Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2015
Ran by user (administrator) on USER-TOSH on 26-05-2015 17:23:12
Running from C:\Users\user\Downloads
Loaded Profiles: UpdatusUser & user (Available Profiles: UpdatusUser & user & MCH)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(EnTech Taiwan) C:\Program Files (x86)\PowerStrip\PStrip.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\avastui.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5515496 2015-05-16] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-1258921199-632536683-1381380009-1000\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\S-1-5-21-1258921199-632536683-1381380009-1000\...\Run: [] => [X]
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\Run: [EPSON SX218 Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-12-08] (Glarysoft Ltd)
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\Run: [IPLA!] => C:\Program Files (x86)\ipla\ipla.exe [21360736 2014-12-12] (Redefine Sp z o.o.)
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {0aa42944-0cb0-11e3-af3f-88ae1d563f0e} - H:\AutoRun.exe
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {18bce103-95a9-11e4-9899-88ae1d563f0e} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {264613ba-c22b-11e2-a9ed-88ae1d563f0e} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {4aafc81b-3117-11e4-b58f-88ae1d563f0e} - F:\autorun.exe
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {5394567f-2fb7-11e1-8d8b-88ae1d563f0e} - "G:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {56b84565-f7ac-11e2-a583-88ae1d563f0e} - H:\LGAutoRun.exe
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {61aa59d6-294d-11e4-81b4-88ae1d563f0e} - G:\autorun.exe
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {89efbd55-817d-11e0-acbe-88ae1d563f0e} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {8fc46276-e861-11df-8669-e839df9bd067} - G:\application\Setup.exe
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {99c70b59-8270-11e1-99c0-88ae1d563f0e} - G:\setup.exe
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {ad304850-4dc6-11e3-9625-e839df9bd067} - F:\Startme.exe
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {f9089779-1a6e-11e1-9d5e-e839df9bd067} - F:\AutoRun.exe
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {f908979c-1a6e-11e1-9d5e-e839df9bd067} - F:\AutoRun.exe
HKU\S-1-5-21-1258921199-632536683-1381380009-1001\...\MountPoints2: {f90897c1-1a6e-11e1-9d5e-e839df9bd067} - F:\AutoRun.exe
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-26]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-26]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\MCH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-09-29]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-05-15] (Avast Software s.r.o.)
BootExecute: autocheck autochk *  
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKLM -> {ECDA09CB-BA2F-4F02-B6D3-33BAED3FA905} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {038E0D62-ECF8-418A-876A-B66BA3F5C564} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1258921199-632536683-1381380009-1000 -> {7128DAC3-3453-49DE-BA63-BA7A39C77F01} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
SearchScopes: HKU\S-1-5-21-1258921199-632536683-1381380009-1000 -> {D377BD56-4B5C-476C-A525-4E7B028D6319} URL = http://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-1258921199-632536683-1381380009-1001 -> {038E0D62-ECF8-418A-876A-B66BA3F5C564} URL = 
SearchScopes: HKU\S-1-5-21-1258921199-632536683-1381380009-1001 -> {09FA809C-D7FF-4999-85F9-33681221D530} URL = 
SearchScopes: HKU\S-1-5-21-1258921199-632536683-1381380009-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-1258921199-632536683-1381380009-1001 -> {34882F1D-847E-47DB-A55E-52AA79BF0BB5} URL = 
SearchScopes: HKU\S-1-5-21-1258921199-632536683-1381380009-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = 
BHO: SmaartComPiare -> {1903BE6A-B9E9-B38A-3CD7-3FEB87DD4BE7} -> C:\ProgramData\SmaartComPiare\Q5To2.x64.dll No File
BHO: DisacouintLoCattoor -> {1E17AFD8-ED8B-DC01-25A0-AF9F34E9712E} -> C:\ProgramData\DisacouintLoCattoor\4KT3cl8.x64.dll No File
BHO: SalEssChheckkeerr -> {26F9A88D-9526-B0BA-DCD8-42D6C2B134DF} -> C:\ProgramData\SalEssChheckkeerr\2rq_wYr.x64.dll No File
BHO: AdobViewER -> {83A2A75B-515B-B7C5-28E5-05A503C49552} -> C:\ProgramData\AdobViewER\3bE.x64.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-05-15] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: FlasHCoiuppon -> {995709A4-5411-5421-9791-06DEEB5253DA} -> C:\ProgramData\FlasHCoiuppon\4VAK.x64.dll No File
BHO: ToppdEEall -> {BA932C8E-5A4E-C9AB-C4E9-12EDDC7F1C3F} -> C:\ProgramData\ToppdEEall\pA6.x64.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23] (DivX, LLC)
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\XTab\SupTab.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-05-15] (Avast Software s.r.o.)
BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-27] (Oracle Corporation)
BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09] (ALLCinema Ltd.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19] (<TOSHIBA>)
BHO-x32: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\Users\user\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-07-13] (GG Network S.A.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 87.204.204.204 62.233.233.233
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6aal0atz.default-1397314689778
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-05-25] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2010-08-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2010-08-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2014-12-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2014-12-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1258921199-632536683-1381380009-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\user\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll [2011-03-23] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2012-09-01] (Octoshape ApS)
FF Extension: Mozilla Firefox Hotfixer - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6aal0atz.default-1397314689778\Extensions\veggy@veggyAddon.com [2015-05-21]
FF Extension: Better Finder - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6aal0atz.default-1397314689778\Extensions\{142c88f6-8b34-46f3-938d-72ffd58238dc} [2015-01-05]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6aal0atz.default-1397314689778\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-09-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-07-11]

Chrome: 
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-28]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-28]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-02]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-01]
CHR Extension: (Fiery Music) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon [2015-01-01]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-28]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-09-17]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-05-15]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-05-15] (Avast Software s.r.o.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) []
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-17] (Electronic Arts)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Update Solution Real; "C:\Program Files (x86)\Solution Real\updateSolutionReal.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-15] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-15] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-15] ()
R1 GUBootStartup; C:\windows\System32\drivers\GUBootStartup.sys [20160 2014-12-20] (Glarysoft Ltd)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-08-31] (Duplex Secure Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [15672 2015-05-25] ()
U3 az1qxozb; C:\Windows\System32\Drivers\az1qxozb.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotDev; system32\DRIVERS\motodrv.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 WPRO_40_1340; system32\drivers\WPRO_40_1340.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 17:23 - 2015-05-26 17:24 - 00024729 _____ () C:\Users\user\Downloads\FRST.txt
2015-05-26 17:22 - 2015-05-26 17:23 - 00000000 ____D () C:\FRST
2015-05-26 17:13 - 2015-05-26 17:14 - 02108928 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2015-05-26 17:12 - 2015-05-26 17:13 - 01147392 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2015-05-26 16:58 - 2015-05-26 16:58 - 00003222 _____ () C:\windows\System32\Tasks\{1136455A-63E7-4D04-8582-5D7A44E74437}
2015-05-26 16:35 - 2015-05-26 16:35 - 00003090 _____ () C:\windows\System32\Tasks\{B44413EF-B4F3-4677-9078-B53ACB5AC490}
2015-05-25 16:22 - 2015-05-25 16:22 - 00000000 ____D () C:\Program Files\avast software
2015-05-19 15:01 - 2015-05-19 15:01 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\568056C9.sys
2015-05-17 17:08 - 2015-05-17 17:09 - 00000000 ____D () C:\Users\user\AppData\Local\{DDDCAE1B-F139-4B5C-911D-E6EC1A75B108}
2015-05-16 14:40 - 2015-05-16 14:43 - 00000000 ____D () C:\AdwCleaner
2015-05-16 14:40 - 2015-05-16 14:40 - 02209792 _____ () C:\Users\user\Downloads\AdwCleaner4.exe
2015-05-16 13:56 - 2015-05-16 13:56 - 00000000 ____D () C:\Users\user\AppData\Roaming\AVAST Software
2015-05-15 19:40 - 2015-05-15 19:38 - 00137288 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys
2015-05-15 19:40 - 2015-05-15 19:37 - 00029168 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-05-15 19:39 - 2015-05-15 19:37 - 00364472 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-05-15 19:36 - 2015-05-15 19:36 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr
2015-05-15 19:31 - 2015-05-15 19:31 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-14 21:32 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 21:32 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:21 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-13 18:21 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-05-13 18:21 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-13 18:21 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-05-13 18:20 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-13 18:20 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-13 18:20 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-13 18:20 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-05-13 18:20 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-05-13 18:20 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-05-13 18:20 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-13 18:20 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-13 18:20 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-05-13 18:20 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-13 18:20 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-05-13 18:20 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-05-13 18:20 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-05-13 18:20 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-13 18:20 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-13 18:20 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-05-13 18:20 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-05-13 18:20 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-05-13 18:20 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-13 18:20 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-13 18:20 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-05-13 18:20 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-13 18:20 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-05-13 18:20 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 18:20 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-13 18:20 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-05-13 18:20 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-05-13 18:20 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-13 18:20 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-05-13 18:20 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-13 18:20 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-05-13 18:20 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-13 18:20 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-13 18:20 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-05-13 18:20 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-05-13 18:20 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-05-13 18:20 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-13 18:20 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-05-13 18:20 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-05-13 18:20 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-13 18:20 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-13 18:20 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-05-13 18:20 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-05-13 18:20 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-13 18:20 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 18:20 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-13 18:20 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-05-13 18:20 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-13 18:20 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-13 18:20 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-13 18:20 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-13 18:20 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-13 18:20 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-13 18:20 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-05-13 18:20 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-13 18:20 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-13 18:20 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-13 18:20 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-13 18:20 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-13 18:20 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-13 18:20 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-13 18:18 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-05-13 18:18 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-13 18:18 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-13 18:18 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-13 18:18 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-05-13 18:18 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-05-13 18:18 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-05-13 18:18 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-05-13 18:18 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-05-13 18:18 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-05-13 18:18 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-05-13 18:18 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-05-13 18:18 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-05-13 18:18 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-05-13 18:18 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-05-13 18:18 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-05-13 18:18 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-05-13 18:18 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-05-13 18:18 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-05-13 18:18 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-05-13 18:18 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-05-13 18:18 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-05-13 18:18 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-05-13 18:18 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-05-13 18:18 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-13 18:17 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-05-13 18:17 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-13 18:17 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-13 18:17 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-13 18:17 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-05-13 18:17 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-05-13 18:17 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-13 18:17 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-13 18:17 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-13 18:17 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-05-13 18:17 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-05-13 18:17 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-05-13 18:17 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-13 18:17 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-05-13 18:17 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-13 18:17 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-05-13 18:17 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-05-13 18:17 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-05-13 18:17 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-05-13 18:17 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-05-13 18:17 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-05-13 18:17 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-05-13 18:17 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-05-13 18:17 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-05-13 18:17 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-05-13 18:17 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-05-13 18:17 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-05-13 18:17 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-05-13 18:17 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-05-13 18:17 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-05-13 18:17 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 18:17 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 18:16 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-13 18:16 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-05-13 18:15 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-13 18:15 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-13 18:15 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-05-13 18:15 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-13 18:15 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-05-13 18:15 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-05-13 18:15 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-05-13 18:15 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-05-13 18:15 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-05-13 18:14 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-05-13 18:14 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-05-13 18:14 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-13 18:14 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-05-13 18:14 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2015-05-13 18:14 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2015-05-13 18:14 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-05-13 18:14 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-05-13 18:14 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-13 17:37 - 2015-05-13 17:38 - 07470382 _____ () C:\Users\user\Downloads\ULOTKI-ROZWIESC-UPC.xlsx
2015-04-28 17:51 - 2015-04-28 17:51 - 00056146 _____ () C:\Users\user\Downloads\Ted_ 2012 _[DVDRip XviD-Zet]_[Lektor_PL][Torrenty.org].torrent
2015-04-27 15:26 - 2015-04-27 15:26 - 00022528 _____ () C:\Users\user\Downloads\faktury.xls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 17:12 - 2014-12-28 18:07 - 00001044 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-26 17:12 - 2014-12-28 18:07 - 00001040 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-26 17:12 - 2010-08-26 00:01 - 01392495 _____ () C:\windows\WindowsUpdate.log
2015-05-26 16:50 - 2013-02-14 22:17 - 00000930 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-26 16:43 - 2014-12-19 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2015-05-26 16:43 - 2009-07-14 20:09 - 00000000 ____D () C:\windows\ShellNew
2015-05-26 16:41 - 2015-01-15 19:50 - 00000000 ____D () C:\Program Files (x86)\PowerStrip
2015-05-26 16:34 - 2014-12-29 15:48 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2015-05-26 16:32 - 2014-07-16 21:34 - 00000000 ____D () C:\Users\user\AppData\Local\Unity
2015-05-25 17:17 - 2009-07-14 06:45 - 00019248 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-25 17:17 - 2009-07-14 06:45 - 00019248 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-25 17:09 - 2015-01-16 17:20 - 00009821 _____ () C:\Users\user\AppData\Roaming\PStrip.bak
2015-05-25 17:09 - 2015-01-15 19:51 - 00009821 _____ () C:\Users\user\AppData\Roaming\PStrip.ini
2015-05-25 17:09 - 2014-12-20 16:53 - 00000330 _____ () C:\windows\Tasks\GlaryInitialize 5.job
2015-05-25 17:09 - 2011-03-30 12:55 - 00000000 ____D () C:\Users\user\AppData\Roaming\ipla
2015-05-25 17:08 - 2014-12-20 16:53 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-05-25 17:08 - 2014-10-17 19:31 - 00000374 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-05-25 17:08 - 2011-10-06 10:23 - 00015672 _____ () C:\windows\system32\Drivers\SWDUMon.sys
2015-05-25 17:08 - 2011-09-29 23:14 - 00002830 _____ () C:\windows\System32\Tasks\SlimDrivers Startup
2015-05-25 17:08 - 2011-09-29 23:14 - 00000406 _____ () C:\windows\Tasks\SlimDrivers Startup.job
2015-05-25 17:07 - 2014-12-21 02:00 - 00012640 _____ () C:\windows\setupact.log
2015-05-25 17:07 - 2010-08-26 00:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-25 17:07 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-25 17:02 - 2015-01-16 17:20 - 00009821 _____ () C:\Users\user\AppData\Roaming\PStrip.bk!
2015-05-23 10:35 - 2013-08-19 08:50 - 00004184 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-05-22 21:44 - 2015-01-23 17:57 - 00009821 _____ () C:\Users\user\AppData\Roaming\PStrip.bko
2015-05-21 08:30 - 2015-04-05 09:26 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-05-21 08:30 - 2015-04-05 09:26 - 00000000 ___SD () C:\windows\system32\GWX
2015-05-19 14:58 - 2014-08-26 20:34 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-17 09:24 - 2014-12-26 17:12 - 00231300 _____ () C:\windows\PFRO.log
2015-05-16 15:20 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2015-05-16 14:43 - 2014-12-28 18:07 - 00001265 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-16 14:43 - 2014-12-28 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-16 14:43 - 2014-07-25 17:38 - 00000000 ____D () C:\windows\system32\log
2015-05-16 14:43 - 2011-09-29 20:42 - 00001038 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-16 14:43 - 2011-09-29 20:42 - 00001026 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-16 14:43 - 2010-09-30 16:59 - 00001006 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-16 13:57 - 2009-07-14 19:55 - 18091964 _____ () C:\windows\system32\perfh015.dat
2015-05-16 13:57 - 2009-07-14 19:55 - 06320668 _____ () C:\windows\system32\perfc015.dat
2015-05-16 13:57 - 2009-07-14 07:13 - 00006576 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-16 13:52 - 2009-07-14 07:32 - 00000000 ____D () C:\windows\addins
2015-05-15 22:13 - 2014-08-27 16:44 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-15 21:19 - 2014-08-26 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-15 21:19 - 2014-08-26 20:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-15 21:19 - 2014-02-19 22:08 - 00001089 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-15 19:37 - 2013-08-19 08:50 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys
2015-05-15 19:37 - 2013-08-19 08:49 - 00272248 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-05-15 19:37 - 2013-08-19 08:49 - 00065736 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-05-15 19:37 - 2010-11-10 20:32 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys
2015-05-15 19:37 - 2010-11-10 20:32 - 00089944 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-05-15 19:35 - 2011-07-11 20:22 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-05-15 19:29 - 2010-11-10 20:32 - 00000000 _____ () C:\windows\SysWOW64\config.nt
2015-05-15 19:15 - 2014-08-27 12:36 - 00000000 ____D () C:\Program Files (x86)\mozilla firefox
2015-05-15 17:52 - 2014-12-22 22:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-15 17:52 - 2014-12-22 22:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-15 17:52 - 2009-07-14 06:45 - 00415712 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-15 17:48 - 2009-07-14 20:09 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-15 17:48 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2015-05-15 17:45 - 2015-02-28 13:31 - 00000000 ____D () C:\Users\user\Documents\efile-backup
2015-05-14 22:33 - 2010-10-02 21:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-05-14 22:29 - 2011-02-06 14:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-14 22:28 - 2013-08-15 10:15 - 00000000 ____D () C:\windows\system32\MRT
2015-05-14 22:03 - 2010-10-02 14:56 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-14 21:29 - 2014-12-22 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-06 11:11 - 2011-08-22 20:28 - 00000000 ____D () C:\Users\user\AppData\Roaming\uTorrent
2015-04-28 17:22 - 2009-07-14 07:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-04-26 19:22 - 2011-03-30 12:55 - 00000000 ____D () C:\ProgramData\ipla

==================== Files in the root of some directories =======

2015-01-16 17:20 - 2015-05-25 17:09 - 0009821 _____ () C:\Users\user\AppData\Roaming\PStrip.bak
2015-01-16 17:20 - 2015-05-25 17:02 - 0009821 _____ () C:\Users\user\AppData\Roaming\PStrip.bk!
2015-01-23 17:57 - 2015-05-22 21:44 - 0009821 _____ () C:\Users\user\AppData\Roaming\PStrip.bko
2015-01-15 19:51 - 2015-05-25 17:09 - 0009821 _____ () C:\Users\user\AppData\Roaming\PStrip.ini
2010-11-05 00:25 - 2010-11-05 00:25 - 0000320 _____ () C:\Users\user\AppData\Local\FSCache.dat
2014-03-01 15:28 - 2014-03-01 15:28 - 0000017 _____ () C:\Users\user\AppData\Local\resmon.resmoncfg
2012-03-05 19:07 - 2012-04-30 09:33 - 0003813 _____ () C:\Users\user\AppData\Local\unins000.dat
2012-04-30 09:31 - 2012-04-30 09:31 - 0707504 _____ () C:\Users\user\AppData\Local\unins000.exe
2012-03-05 19:07 - 2012-04-30 09:33 - 0011761 _____ () C:\Users\user\AppData\Local\unins000.msg
2011-05-26 14:46 - 2011-05-26 14:46 - 0000000 _____ () C:\Users\user\AppData\Local\{28BF8435-A31F-4C29-AF2B-A1CA91F03DDB}
2010-11-30 20:51 - 2010-11-30 20:51 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2013-11-17 23:17 - 2013-11-17 23:17 - 0000114 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\MCH\AppData\Local\Temp\installerdll222239.dll
C:\Users\MCH\AppData\Local\Temp\installerdll250990.dll
C:\Users\MCH\AppData\Local\Temp\installerdll369472.dll
C:\Users\MCH\AppData\Local\Temp\installerdll371344.dll
C:\Users\MCH\AppData\Local\Temp\installerdll380876.dll
C:\Users\MCH\AppData\Local\Temp\rootsupd.exe
C:\Users\MCH\AppData\Local\Temp\vcredist_x64.exe
C:\Users\MCH\AppData\Local\Temp\vcredist_x86.exe
C:\Users\MCH\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\user\AppData\Local\Temp\bitool.dll
C:\Users\user\AppData\Local\Temp\dbf33170f8d3feae446e3bff9e192ba2.dll
C:\Users\user\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
C:\Users\user\AppData\Local\Temp\ICReinstall_Parallels Workstation 2.22.exe
C:\Users\user\AppData\Local\Temp\ipl470A.tmp.exe
C:\Users\user\AppData\Local\Temp\ipl5113.tmp.exe
C:\Users\user\AppData\Local\Temp\ipl5EEF.tmp.exe
C:\Users\user\AppData\Local\Temp\ipl6412.tmp.exe
C:\Users\user\AppData\Local\Temp\ipl672.tmp.exe
C:\Users\user\AppData\Local\Temp\ipl81AD.tmp.exe
C:\Users\user\AppData\Local\Temp\iplC4F.tmp.exe
C:\Users\user\AppData\Local\Temp\iplEDD.tmp.exe
C:\Users\user\AppData\Local\Temp\iplF1CB.tmp.exe
C:\Users\user\AppData\Local\Temp\KMP_3.9.1.131.exe
C:\Users\user\AppData\Local\Temp\KMP_3.9.1.132.exe
C:\Users\user\AppData\Local\Temp\KMP_3.9.1.133.exe
C:\Users\user\AppData\Local\Temp\KMP_3.9.1.134.exe
C:\Users\user\AppData\Local\Temp\Quarantine.exe
C:\Users\user\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 14:17

==================== End of log ============================