Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Sylwia (administrator) on SYSIA on 11-05-2015 23:15:17
Running from C:\Users\Sylwia\Desktop\antywirus
Loaded Profiles: Sylwia (Available profiles: Sylwia)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(TorchMedia Inc.) C:\Users\Sylwia\AppData\Local\Torch\Update\TorchCrashHandler.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TeamViewer GmbH) C:\Users\Sylwia\AppData\Local\Temp\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Users\Sylwia\AppData\Local\Temp\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Users\Sylwia\AppData\Local\Temp\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Users\Sylwia\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-12-11] (Sun Microsystems, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2840352 2010-04-07] (ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Photo Downloader] => "C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [155648 2012-04-03] (Apple Computer, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096 2012-08-16] (RealNetworks, Inc.)
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3510704 2014-07-23] (ALLPlayer Group Ltd.)
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\...\Run: [Facebook Update] => C:\Users\Sylwia\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-03] (Facebook Inc.)
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\...\Run: [iLivid] => C:\Users\Sylwia\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-09] (Bandoo Media Inc.)
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\...\MountPoints2: {5f633b16-8158-11df-9e8c-c49e29e54c6e} - G:\Autorun.exe
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\...\MountPoints2: {5f633b21-8158-11df-9e8c-c49e29e54c6e} - H:\Autorun.exe
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\PROGRA~3\Wincert\WIN64C~1.DLL File Not Found
AppInit_DLLs:  C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll => C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll File Not Found
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-07-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2010-05-25]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\Sylwia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2013-03-31]
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll <===== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX&q={searchTerms}
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX
HKU\S-1-5-21-2276001092-626760555-1109151234-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.pl/
http://www.onet.pl/
http://www.randdtech.pl/
http://www.gmail.com/
URLSearchHook: HKU\S-1-5-21-2276001092-626760555-1109151234-1000 - (No Name) - {87d5d709-40f2-48a7-8f47-7bb821af70ab} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2DE25F96-02DF-43A6-BCEB-DBFC058BFDFE} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=418&systemid=406&v=n9854--15857&apn_uid=8014618541484302&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX&q={searchTerms}
SearchScopes: HKLM-x32 -> {2DE25F96-02DF-43A6-BCEB-DBFC058BFDFE} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX&q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=418&systemid=406&v=n9854--15857&apn_uid=8014618541484302&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2276001092-626760555-1109151234-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=418&systemid=406&v=n9854--15857&apn_uid=8014618541484302&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2276001092-626760555-1109151234-1000 -> {2DE25F96-02DF-43A6-BCEB-DBFC058BFDFE} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2276001092-626760555-1109151234-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1418916722&from=cor&uid=HitachiXHTS725032A9A364_100224PCE300VKH4JREMX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2276001092-626760555-1109151234-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_plPL383
SearchScopes: HKU\S-1-5-21-2276001092-626760555-1109151234-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=418&systemid=406&v=n9854--15857&apn_uid=8014618541484302&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2276001092-626760555-1109151234-1000 -> {C733E0BE-0ADF-4AC9-BC07-3D044A797762} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN41641281112939549&UM=1
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-11] (Sun Microsystems, Inc.)
BHO: SimpleAdblock Class -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll [2012-09-20] (Simple Adblock)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-08-16] (RealPlayer)
BHO-x32: YouTube To ALLPlayer -> {61DB16C5-B733-43F4-872E-B20DC9E72740} -> C:\Program Files (x86)\ALLPlayer\YouTubeToALLPlayer.dll [2010-04-18] (ALLPlayer.org)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Pomocnik rejestracji usługi Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-16] (Sun Microsystems, Inc.)
BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll [2013-11-01] (ALLCinema Ltd.)
BHO-x32: No Name -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} ->  No File
BHO-x32: SimpleAdblock Class -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll [2012-09-20] (Simple Adblock)
Toolbar: HKU\S-1-5-21-2276001092-626760555-1109151234-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-2276001092-626760555-1109151234-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2276001092-626760555-1109151234-1000 -> No Name - {87D5D709-40F2-48A7-8F47-7BB821AF70AB} -  No File
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-12-11] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Sylwia\AppData\Roaming\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887
FF Homepage: www.google.pl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-03-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2010-08-16] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-08-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-08-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-08-16] (RealPlayer)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: TorchVLC -> C:\Users\Sylwia\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll [2013-07-31] (VideoLAN)
FF Plugin HKU\S-1-5-21-2276001092-626760555-1109151234-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sylwia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: No Name - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2015-03-04]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-08-16]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-2276001092-626760555-1109151234-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-04-21] <==== ATTENTION

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll No File
CHR Plugin: (SweetIM GC Helper) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.0.0.1_0\mgHelperGC.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.210.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.0.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Computer, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Sylwia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Profile: C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2012-12-20]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-12-20]
CHR Extension: (No Name) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2012-12-20]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-08-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42336 2010-04-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810120 2010-04-07] (ESET)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [125440 2009-09-24] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.)
R2 TorchCrashHandler; C:\Users\Sylwia\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2014-10-29] (TorchMedia Inc.) <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 DatamngrCoordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [X]
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [X] <==== ATTENTION

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [164912 2010-04-07] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [139704 2010-04-07] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [124760 2010-04-07] (ESET)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-06-26] () [File not signed]
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)
U3 aohosa90; C:\Windows\System32\Drivers\aohosa90.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-11 23:14 - 2015-05-11 23:15 - 00000000 ____D () C:\FRST
2015-05-11 23:13 - 2015-05-11 23:15 - 00000000 ____D () C:\Users\Sylwia\Desktop\antywirus
2015-05-11 23:12 - 2015-05-11 23:12 - 02102784 _____ (Farbar) C:\Users\Sylwia\Downloads\FRST64.exe
2015-05-11 23:12 - 2015-05-11 23:12 - 00380416 _____ () C:\Users\Sylwia\Downloads\urd11ym8.exe
2015-05-11 23:08 - 2015-05-11 23:08 - 07974864 _____ (TeamViewer GmbH) C:\Users\Sylwia\Downloads\TeamViewer_Setup_pl.exe
2015-05-11 21:57 - 2015-05-11 21:57 - 00000000 ____D () C:\Users\Sylwia\AppData\Roaming\TeamViewer
2015-05-10 22:28 - 2015-05-10 22:32 - 00000000 ____D () C:\Users\Sylwia\Desktop\smart
2015-05-10 19:05 - 2015-05-10 19:05 - 00055720 _____ () C:\Users\Sylwia\Downloads\La Comunidad - 2000.txt
2015-05-09 22:21 - 2015-05-09 22:21 - 00001091 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-05-09 22:04 - 2015-05-11 22:17 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-09 22:04 - 2015-05-10 11:26 - 00000000 ____D () C:\Users\Sylwia\AppData\Roaming\Avira
2015-05-09 22:00 - 2015-05-10 11:20 - 00000000 ____D () C:\ProgramData\Avira
2015-05-09 22:00 - 2015-05-09 22:21 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-05-09 18:41 - 2015-05-10 11:07 - 00007736 _____ () C:\Users\Sylwia\Desktop\DECRYPT_INSTRUCTIONS.html
2015-05-09 18:41 - 2015-05-10 11:07 - 00003203 _____ () C:\Users\Sylwia\Desktop\DECRYPT_INSTRUCTIONS.txt
2015-05-09 18:40 - 2015-05-09 18:40 - 00007736 _____ () C:\Users\Default\DECRYPT_INSTRUCTIONS.html
2015-05-09 18:40 - 2015-05-09 18:40 - 00003203 _____ () C:\Users\Default\DECRYPT_INSTRUCTIONS.txt
2015-05-09 18:32 - 2015-05-09 18:33 - 00000000 ____D () C:\ProgramData\ykesecizacubipyv
2015-05-09 16:19 - 2015-05-09 16:41 - 997606912 _____ () C:\Users\Sylwia\Downloads\Kochanek LEKTOR PL.avi
2015-05-08 19:46 - 2015-05-09 18:32 - 00040564 _____ () C:\Users\Sylwia\Desktop\8dd1ad8e76a011e2942122000aaa0535_7_large.jpg.encrypted
2015-05-08 19:46 - 2015-05-09 18:32 - 00023404 _____ () C:\Users\Sylwia\Desktop\IMG_20150502_195239.jpg.encrypted
2015-05-08 19:45 - 2015-05-08 19:45 - 00041206 _____ () C:\Users\Sylwia\Downloads\2.zip
2015-05-03 23:17 - 2015-05-03 23:17 - 00004092 _____ () C:\Users\Sylwia\Downloads\Działka.rar
2015-05-03 16:12 - 2015-05-09 18:37 - 00017575 _____ () C:\Users\Sylwia\Desktop\Po Prostu Toruń.xlsx.encrypted
2015-05-01 09:25 - 2015-05-11 22:20 - 00003336 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2276001092-626760555-1109151234-1000
2015-04-29 19:02 - 2015-05-11 22:20 - 00003204 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2276001092-626760555-1109151234-1000
2015-04-28 19:29 - 2015-05-09 18:37 - 00063240 _____ () C:\Users\Sylwia\Desktop\propozycja umowy przedwstępnej staw.doc.encrypted
2015-04-27 17:02 - 2015-04-27 17:02 - 00040950 _____ () C:\Users\Sylwia\Downloads\plan wzor(1).xlsx
2015-04-24 20:40 - 2015-04-24 21:07 - 988719104 _____ () C:\Users\Sylwia\Downloads\Millenium Mężczyźni Którzy Nienawidzą Kobiet.2009.PL.DVDRip.XviD.avi
2015-04-21 21:00 - 2015-05-09 18:41 - 01757466 _____ () C:\Users\Sylwia\Desktop\us tormix0001.pdf.encrypted
2015-04-21 21:00 - 2015-05-09 18:41 - 00821459 _____ () C:\Users\Sylwia\Desktop\zus0002.pdf.encrypted
2015-04-21 20:45 - 2015-05-09 18:41 - 00146717 _____ () C:\Users\Sylwia\Desktop\Wydruk.pdf.encrypted
2015-04-21 16:43 - 2015-04-21 16:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-18 22:58 - 2015-04-18 22:58 - 00040950 _____ () C:\Users\Sylwia\Downloads\plan wzor.xlsx
2015-04-16 23:40 - 2015-04-16 23:40 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 23:40 - 2015-04-16 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-16 18:51 - 2015-05-09 18:32 - 00000000 ____D () C:\Users\Sylwia\Desktop\Kurs Marketing
2015-04-16 17:11 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-16 17:11 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-16 17:11 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-16 17:11 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 17:11 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-16 17:11 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-16 17:11 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-16 17:11 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 17:11 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-16 17:11 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-16 17:11 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 17:11 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-16 17:11 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-16 17:11 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-16 17:11 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-16 17:11 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-16 17:11 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-16 17:11 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-16 17:11 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-16 17:11 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-16 17:11 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-16 17:11 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-16 17:11 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-16 17:11 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-16 17:11 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-16 17:11 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-16 17:11 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-16 17:11 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-16 17:11 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-16 17:10 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-16 17:10 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-16 17:10 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-16 17:10 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-16 17:10 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-16 17:10 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-16 17:10 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-16 17:10 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-16 17:10 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-16 17:10 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-16 17:10 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-16 17:10 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-16 17:10 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-16 17:10 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-16 17:10 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-16 17:10 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-16 17:10 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-16 17:10 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-16 17:10 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-16 17:10 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-16 17:10 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-16 17:10 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-16 17:10 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-16 17:10 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-16 17:10 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-16 17:10 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-16 17:10 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-16 17:10 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-16 17:10 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-14 22:31 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 22:31 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-14 22:26 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 22:26 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 22:26 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 22:26 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 22:26 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-14 22:26 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 22:26 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 22:26 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 22:26 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 22:26 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-14 22:26 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-14 22:26 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 22:26 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 22:26 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 22:26 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-14 22:26 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-14 22:26 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 22:26 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-14 22:26 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-14 22:26 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-14 22:26 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-14 22:26 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-14 22:26 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-14 22:26 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-14 22:26 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-14 22:26 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-14 22:26 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-14 22:26 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-14 22:26 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-14 22:26 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-14 22:26 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-14 22:26 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-14 22:26 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-14 22:26 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-14 22:26 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-14 22:26 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-14 22:26 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:26 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:17 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 22:17 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 22:17 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 22:17 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 22:17 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 22:17 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 22:17 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 22:17 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 22:17 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 22:17 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 22:17 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 22:17 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 22:17 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 22:17 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 22:17 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 22:17 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 22:17 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 22:17 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 22:17 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 22:17 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 22:17 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 22:17 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 22:17 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 22:17 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 22:14 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 22:14 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 22:14 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-14 22:14 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-14 22:04 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 22:03 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 22:03 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 22:03 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-11 22:57 - 2014-08-10 17:57 - 00000292 _____ () C:\Windows\Tasks\FoxTab.job
2015-05-11 22:36 - 2013-07-02 16:59 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-11 22:33 - 2010-03-21 02:26 - 01152237 _____ () C:\Windows\WindowsUpdate.log
2015-05-11 22:28 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-11 22:28 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-11 22:21 - 2010-06-07 19:17 - 00000000 ____D () C:\Users\Sylwia\Tracing
2015-05-11 22:20 - 2013-11-02 16:18 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2015-05-11 22:19 - 2013-06-11 23:15 - 00051621 _____ () C:\Windows\setupact.log
2015-05-11 22:19 - 2010-05-22 09:54 - 00000000 ____D () C:\Users\Sylwia
2015-05-11 22:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-11 22:18 - 2015-04-04 23:09 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-11 22:18 - 2015-03-04 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-05-11 22:18 - 2015-03-04 20:39 - 00000000 ____D () C:\ProgramData\ESET
2015-05-11 22:18 - 2015-03-04 20:39 - 00000000 ____D () C:\Program Files\ESET
2015-05-11 22:18 - 2014-06-05 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-05-11 22:18 - 2014-06-05 18:23 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2015-05-11 22:18 - 2013-07-02 16:59 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-05-11 22:18 - 2010-06-09 11:09 - 00000000 ____D () C:\Users\Sylwia\AppData\Roaming\Winamp
2015-05-11 22:18 - 2009-09-07 02:40 - 00000000 ___HD () C:\SYSTEM.SAV
2015-05-11 22:17 - 2013-09-04 13:47 - 00000000 ___RD () C:\Users\Sylwia\Desktop\PROSTYTUCJA W STAROŻYTNEJ GRECJI
2015-05-11 22:17 - 2011-09-29 20:21 - 00000000 ___RD () C:\Users\Sylwia\Desktop\Pierdołasy
2015-05-11 22:17 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-11 22:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-11 22:16 - 2012-08-16 17:19 - 00000000 ____D () C:\ProgramData\Real
2015-05-11 22:15 - 2014-03-04 13:53 - 00000000 ____D () C:\b239f2a0e072e2f9b1e9ae
2015-05-11 22:15 - 2014-03-03 23:42 - 00000000 ____D () C:\011a39d8f1eb148ebe72
2015-05-11 22:15 - 2014-02-27 23:21 - 00000000 ____D () C:\7e1d35a7abf77e08ce3ca7d78676b0
2015-05-11 22:15 - 2013-09-19 13:12 - 00000000 ____D () C:\AdwCleaner
2015-05-11 22:15 - 2011-04-26 19:29 - 00000000 ____D () C:\8f65a5eb44a935dfd562bc59063aa5f7
2015-05-11 22:15 - 2011-01-25 23:17 - 00000000 ____D () C:\07c54b424522ee7335651e8f9bc0a737
2015-05-11 22:15 - 2010-05-29 16:26 - 00000000 ____D () C:\Instalki
2015-05-09 18:41 - 2015-03-30 18:43 - 00190770 _____ () C:\Users\Sylwia\Desktop\stylowi_pl_moda-damska_jak-dobrac-naszyjnik-do-dekoltu_33005061.jpg.encrypted
2015-05-09 18:41 - 2013-08-26 12:34 - 00000426 ____H () C:\Users\Sylwia\Desktop\~$storia prostytucji.doc.encrypted
2015-05-09 18:41 - 2013-06-11 23:20 - 00248336 _____ () C:\Users\Sylwia\Documents\cc_20130611_232022.reg.encrypted
2015-05-09 18:41 - 2013-04-08 21:56 - 00547830 _____ () C:\Users\Sylwia\Documents\4dziaĹ‚- Ĺ»ywnoĹ›Ä‡.rar.encrypted
2015-05-09 18:41 - 2013-01-28 09:19 - 00000426 ____H () C:\Users\Sylwia\Desktop\~$uk_firmowy_PRB_nowy.doc.encrypted
2015-05-09 18:41 - 2012-04-02 11:20 - 00017067 _____ () C:\Users\Sylwia\Documents\Baza firm.xlsx.encrypted
2015-05-09 18:41 - 2012-03-01 08:31 - 00655438 _____ () C:\Users\Sylwia\Documents\DSCN1794.JPG.encrypted
2015-05-09 18:41 - 2012-03-01 08:31 - 00016332 _____ () C:\Users\Sylwia\Documents\DSCN1794 - Kopia.JPG.encrypted
2015-05-09 18:41 - 2012-02-14 19:06 - 20651109 _____ () C:\Users\Sylwia\Documents\bohamet.zip.encrypted
2015-05-09 18:41 - 2012-02-14 19:06 - 06629128 _____ () C:\Users\Sylwia\Documents\Cennik - systemy logistyczne DTH.xls.encrypted
2015-05-09 18:41 - 2012-02-14 19:06 - 02883344 _____ () C:\Users\Sylwia\Documents\DEMO PVC.zip.encrypted
2015-05-09 18:41 - 2012-02-14 19:06 - 00024328 _____ () C:\Users\Sylwia\Documents\Crystal-aktywność.xls.encrypted
2015-05-09 18:41 - 2012-02-14 19:06 - 00012412 _____ () C:\Users\Sylwia\Documents\Budżet 2012.xlsx.encrypted
2015-05-09 18:41 - 2011-11-27 12:12 - 00000426 ____H () C:\Users\Sylwia\Desktop\~$wy Dokument programu Microsoft Office Word.docx.encrypted
2015-05-09 18:41 - 2011-08-12 11:47 - 00000426 ____H () C:\Users\Sylwia\Desktop\~$tania_do_kredytu.doc.encrypted
2015-05-09 18:41 - 2011-07-03 19:00 - 00000426 ____H () C:\Users\Sylwia\Desktop\~$łnoc i Południe.doc.encrypted
2015-05-09 18:41 - 2011-06-30 14:06 - 00000426 ____H () C:\Users\Sylwia\Desktop\~$mokracja.doc.encrypted
2015-05-09 18:41 - 2011-05-31 11:18 - 00173832 _____ () C:\Users\Sylwia\Documents\Amerykanizacja kultury.doc.encrypted
2015-05-09 18:41 - 2011-05-19 10:00 - 00019720 _____ () C:\Users\Sylwia\Documents\00036179 nr karty Wizja sprawiedliwej globalizacji.doc.encrypted
2015-05-09 18:41 - 2011-04-29 22:07 - 00020232 _____ () C:\Users\Sylwia\Documents\1 tydzień.doc.encrypted
2015-05-09 18:41 - 2011-03-25 19:55 - 00022280 _____ () C:\Users\Sylwia\Documents\30 dag makaronu tagliatelle.doc.encrypted
2015-05-09 18:41 - 2011-03-21 22:10 - 00023816 _____ () C:\Users\Sylwia\Documents\Globalizacja.doc.encrypted
2015-05-09 18:41 - 2011-03-12 20:48 - 00019720 _____ () C:\Users\Sylwia\Documents\3 jajka.doc.encrypted
2015-05-09 18:41 - 2011-02-02 15:12 - 02022664 _____ () C:\Users\Sylwia\Documents\bouquet3.pps.encrypted
2015-05-09 18:41 - 2011-01-16 22:25 - 00019720 _____ () C:\Users\Sylwia\Documents\Formowanie się stosunków politycznych.doc.encrypted
2015-05-09 18:41 - 2011-01-13 23:34 - 00045320 _____ () C:\Users\Sylwia\Documents\gala.doc.encrypted
2015-05-09 18:41 - 2011-01-13 23:33 - 00044808 _____ () C:\Users\Sylwia\Documents\galuszka egza.doc.encrypted
2015-05-09 18:41 - 2011-01-13 23:30 - 00017955 _____ () C:\Users\Sylwia\Documents\gala.docx.encrypted
2015-05-09 18:41 - 2010-12-26 17:40 - 00028424 _____ () C:\Users\Sylwia\Documents\Dieta wegetariańska niskowęglowodanowa..doc.encrypted
2015-05-09 18:41 - 2010-12-13 12:05 - 00000000 ____D () C:\Users\Sylwia\Documents\DRĄŻEK
2015-05-09 18:41 - 2010-12-06 23:40 - 00021768 _____ () C:\Users\Sylwia\Documents\Attachments.doc.encrypted
2015-05-09 18:41 - 2010-08-02 14:36 - 00282376 _____ () C:\Users\Sylwia\Documents\Czasowniki Włoski.doc.encrypted
2015-05-09 18:41 - 2010-07-31 14:59 - 00000000 ____D () C:\Users\Sylwia\Documents\Harulek
2015-05-09 18:41 - 2010-06-27 14:54 - 00169736 _____ () C:\Users\Sylwia\Documents\CV Sylwia Załuńska.doc.encrypted
2015-05-09 18:41 - 2010-05-26 11:36 - 02273544 _____ () C:\Users\Sylwia\Documents\2_Zycie.pps.encrypted
2015-05-09 18:40 - 2014-09-15 18:05 - 00000000 ____D () C:\Users\Public\Documents\STALKER-SHOC
2015-05-09 18:40 - 2010-06-28 09:10 - 00000000 ____D () C:\Users\Sylwia\.gstreamer-0.10
2015-05-09 18:40 - 2010-06-27 21:44 - 00000000 ____D () C:\Users\Sylwia\.background
2015-05-09 18:39 - 2012-01-15 22:06 - 00000000 ____D () C:\Temp projects
2015-05-09 18:34 - 2012-07-23 05:10 - 00000000 __SHD () C:\found.000
2015-05-09 18:33 - 2012-02-13 17:10 - 00000000 ____D () C:\244f1d1aee79d99c0825f9f9f9
2015-05-09 18:32 - 2015-03-30 21:35 - 00036839 _____ () C:\Users\Sylwia\Desktop\10685475_872348182806844_3689763543883857601_n.jpg.encrypted
2015-05-09 18:32 - 2015-03-04 21:29 - 00338959 _____ () C:\Users\Sylwia\Desktop\CV - Sylwia Załuńska.pdf.encrypted
2015-05-09 18:32 - 2014-11-11 21:33 - 00000000 ____D () C:\Users\Sylwia\Desktop\Angol
2015-05-05 21:32 - 2014-03-03 22:50 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForSylwia.job
2015-05-04 21:59 - 2014-03-03 22:50 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSylwia
2015-05-04 20:38 - 2013-03-03 00:33 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2276001092-626760555-1109151234-1000UA.job
2015-05-03 23:38 - 2013-03-03 00:33 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2276001092-626760555-1109151234-1000Core.job
2015-05-02 13:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-25 09:18 - 2009-12-12 05:38 - 00767836 _____ () C:\Windows\system32\perfh015.dat
2015-04-25 09:18 - 2009-12-12 05:38 - 00171040 _____ () C:\Windows\system32\perfc015.dat
2015-04-25 09:18 - 2009-07-14 07:13 - 01750616 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-22 14:00 - 2014-12-18 17:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 20:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-18 20:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 23:40 - 2014-03-25 20:01 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-16 23:40 - 2010-07-11 20:32 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 17:03 - 2014-12-14 21:14 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 17:03 - 2014-05-08 22:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 17:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-14 22:40 - 2009-12-11 21:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-14 22:38 - 2012-04-03 12:02 - 01723222 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-14 22:04 - 2010-05-25 22:03 - 00000000 ____D () C:\Users\Sylwia\AppData\Local\Adobe
2015-04-14 22:03 - 2013-07-02 16:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 22:03 - 2013-07-02 16:59 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 22:03 - 2012-01-03 00:27 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2012-04-01 16:07 - 2012-04-01 16:07 - 0000000 _____ () C:\Users\Sylwia\AppData\Roaming\wklnhst.dat
2010-05-22 10:06 - 2010-05-22 10:06 - 0000000 _____ () C:\Users\Sylwia\AppData\Local\AtStart.txt
2012-04-03 11:54 - 2012-11-17 14:38 - 0005120 _____ () C:\Users\Sylwia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-05-22 10:06 - 2010-05-22 10:06 - 0000000 _____ () C:\Users\Sylwia\AppData\Local\DSwitch.txt
2012-04-21 00:14 - 2012-04-21 00:14 - 0000094 _____ () C:\Users\Sylwia\AppData\Local\fusioncache.dat
2010-05-22 10:06 - 2010-05-22 10:06 - 0000000 _____ () C:\Users\Sylwia\AppData\Local\QSwitch.txt
2015-01-17 21:06 - 2015-01-17 21:06 - 0705515 _____ () C:\Users\Sylwia\AppData\Local\tmp12012014174.0
2015-01-17 21:06 - 2015-01-17 21:06 - 0325469 _____ () C:\Users\Sylwia\AppData\Local\tmp12012014174.JPG
2011-08-24 18:47 - 2011-08-24 18:47 - 0108256 _____ () C:\Users\Sylwia\AppData\Local\tmp209202_1324851416973_1701530884_538551_2429391_O.JPG
2013-08-22 16:07 - 2013-08-22 16:07 - 0208246 _____ () C:\Users\Sylwia\AppData\Local\tmpCV1_EDITED.0
2013-08-22 16:07 - 2013-08-22 16:07 - 0088939 _____ () C:\Users\Sylwia\AppData\Local\tmpCV1_EDITED.JPG
2013-08-02 09:49 - 2013-08-02 09:49 - 0197063 _____ () C:\Users\Sylwia\AppData\Local\tmpCV3 - KOPIA.0
2013-08-02 09:49 - 2013-08-02 09:49 - 0098429 _____ () C:\Users\Sylwia\AppData\Local\tmpCV3 - KOPIA.JPG
2011-07-26 23:07 - 2011-07-26 23:07 - 0685905 _____ () C:\Users\Sylwia\AppData\Local\tmpDOWÓD.0
2011-07-26 23:07 - 2011-07-26 23:07 - 0220848 _____ () C:\Users\Sylwia\AppData\Local\tmpDOWÓD.1
2011-07-26 23:07 - 2011-07-26 23:07 - 0236913 _____ () C:\Users\Sylwia\AppData\Local\tmpDOWÓD.JPG
2010-09-10 12:09 - 2010-09-10 12:09 - 1956625 _____ () C:\Users\Sylwia\AppData\Local\tmpDSC02348.0
2010-09-10 12:09 - 2010-09-10 12:09 - 0402434 _____ () C:\Users\Sylwia\AppData\Local\tmpDSC02348.JPG
2011-12-20 01:49 - 2011-12-20 01:49 - 2154030 _____ () C:\Users\Sylwia\AppData\Local\tmpDSCN1732.JPG
2012-02-29 22:03 - 2012-02-29 22:03 - 0655174 _____ () C:\Users\Sylwia\AppData\Local\tmpDSCN1794.JPG
2015-02-09 21:51 - 2015-02-09 21:51 - 3807910 _____ () C:\Users\Sylwia\AppData\Local\tmpP2070029.JPG
2010-07-25 20:31 - 2010-07-25 20:31 - 0073060 _____ () C:\Users\Sylwia\AppData\Local\tmpPOMIDORKI.JPG
2011-09-13 22:45 - 2011-09-13 22:45 - 0091081 _____ () C:\Users\Sylwia\AppData\Local\tmpUID_300B39B0417D736E9F9602E9B452FB9B1239965279789_WIDTH_700_PLAY_0_POS_3_GS_0.JPG
2010-05-29 22:12 - 2010-05-29 22:16 - 0780991 _____ () C:\Users\Sylwia\AppData\Local\tmpZAKOPANE 2009 032.0
2010-05-29 22:17 - 2010-05-29 22:17 - 0353221 _____ () C:\Users\Sylwia\AppData\Local\tmpZAKOPANE 2009 032.JPG
2010-05-29 22:17 - 2010-05-29 22:17 - 0248770 _____ () C:\Users\Sylwia\AppData\Local\tmpZAKOPANE 2009 032_CROP.0
2010-05-29 22:17 - 2010-05-29 22:17 - 0259747 _____ () C:\Users\Sylwia\AppData\Local\tmpZAKOPANE 2009 032_CROP.JPG
2012-11-16 17:23 - 2012-12-30 08:59 - 95023320 ____T () C:\ProgramData\dsgsdgdsgdsgw.pad
2010-05-22 10:06 - 2015-05-11 22:21 - 0000174 _____ () C:\ProgramData\HPWALog.txt
2010-08-18 12:17 - 2010-08-18 12:19 - 0000317 _____ () C:\ProgramData\hpzinstall.log
2012-11-16 17:23 - 2012-11-16 17:23 - 0044544 _____ (Microsoft Corporation) C:\ProgramData\lsass.exe
2010-03-21 02:43 - 2010-03-21 02:43 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-12-11 22:05 - 2009-12-11 22:06 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-03-21 02:42 - 2010-03-21 02:42 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-12-11 22:01 - 2009-12-11 22:02 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-03-21 02:42 - 2010-03-21 02:42 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-03-21 02:43 - 2010-03-21 02:43 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-12-11 22:00 - 2009-12-11 22:01 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-12-11 22:02 - 2009-12-11 22:05 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-03-21 02:43 - 2010-03-21 02:43 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\ProgramData\lsass.exe
C:\Users\Sylwia\Autorun.exe
C:\Users\Sylwia\wrar393pl.exe


Some content of TEMP:
====================
C:\Users\Sylwia\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Sylwia\AppData\Local\Temp\Delta.exe
C:\Users\Sylwia\AppData\Local\Temp\DeltaTB.exe
C:\Users\Sylwia\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Sylwia\AppData\Local\Temp\gg10.upgr.exe
C:\Users\Sylwia\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Sylwia\AppData\Local\Temp\propsys.dll
C:\Users\Sylwia\AppData\Local\Temp\Quarantine.exe
C:\Users\Sylwia\AppData\Local\Temp\SHSetup.exe
C:\Users\Sylwia\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sylwia\AppData\Local\Temp\t.dll
C:\Users\Sylwia\AppData\Local\Temp\Uninstall.exe
C:\Users\Sylwia\AppData\Local\Temp\WSSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-08 20:38

==================== End Of Log ============================