Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015 Ran by Właściciel (administrator) on DOM on 22-01-2015 18:55:15 Running from C:\Users\Właściciel\Downloads Loaded Profiles: Właściciel (Available profiles: Właściciel) Platform: Windows 8 (X64) OS Language: Polski (Polska) Internet Explorer Version 10 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe (AMD) C:\Windows\System32\atiesrxx.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (AMD) C:\Windows\System32\atieclxx.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe\LiveComm.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteMgmtUI.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe (Microsoft Corporation) C:\Windows\System32\msdt.exe (Microsoft Corporation) C:\Windows\System32\msdt.exe (Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe (Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Camera_6.2.8514.0_x64__8wekyb3d8bbwe\webcam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-08-22] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-25] (Synaptics Incorporated) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-12] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQALL13/78 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQALL13/78 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQALL13/78 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQALL13/78 HKU\S-1-5-21-3538546942-2675677403-2203174166-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQALL13/78 HKU\S-1-5-21-3538546942-2675677403-2203174166-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQALL13/78 SearchScopes: HKLM -> {05742960-4DBE-475E-AB0F-316852672D6D} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {05742960-4DBE-475E-AB0F-316852672D6D} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3538546942-2675677403-2203174166-1002 -> {05742960-4DBE-475E-AB0F-316852672D6D} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.pl/" CHR Profile: C:\Users\Właściciel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Właściciel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-29] CHR Extension: (Dokumenty Google) - C:\Users\Właściciel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-29] CHR Extension: (Dysk Google) - C:\Users\Właściciel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-29] CHR Extension: (YouTube) - C:\Users\Właściciel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-29] CHR Extension: (Szukaj w Google) - C:\Users\Właściciel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-29] CHR Extension: (Arkusze Google) - C:\Users\Właściciel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-29] CHR Extension: (AdBlock) - C:\Users\Właściciel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-29] CHR Extension: (Google Wallet) - C:\Users\Właściciel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-29] CHR Extension: (Gmail) - C:\Users\Właściciel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-29] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-12] (Advanced Micro Devices, Inc.) [File not signed] R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed] R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.) U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) U4 BthAvrcpTg; No ImagePath U4 BthHFEnum; No ImagePath U4 bthhfhid; No ImagePath R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [277648 2012-09-19] (Realtek Semiconductor Corp.) R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [692832 2012-10-02] (Ralink Technology, Corp.) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-22 18:55 - 2015-01-22 18:56 - 00016028 _____ () C:\Users\Właściciel\Downloads\FRST.txt 2015-01-22 18:54 - 2015-01-22 18:55 - 00000000 ____D () C:\FRST 2015-01-22 18:54 - 2015-01-22 18:54 - 02126848 _____ (Farbar) C:\Users\Właściciel\Downloads\FRST64.exe 2015-01-22 17:09 - 2015-01-22 17:47 - 00000000 ____D () C:\Users\Właściciel\Documents\Youcam 2015-01-22 17:09 - 2015-01-22 17:09 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\CyberLink 2015-01-22 17:09 - 2015-01-22 17:09 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\CyberLink 2015-01-22 16:37 - 2015-01-22 16:37 - 00000095 _____ () C:\Windows\SysWOW64\REMOTEDEVICE.INI 2015-01-22 16:36 - 2015-01-22 16:36 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\WinRAR 2015-01-22 14:16 - 2014-06-20 00:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-01-22 14:16 - 2014-06-19 23:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-01-22 14:15 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2015-01-22 14:15 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2015-01-22 14:15 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2015-01-22 14:15 - 2013-01-29 02:57 - 00035232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2015-01-22 14:15 - 2013-01-29 00:08 - 00230904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2015-01-22 14:14 - 2014-11-08 12:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2015-01-22 14:14 - 2014-11-08 12:21 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-01-22 14:14 - 2014-11-08 07:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2015-01-22 14:14 - 2014-11-08 07:56 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-01-22 14:14 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-01-22 14:14 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2015-01-22 14:14 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-01-22 14:14 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2015-01-22 14:14 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-01-22 14:14 - 2014-05-30 00:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll 2015-01-22 14:14 - 2014-04-12 10:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2015-01-22 14:14 - 2014-04-12 10:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2015-01-22 14:14 - 2014-04-12 10:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-01-22 14:14 - 2014-04-12 10:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-01-22 14:14 - 2014-04-12 10:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-01-22 14:14 - 2014-04-12 10:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-01-22 14:14 - 2014-04-12 08:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2015-01-22 14:14 - 2014-04-12 08:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-01-22 14:14 - 2014-04-12 08:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-01-22 14:14 - 2014-04-12 08:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-01-22 14:14 - 2014-04-12 08:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-01-22 14:14 - 2014-04-12 07:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll 2015-01-22 14:14 - 2014-03-04 00:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-01-22 14:13 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-01-22 14:13 - 2012-11-01 05:41 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-01-22 14:13 - 2012-11-01 05:40 - 02361344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-01-22 14:13 - 2012-11-01 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-01-22 14:13 - 2012-11-01 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-01-22 14:13 - 2012-11-01 05:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-01-22 14:13 - 2012-11-01 05:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-01-22 14:08 - 2015-01-22 14:08 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\hpqlog 2015-01-22 14:07 - 2015-01-22 17:06 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\Hewlett-Packard 2015-01-22 14:06 - 2015-01-22 14:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-01-22 13:53 - 2014-06-10 23:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2015-01-22 13:53 - 2014-06-10 23:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-12-29 22:22 - 2014-12-29 22:22 - 00000000 _____ () C:\Recovery.txt 2014-12-29 14:36 - 2015-01-22 18:44 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\ClassicShell 2014-12-29 14:36 - 2014-12-29 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell 2014-12-29 14:36 - 2014-12-29 14:36 - 00000000 ____D () C:\ProgramData\ClassicShell 2014-12-29 14:36 - 2014-12-29 14:36 - 00000000 ____D () C:\Program Files\Classic Shell 2014-12-29 14:27 - 2014-12-29 14:27 - 00002265 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-12-29 14:27 - 2014-12-29 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-12-29 14:26 - 2015-01-22 18:31 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-29 14:26 - 2015-01-22 15:21 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-29 14:26 - 2014-12-29 14:27 - 00000000 ____D () C:\Program Files (x86)\Google 2014-12-29 14:26 - 2014-12-29 14:26 - 00004036 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-12-29 14:26 - 2014-12-29 14:26 - 00003800 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-12-29 14:25 - 2014-12-29 14:27 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\Google 2014-12-29 14:23 - 2014-12-29 14:25 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\Deployment 2014-12-29 14:23 - 2014-12-29 14:23 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\Apps\2.0 2014-12-29 14:22 - 2014-12-29 14:22 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\Macromedia 2014-12-29 14:21 - 2014-12-29 14:21 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-12-29 14:21 - 2014-12-29 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-12-29 14:19 - 2014-12-29 14:21 - 00000000 ____D () C:\Program Files (x86)\WinRAR 2014-12-29 14:16 - 2014-12-29 14:16 - 00000995 _____ () C:\Users\Public\Desktop\AVG 2015.lnk 2014-12-29 14:16 - 2014-12-29 14:16 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\TuneUp Software 2014-12-29 14:16 - 2014-12-29 14:16 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\AVG2015 2014-12-29 14:16 - 2014-12-29 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-12-29 14:15 - 2014-12-29 14:16 - 00000000 ____D () C:\ProgramData\AVG2015 2014-12-29 14:15 - 2014-12-29 14:15 - 00000000 ___HD () C:\$AVG 2014-12-29 14:15 - 2014-12-29 14:15 - 00000000 ____D () C:\Program Files (x86)\AVG 2014-12-29 14:12 - 2014-05-20 03:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-12-29 14:12 - 2014-05-20 00:45 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-12-29 14:12 - 2014-05-20 00:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-12-29 14:12 - 2014-05-20 00:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-12-29 14:12 - 2014-05-20 00:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-12-29 14:12 - 2014-05-20 00:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-12-29 14:12 - 2014-05-20 00:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2014-12-29 14:12 - 2014-05-20 00:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2014-12-29 14:12 - 2014-05-20 00:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-12-29 14:12 - 2014-05-14 23:43 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-12-29 14:12 - 2014-05-14 23:43 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-12-29 14:12 - 2014-05-14 23:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-12-29 14:12 - 2014-05-14 23:42 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-12-29 14:12 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-12-29 14:12 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-12-29 14:12 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-12-29 14:11 - 2015-01-22 16:47 - 00000000 ____D () C:\ProgramData\MFAData 2014-12-29 14:11 - 2015-01-22 16:20 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\Avg2015 2014-12-29 14:11 - 2014-12-29 14:11 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\MFAData 2014-12-29 13:09 - 2014-12-29 13:09 - 00001198 _____ () C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk 2014-12-29 13:09 - 2014-12-29 13:09 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 2014-12-29 13:08 - 2014-12-29 13:08 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3 2014-12-29 12:40 - 2014-12-29 12:42 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3538546942-2675677403-2203174166-1002 2014-12-29 12:36 - 2014-12-29 12:36 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\ATI 2014-12-29 12:36 - 2014-12-29 12:36 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\ATI 2014-12-29 12:36 - 2014-12-29 12:36 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\AMD 2014-12-29 12:35 - 2015-01-22 18:24 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\Hewlett-Packard 2014-12-29 12:35 - 2014-12-29 12:35 - 00000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2014-12-29 12:35 - 2014-12-29 12:35 - 00000000 ____D () C:\Users\Właściciel\Documents\Bluetooth 2014-12-29 12:35 - 2014-12-29 12:35 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\bluesoleil 2014-12-29 12:34 - 2014-12-29 12:34 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-12-29 12:33 - 2014-12-29 12:33 - 00001442 _____ () C:\Users\Właściciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-12-29 12:33 - 2014-12-29 12:33 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\Synaptics 2014-12-29 12:33 - 2014-12-29 12:33 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\Adobe 2014-12-29 12:32 - 2014-12-29 12:32 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\Power2Go8 2014-12-29 12:31 - 2014-12-29 12:34 - 00000000 ____D () C:\Users\Właściciel 2014-12-29 12:31 - 2014-12-29 12:33 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\Packages 2014-12-29 12:31 - 2014-12-29 12:31 - 00000020 ___SH () C:\Users\Właściciel\ntuser.ini 2014-12-29 12:31 - 2014-12-29 12:31 - 00000000 _SHDL () C:\Users\Właściciel\Ustawienia lokalne 2014-12-29 12:31 - 2014-12-29 12:31 - 00000000 _SHDL () C:\Users\Właściciel\Szablony 2014-12-29 12:31 - 2014-12-29 12:31 - 00000000 _SHDL () C:\Users\Właściciel\Moje dokumenty 2014-12-29 12:31 - 2014-12-29 12:31 - 00000000 _SHDL () C:\Users\Właściciel\Menu Start 2014-12-29 12:31 - 2014-12-29 12:31 - 00000000 _SHDL () C:\Users\Właściciel\Documents\Moje wideo 2014-12-29 12:31 - 2014-12-29 12:31 - 00000000 _SHDL () C:\Users\Właściciel\Documents\Moje obrazy 2014-12-29 12:31 - 2014-12-29 12:31 - 00000000 _SHDL () C:\Users\Właściciel\Documents\Moja muzyka 2014-12-29 12:31 - 2014-12-29 12:31 - 00000000 _SHDL () C:\Users\Właściciel\Dane aplikacji 2014-12-29 12:31 - 2014-12-29 12:31 - 00000000 _SHDL () C:\Users\Właściciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-12-29 12:31 - 2014-12-29 12:31 - 00000000 _SHDL () C:\Users\Właściciel\AppData\Local\Historia 2014-12-29 12:31 - 2014-12-29 12:31 - 00000000 _SHDL () C:\Users\Właściciel\AppData\Local\Dane aplikacji 2014-12-29 12:31 - 2014-12-29 12:31 - 00000000 ____D () C:\Users\Właściciel\AppData\Local\VirtualStore 2014-12-29 12:31 - 2012-10-22 11:04 - 00002140 _____ () C:\Users\Właściciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2014-12-29 12:31 - 2012-10-22 10:50 - 00000000 ___HD () C:\Users\Właściciel\Documents\hp.system.package.metadata 2014-12-29 12:31 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Właściciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-12-29 12:31 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Właściciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-12-29 12:31 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Właściciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-12-29 12:31 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\Właściciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-12-29 12:30 - 2015-01-22 16:49 - 02040307 _____ () C:\Windows\WindowsUpdate.log 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Public\Documents\Moje wideo 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Public\Documents\Moje obrazy 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Public\Documents\Moja muzyka 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default\Ustawienia lokalne 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default\Szablony 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default\Moje dokumenty 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default\Menu Start 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default\Documents\Moje wideo 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default\Documents\Moje obrazy 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default\Documents\Moja muzyka 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default\Dane aplikacji 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historia 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dane aplikacji 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje wideo 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje obrazy 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default User\Documents\Moja muzyka 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Historia 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dane aplikacji 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\ProgramData\Szablony 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\ProgramData\Pulpit 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\ProgramData\Menu Start 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\ProgramData\Dokumenty 2014-12-29 12:29 - 2014-12-29 12:29 - 00000000 _SHDL () C:\ProgramData\Dane aplikacji 2014-12-29 12:23 - 2014-12-29 12:23 - 00002324 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3538546942-2675677403-2203174166-500 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-22 18:42 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp 2015-01-22 18:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru 2015-01-22 17:51 - 2012-09-26 08:53 - 00000950 _____ () C:\Windows\SysWOW64\bscs.ini 2015-01-22 17:47 - 2013-03-31 19:22 - 00003617 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI 2015-01-22 17:47 - 2013-03-31 19:22 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI 2015-01-22 17:10 - 2013-03-31 19:45 - 00000000 ____D () C:\ProgramData\CyberLink 2015-01-22 16:54 - 2012-10-22 19:53 - 00827626 _____ () C:\Windows\system32\perfh015.dat 2015-01-22 16:54 - 2012-10-22 19:53 - 00176034 _____ () C:\Windows\system32\perfc015.dat 2015-01-22 16:54 - 2012-07-26 08:28 - 01936226 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-22 16:50 - 2012-07-26 08:21 - 00034076 _____ () C:\Windows\setupact.log 2015-01-22 15:18 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-22 14:57 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-01-22 14:57 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-01-22 14:57 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\en-GB 2015-01-22 14:57 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender 2015-01-22 14:57 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-01-22 13:56 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-12-29 22:22 - 2012-07-26 09:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template 2014-12-29 14:40 - 2013-03-31 18:47 - 00312496 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-29 14:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\en-GB 2014-12-29 14:38 - 2012-08-03 23:23 - 00457368 _____ () C:\Windows\PFRO.log 2014-12-29 14:38 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-12-29 14:17 - 2012-08-04 00:21 - 00000000 ____D () C:\Windows\Panther 2014-12-29 14:15 - 2012-07-26 09:12 - 00000000 ___HD () C:\Windows\ELAMBKUP 2014-12-29 13:06 - 2013-03-31 19:14 - 00002843 _____ () C:\Windows\system32\RaCoInst.log 2014-12-29 13:06 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\restore 2014-12-29 13:02 - 2013-03-31 19:48 - 00000000 ____D () C:\ProgramData\Norton 2014-12-29 12:33 - 2013-03-31 19:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat 2014-12-29 12:33 - 2013-03-31 19:25 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools 2014-12-29 12:33 - 2012-10-22 11:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2014-12-29 12:33 - 2012-10-22 11:08 - 00000000 ___RD () C:\Program Files (x86)\Online Services 2014-12-29 12:33 - 2012-10-22 10:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection 2014-12-29 12:33 - 2012-08-04 01:02 - 00000000 ___HD () C:\SYSTEM.SAV 2014-12-29 12:33 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache 2014-12-29 12:29 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows NT 2014-12-29 12:29 - 2012-07-26 06:37 - 00000000 __RHD () C:\Users\Default 2014-12-29 12:26 - 2012-10-22 11:08 - 00000000 ____D () C:\ProgramData\Hewlett-Packard 2014-12-29 12:26 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\Recovery 2014-12-29 12:24 - 2012-08-03 23:40 - 00010342 _____ () C:\Windows\iis.log 2014-12-29 12:24 - 2012-07-26 09:13 - 00004552 _____ () C:\Windows\DtcInstall.log ==================== Files in the root of some directories ======= 2014-12-29 12:35 - 2014-12-29 12:35 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2012-08-03 23:23 ==================== End Of Log ============================