03 11:19 - 2014-02-02 23:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-02 23:43 - 2014-02-02 23:43 - 00000000 ____D () C:\Users\JoannaM\Documents\Moje palety
2014-02-02 23:43 - 2014-02-02 23:42 - 00000000 ____D () C:\ProgramData\Protexis64
2014-02-02 23:42 - 2014-02-02 23:31 - 00000000 ____D () C:\ProgramData\Corel
2014-02-02 23:35 - 2014-02-02 23:25 - 00000000 ____D () C:\ProgramData\CorelDRAW Graphics Suite X6
2014-02-02 23:33 - 2014-02-02 23:33 - 00000000 ____D () C:\Users\JoannaM\Documents\Visual Studio 2008
2014-02-02 23:33 - 2014-02-02 23:33 - 00000000 ____D () C:\Users\JoannaM\AppData\Local\Microsoft Help
2014-02-02 23:33 - 2014-02-02 23:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.0
2014-02-02 23:33 - 2014-02-02 23:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-02-02 23:32 - 2014-02-02 23:32 - 00000000 ____D () C:\Program Files\Common Files\Corel
2014-02-02 23:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-02 23:31 - 2014-02-02 23:31 - 00000000 ____D () C:\Program Files\Common Files\Protexis
2014-02-02 23:29 - 2014-02-02 23:29 - 00000000 ____D () C:\Users\Public\Documents\Corel
2014-02-02 23:29 - 2014-02-02 23:29 - 00000000 ____D () C:\Program Files\Corel
2014-02-01 10:20 - 2014-02-11 20:54 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-01 10:19 - 2014-02-11 20:55 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-01 10:19 - 2014-02-11 20:54 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-01 10:19 - 2014-02-11 20:54 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-01 10:19 - 2014-02-11 20:54 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-01 10:18 - 2014-02-11 20:54 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-01 10:18 - 2014-02-11 20:54 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-01 10:18 - 2014-02-11 20:54 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-01 10:18 - 2014-02-11 20:54 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-01 10:18 - 2014-02-11 20:54 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-01 10:18 - 2014-02-11 20:54 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-01 10:18 - 2014-02-11 20:54 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-01 10:18 - 2014-02-11 20:54 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-01 10:18 - 2014-02-11 20:54 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-01 10:18 - 2014-02-11 20:54 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-01 10:18 - 2014-02-11 20:54 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-01 08:58 - 2014-02-11 20:55 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-01 08:58 - 2014-02-11 20:55 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-01 08:58 - 2014-02-11 20:55 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-01 08:57 - 2014-02-11 20:55 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-01 08:57 - 2014-02-11 20:55 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-01 08:57 - 2014-02-11 20:55 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-01 08:57 - 2014-02-11 20:55 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-01 08:57 - 2014-02-11 20:54 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-01 08:57 - 2014-02-11 20:54 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-01 08:57 - 2014-02-11 20:54 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-01 08:57 - 2014-02-11 20:54 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-01 08:57 - 2014-02-11 20:54 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-01 08:57 - 2014-02-11 20:54 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-01 08:57 - 2014-02-11 20:54 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-01 08:40 - 2014-02-11 20:54 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-01 08:34 - 2014-02-11 20:54 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-01 06:08 - 2014-02-11 20:55 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-01-31 21:16 - 2013-10-06 21:13 - 00000000 ____D () C:\Users\JoannaM\AppData\Local\VDownloader
2014-01-30 22:10 - 2014-02-05 11:53 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-01-30 22:10 - 2014-02-05 11:53 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 01:43 - 2013-05-02 15:19 - 00000000 ____D () C:\Users\JoannaM
2014-01-30 01:42 - 2013-05-04 17:58 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\Winamp
2014-01-30 01:41 - 2013-05-02 18:10 - 00000000 ____D () C:\Users\JoannaM\AppData\Local\Mozilla
2014-01-30 01:41 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\registration
2014-01-28 22:07 - 2014-01-28 22:07 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\pl.ydp.maturarom.geografia
2014-01-28 22:02 - 2014-01-28 22:02 - 00000000 ____D () C:\Program Files (x86)\MaturaRom
2014-01-28 22:01 - 2014-01-28 22:01 - 00000000 ____D () C:\Users\JoannaM\AppData\Roaming\YDP
2014-01-28 19:07 - 2014-01-28 19:07 - 21331096 _____ (Mooii) C:\Users\JoannaM\Downloads\PhotoScape_V3.6.5(dobreprogramy.pl).exe
2014-01-28 19:07 - 2014-01-23 11:49 - 00000000 ____D () C:\Program Files (x86)\PhotoScape
2014-01-24 02:33 - 2013-12-27 22:50 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-01-24 02:32 - 2012-07-26 09:12 - 00000000 ___HD () C:\windows\ELAMBKUP

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-17 11:56

==================== End Of Log ============================