Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015 Ran by Basia (administrator) on BASI-LENOVO (10-08-2015 14:20:42) Running from C:\Users\Basia\Desktop Loaded Profiles: Basia (Available Profiles: Basia & DefaultAppPool) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Polski (Polska) Internet Explorer Version 10 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe ( ) C:\Windows\System32\lxdrcoms.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files (x86)\Lexmark 4900 Series\lxdrmon.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Google Inc.) C:\Users\Basia\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Basia\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Basia\AppData\Local\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Users\Basia\AppData\Local\Google\Chrome\Application\chrome.exe (GG Network S.A.) C:\Users\Basia\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) C:\Users\Basia\AppData\Local\GG\Application\ggapp.exe (GG Network S.A.) C:\Users\Basia\AppData\Local\GG\Application\ggdrive\ggdrive.exe (GG Network S.A.) C:\Users\Basia\AppData\Local\GG\Application\xulrunner\gghub.exe (Google Inc.) C:\Users\Basia\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Basia\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Basia\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2473568 2010-11-12] (Synaptics Incorporated) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9744800 2011-02-28] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5399456 2011-02-28] (Lenovo(beijing) Limited) HKLM\...\Run: [lxdrmon.exe] => C:\Program Files (x86)\Lexmark 4900 Series\lxdrmon.exe [676520 2008-09-10] () HKLM\...\Run: [lxdramon] => "C:\Program Files (x86)\Lexmark 4900 Series\lxdramon.exe" HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation) HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2010-12-05] (CyberLink) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [lxdrmon.exe] => "C:\Program Files (x86) (x86)\Lexmark 4900 Series\lxdrmon.exe" HKLM-x32\...\Run: [lxdramon] => "C:\Program Files (x86) (x86)\Lexmark 4900 Series\lxdramon.exe" HKU\S-1-5-21-839301723-480738766-881836232-1000\...\Run: [Google Update] => C:\Users\Basia\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-25] (Google Inc.) HKU\S-1-5-21-839301723-480738766-881836232-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4640576 2011-11-10] (DT Soft Ltd) HKU\S-1-5-21-839301723-480738766-881836232-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.) HKU\S-1-5-21-839301723-480738766-881836232-1000\...\Run: [GG] => C:\Users\Basia\AppData\Local\GG\Application\gghub.exe [4078144 2015-06-17] (GG Network S.A.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-02-28] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2011-02-28] () AlternateShell: ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKU\S-1-5-21-839301723-480738766-881836232-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://google.pl/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Lexmark -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll [2008-09-10] () Toolbar: HKU\S-1-5-21-839301723-480738766-881836232-1000 -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{3864594F-1AAA-44AC-BD0A-D92A6C9C88F3}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{4E6FEF03-7206-43B5-8D38-90CA4A8BC549}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{9DCF6A39-A8AF-4942-844C-C8E75BA2484A}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{BD0DC4D5-D6F9-4637-B6F1-80AE1EBF4CC7}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{BD0DC4D5-D6F9-4637-B6F1-80AE1EBF4CC7}: [DhcpNameServer] 8.8.8.8 8.8.4.4 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll [2013-03-02] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll [2013-03-02] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-03-25] (Google, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-839301723-480738766-881836232-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Basia\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin HKU\S-1-5-21-839301723-480738766-881836232-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Basia\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\Basia\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Basia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-14] CHR Extension: (Google Search) - C:\Users\Basia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\Basia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07] CHR Extension: (Gmail) - C:\Users\Basia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-14] StartMenuInternet: Google Chrome - C:\Users\Basia\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [951584 2010-07-29] (Broadcom Corporation.) R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation) S2 lxdrCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\lxdrserv.exe [29184 2009-10-16] (Lexmark International, Inc.) [File not signed] R2 lxdr_device; C:\windows\system32\lxdrcoms.exe [1039360 2009-10-16] ( ) [File not signed] R2 lxdr_device; C:\windows\SysWOW64\lxdrcoms.exe [594600 2008-05-16] ( ) S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2402152 2015-03-18] (Microsoft Corporation) [File not signed] R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-06] () ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-01-14] (DT Soft Ltd) U2 CLKMSVC10_3A60B698; no ImagePath U2 CLKMSVC10_C3B3B687; no ImagePath U2 DriverService; no ImagePath U2 idealife Update Service; no ImagePath U3 IGRS; no ImagePath U2 IviRegMgr; no ImagePath U2 nvUpdatusService; no ImagePath U2 Oasis2Service; no ImagePath U2 PCCarerServic; no ImagePath U2 ReadyComm.DirectRouter; no ImagePath U2 RichVideo; no ImagePath U2 RtLedService; no ImagePath U2 SoftwareService; no ImagePath U2 Stereo Service; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-10 14:20 - 2015-08-10 14:21 - 00014485 _____ C:\Users\Basia\Desktop\FRST.txt 2015-08-10 14:19 - 2015-08-10 14:20 - 00000000 ____D C:\FRST 2015-08-10 14:18 - 2015-08-10 14:18 - 00380416 _____ C:\Users\Basia\Desktop\t1ybj634.exe 2015-08-10 14:17 - 2015-08-10 14:17 - 02171392 _____ (Farbar) C:\Users\Basia\Desktop\FRST64.exe 2015-08-10 14:02 - 2015-08-10 14:02 - 00001136 _____ C:\Users\Basia\Desktop\GG.lnk 2015-08-10 13:59 - 2015-08-10 13:59 - 00400744 _____ C:\Users\Basia\Desktop\gg-install.exe 2015-08-10 13:21 - 2015-08-10 13:54 - 00000168 _____ C:\windows\setupact.log 2015-08-10 13:21 - 2015-08-10 13:21 - 00000000 _____ C:\windows\setuperr.log 2015-08-10 13:20 - 2015-08-10 13:20 - 00000690 _____ C:\windows\PFRO.log 2015-08-10 13:12 - 2015-08-10 13:12 - 00000000 ____D C:\Users\Basia\Desktop\Ciąża 2015-08-10 09:30 - 2015-08-10 09:30 - 00000000 ____D C:\Users\Basia\AppData\Local\{012FC847-A667-4E32-89F1-7086161AA6FC} 2015-08-09 18:52 - 2015-08-09 18:52 - 00000000 ____D C:\Users\Basia\AppData\Local\{C0AA8D5C-63A3-4B98-9A67-F6EC54758B77} 2015-08-09 16:21 - 2015-08-09 16:21 - 00000000 ____D C:\Users\Basia\AppData\Local\{D41A81B1-BE97-443D-BC86-5673E3757499} 2015-08-09 08:43 - 2015-08-09 08:43 - 00000000 ____D C:\Users\Basia\AppData\Local\{58849330-8FBA-4079-BA39-64C415CE6928} 2015-08-08 17:41 - 2015-08-08 17:41 - 00000000 ____D C:\Users\Basia\AppData\Local\{DFE99AB4-3EAC-4019-B1F7-3E561D0B6648} 2015-08-08 16:08 - 2015-08-08 16:08 - 00000000 ____D C:\Users\Basia\AppData\Local\{D6F6A0ED-89C4-4BCA-9BA6-68FD1CA63351} 2015-08-08 09:06 - 2015-08-08 09:06 - 00000000 ____D C:\Users\Basia\AppData\Local\{D6571534-CC89-4359-9F1E-BBD4548FBA5C} 2015-08-07 17:27 - 2015-08-07 17:27 - 00000000 ____D C:\Users\Basia\AppData\Local\{3E96E1E6-0400-492F-A7ED-7FFF7EABE09C} 2015-08-07 09:19 - 2015-08-07 09:19 - 00000000 ____D C:\Users\Basia\AppData\Local\{3BE2D7AC-FB14-4000-9563-604E1789029B} 2015-08-06 10:50 - 2015-08-06 10:50 - 00000000 ____D C:\Users\Basia\AppData\Local\{78212CD1-853C-431C-AB89-5B5E223E9DBC} 2015-08-06 08:47 - 2015-08-06 08:48 - 00000000 ____D C:\Users\Basia\AppData\Local\{21B53278-0218-4F54-A64B-A61DFFD06D67} 2015-08-05 14:31 - 2015-08-05 14:32 - 00000000 ____D C:\Users\Basia\AppData\Local\{23403073-8586-4242-8E9C-915B1B6B3F76} 2015-08-05 09:08 - 2015-08-05 09:08 - 00000000 ____D C:\Users\Basia\AppData\Local\{C84A5799-2653-4719-9366-F5A006D9EC8A} 2015-08-04 09:37 - 2015-08-04 09:37 - 00000000 ____D C:\Users\Basia\AppData\Local\{B8A39635-99FD-4710-8604-5D921FD505E7} 2015-08-04 08:40 - 2015-08-04 08:40 - 00000000 ____D C:\Users\Basia\AppData\Local\{A8F967DD-D7D8-47B7-968A-E0ADFD449920} 2015-08-03 12:17 - 2015-08-03 12:17 - 00000000 ____D C:\Users\Basia\AppData\Local\{36515D88-4323-4969-8553-D82EADCB5B35} 2015-08-02 10:19 - 2015-08-02 10:19 - 00000000 ____D C:\Users\Basia\AppData\Local\{F6172624-133B-4AC6-8A4C-D40E0AC6E498} 2015-08-01 14:54 - 2015-08-01 14:54 - 00000000 ____D C:\Users\Basia\AppData\Local\{501AE780-A5CD-47CD-AD0C-A026068187E1} 2015-07-31 17:15 - 2015-07-31 17:15 - 00000000 ____D C:\Users\Basia\AppData\Local\{6C62B262-9D43-40DF-B9F9-C3C8F79DAE42} 2015-07-30 09:23 - 2015-07-30 09:23 - 00000000 ____D C:\Users\Basia\AppData\Local\{26295582-F523-4F2D-A8D6-04EEF0CE9C3B} 2015-07-30 08:48 - 2015-07-30 08:48 - 00000000 ____D C:\Users\Basia\AppData\Local\{79844683-9A79-4296-9035-F4196A4A1CD9} 2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\Users\Basia\AppData\Local\{D5A6A4BD-C15C-4BD4-BD20-E6D5A39AFAA0} 2015-07-29 14:44 - 2015-07-29 14:44 - 00000000 ____D C:\Users\Basia\AppData\Local\{A0CF2211-E9FA-4B66-B5C1-CDE3408C8359} 2015-07-29 10:11 - 2015-07-29 10:12 - 00000000 ____D C:\Users\Basia\AppData\Local\{D4AA800D-4716-4C41-A78F-9B37F5EB81BE} 2015-07-28 08:29 - 2015-07-28 08:29 - 00000000 ____D C:\Users\Basia\AppData\Local\{813317E1-6CA3-42D4-88BE-47D774DE76E3} 2015-07-28 08:06 - 2015-07-28 08:06 - 00000000 ____D C:\Users\Basia\AppData\Local\{CB95AF38-15A4-47BA-9D2B-C7E40511C0CC} 2015-07-27 14:43 - 2015-07-27 14:43 - 00000000 ____D C:\Users\Basia\AppData\Local\{B121BD60-FF5A-4F3C-ABC6-DE4E788CF2AE} 2015-07-26 18:08 - 2015-07-26 18:08 - 00000000 ____D C:\Users\Basia\AppData\Local\{5F241D0B-2E39-4C3C-A8CF-DF57E59375DA} 2015-07-26 10:03 - 2015-07-26 10:04 - 00000000 ____D C:\Users\Basia\AppData\Local\{46D5C504-0F88-4ABB-8670-7B58AC5A57F3} 2015-07-26 08:39 - 2015-07-26 08:39 - 00000000 ____D C:\Users\Basia\AppData\Local\{D01EC31B-816C-4640-B1B7-4FAEEF0815A3} 2015-07-25 09:10 - 2015-07-25 09:11 - 00000000 ____D C:\Users\Basia\AppData\Local\{CCB74D4D-006A-4F39-99DA-B088419559F2} 2015-07-24 11:29 - 2015-07-24 11:29 - 00000000 ____D C:\Users\Basia\AppData\Local\{D76DCC44-4253-4DFE-9749-421EB80D27B2} 2015-07-23 15:57 - 2015-07-23 15:57 - 00000000 ____D C:\Users\Basia\AppData\Local\{101BCA17-23B5-4F13-A43A-3E7513CA67A6} 2015-07-23 12:40 - 2015-07-23 12:40 - 00000000 ____D C:\Users\Basia\AppData\Local\{63A12BD2-1ACC-43FA-BA5E-1EF00E8A9EC5} 2015-07-22 13:16 - 2015-07-22 13:16 - 00000000 ____D C:\Users\Basia\AppData\Local\{01104195-0678-42AF-9BE7-889F3F7A3EF5} 2015-07-21 20:06 - 2015-07-21 20:06 - 00000000 ____D C:\Users\Basia\AppData\Local\{51874186-E627-4AA4-857F-9A71A1FDD6F3} 2015-07-21 17:41 - 2015-07-21 17:41 - 00000000 ____D C:\Users\Basia\AppData\Local\{5B344BF8-3BC1-490E-A87E-10F3A8F7637B} 2015-07-21 12:07 - 2015-07-21 12:07 - 00000000 ____D C:\Users\Basia\AppData\Local\{CF45ACA6-51A5-49D2-B22A-552F3CED743E} 2015-07-19 16:01 - 2015-07-19 16:01 - 00000000 ____D C:\Users\Basia\AppData\Local\{CD4E0804-A5C6-49B4-B2FB-48AA9731D82C} 2015-07-18 17:03 - 2015-07-18 17:03 - 00000000 ____D C:\Users\Basia\AppData\Local\{476B81C1-5517-423D-8B46-425F223FEC60} 2015-07-17 09:52 - 2015-07-17 09:52 - 02248704 _____ C:\Users\Basia\Desktop\adwcleaner_4.208.exe 2015-07-17 09:15 - 2015-07-17 09:15 - 00000000 ____D C:\Users\Basia\AppData\Local\{1BBF2E9A-F00E-4D89-9964-864332AF6955} 2015-07-16 08:43 - 2015-07-16 08:43 - 00000000 ____D C:\Users\Basia\AppData\Local\{20BCACE3-17DB-44F5-86D2-1217E5E22A74} 2015-07-15 19:35 - 2015-07-15 19:35 - 00000000 ____D C:\Users\Basia\AppData\Local\{339DEDDE-5F85-459C-85D6-3CE194092544} 2015-07-15 15:23 - 2015-07-15 15:23 - 00000000 ____D C:\Users\Basia\AppData\Local\{E837FFFC-A838-466A-9EA2-E405CBBD8C77} 2015-07-14 08:32 - 2015-07-14 08:32 - 00000000 ____D C:\Users\Basia\AppData\Local\{AAF3CF10-BF2B-4784-9E6A-1E5A0AFFD7CB} 2015-07-13 16:18 - 2015-07-13 16:18 - 00000020 ___SH C:\Users\TEMP\ntuser.ini 2015-07-13 16:18 - 2015-07-13 16:18 - 00000000 _SHDL C:\Users\TEMP\Ustawienia lokalne 2015-07-13 16:18 - 2015-07-13 16:18 - 00000000 _SHDL C:\Users\TEMP\Szablony 2015-07-13 16:18 - 2015-07-13 16:18 - 00000000 _SHDL C:\Users\TEMP\Moje dokumenty 2015-07-13 16:18 - 2015-07-13 16:18 - 00000000 _SHDL C:\Users\TEMP\Menu Start 2015-07-13 16:18 - 2015-07-13 16:18 - 00000000 _SHDL C:\Users\TEMP\Documents\Moje wideo 2015-07-13 16:18 - 2015-07-13 16:18 - 00000000 _SHDL C:\Users\TEMP\Documents\Moje obrazy 2015-07-13 16:18 - 2015-07-13 16:18 - 00000000 _SHDL C:\Users\TEMP\Documents\Moja muzyka 2015-07-13 16:18 - 2015-07-13 16:18 - 00000000 _SHDL C:\Users\TEMP\Dane aplikacji 2015-07-13 16:18 - 2015-07-13 16:18 - 00000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2015-07-13 16:18 - 2015-07-13 16:18 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Historia 2015-07-13 16:18 - 2015-07-13 16:18 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Dane aplikacji 2015-07-13 16:18 - 2015-07-13 16:18 - 00000000 ____D C:\Users\TEMP 2015-07-13 16:18 - 2015-05-24 11:37 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\TuneUp Software 2015-07-13 16:18 - 2012-01-18 16:04 - 00000000 ____D C:\Users\TEMP\AppData\Local\Microsoft Help 2015-07-13 16:18 - 2011-02-28 01:37 - 00002104 _____ C:\Users\TEMP\Desktop\OneKey Recovery.lnk 2015-07-13 16:18 - 2011-02-28 01:37 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2015-07-13 16:18 - 2011-02-28 01:32 - 00001136 _____ C:\Users\TEMP\Desktop\Cyberlink Power2Go.lnk 2015-07-13 16:18 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-07-13 16:18 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-07-13 15:45 - 2015-07-13 15:45 - 00000000 ____D C:\Users\Basia\AppData\Local\{69B44A2D-D2DA-4AB3-B512-149F610CC0AF} 2015-07-12 14:38 - 2015-07-12 14:38 - 00000000 ____D C:\Users\Basia\AppData\Local\{41B6195D-620D-4971-AB4D-E56CCEFEC39C} 2015-07-12 12:51 - 2015-07-12 12:51 - 00000000 ____D C:\Users\Basia\AppData\Local\{AAC4B499-0B93-4043-89F8-5B73ACDA81CF} 2015-07-11 10:32 - 2015-07-11 10:33 - 00000000 ____D C:\Users\Basia\AppData\Local\{6452A36D-1E1E-4C92-B722-598AE0630531} ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-10 14:21 - 2009-07-14 06:45 - 00013632 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-10 14:21 - 2009-07-14 06:45 - 00013632 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-10 14:17 - 2011-09-19 19:16 - 00001058 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839301723-480738766-881836232-1000UA.job 2015-08-10 14:02 - 2012-09-22 17:19 - 00000000 ____D C:\Users\Basia\AppData\Roaming\GG 2015-08-10 14:01 - 2013-12-21 19:30 - 00000000 ____D C:\Users\Basia\AppData\Local\GG 2015-08-10 14:01 - 2012-09-22 17:19 - 00001144 _____ C:\Users\Basia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk 2015-08-10 13:59 - 2011-02-27 16:31 - 00729378 _____ C:\windows\system32\perfh015.dat 2015-08-10 13:59 - 2011-02-27 16:31 - 00144926 _____ C:\windows\system32\perfc015.dat 2015-08-10 13:59 - 2009-07-14 07:13 - 01625742 _____ C:\windows\system32\PerfStringBackup.INI 2015-08-10 13:58 - 2011-02-28 00:57 - 01320559 _____ C:\windows\WindowsUpdate.log 2015-08-10 13:55 - 2011-09-17 19:58 - 10404047 _____ C:\FaceProv.log 2015-08-10 13:55 - 2011-02-28 01:37 - 00163873 _____ C:\windows\system32\fastboot.set 2015-08-10 13:54 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2015-08-10 13:53 - 2011-09-18 16:27 - 00000000 ____D C:\Users\Basia\AppData\Roaming\Skype 2015-08-10 13:20 - 2015-05-06 17:11 - 00000000 ____D C:\ProgramData\AVG2015 2015-08-10 13:20 - 2015-05-06 17:09 - 00000000 ____D C:\ProgramData\MFAData 2015-08-10 13:20 - 2011-09-18 15:09 - 00000000 ____D C:\Users\Basia\AppData\Roaming\SoftGrid Client 2015-08-10 13:19 - 2015-05-06 17:12 - 00000000 ___HD C:\$AVG 2015-08-10 13:09 - 2013-05-19 16:10 - 00000000 ____D C:\Users\Basia\Downloads\wczesne wspomaganie 2015-08-10 13:09 - 2011-09-26 18:59 - 06317056 ___SH C:\Users\Basia\Downloads\Thumbs.db 2015-08-09 16:50 - 2009-07-14 07:08 - 00032608 _____ C:\windows\Tasks\SCHEDLGU.TXT 2015-08-09 16:49 - 2015-06-30 08:58 - 00000000 ____D C:\AdwCleaner 2015-08-08 18:05 - 2011-09-20 17:41 - 00000000 ____D C:\Users\Basia\AppData\Local\Microsoft Games 2015-08-08 17:50 - 2011-09-20 17:41 - 00000000 ____D C:\windows\System32\Tasks\Games 2015-08-07 17:17 - 2011-09-19 19:16 - 00001006 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839301723-480738766-881836232-1000Core.job 2015-08-07 09:19 - 2011-09-18 16:26 - 00000000 ____D C:\ProgramData\Skype 2015-08-05 15:18 - 2011-09-19 19:17 - 00002369 _____ C:\Users\Basia\Desktop\Google Chrome.lnk 2015-07-27 18:20 - 2012-07-06 18:10 - 01271808 ___SH C:\Users\Basia\Desktop\Thumbs.db 2015-07-16 17:12 - 2011-09-19 19:16 - 00004032 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-839301723-480738766-881836232-1000UA 2015-07-16 17:12 - 2011-09-19 19:16 - 00003636 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-839301723-480738766-881836232-1000Core ==================== Files in the root of some directories ======= 2014-01-10 19:49 - 2013-06-28 04:41 - 0569344 _____ () C:\Program Files\1026.mst 2014-01-10 19:49 - 2013-06-28 04:41 - 0454656 _____ () C:\Program Files\1028.mst 2014-01-10 19:49 - 2013-06-28 04:41 - 0385024 _____ () C:\Program Files\1029.mst 2014-01-10 19:49 - 2013-06-28 04:41 - 0253952 _____ () C:\Program Files\1030.mst 2014-01-10 19:49 - 2013-06-28 04:41 - 0274432 _____ () C:\Program Files\1031.mst 2014-01-10 19:49 - 2013-06-28 04:41 - 0675840 _____ () C:\Program Files\1032.mst 2014-01-10 19:49 - 2013-06-28 04:41 - 0020480 _____ () C:\Program Files\1033.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0270336 _____ () C:\Program Files\1034.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0294912 _____ () C:\Program Files\1036.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0401408 _____ () C:\Program Files\1038.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0253952 _____ () C:\Program Files\1040.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0643072 _____ () C:\Program Files\1041.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 1290240 _____ () C:\Program Files\1042.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0233472 _____ () C:\Program Files\1043.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0307200 _____ () C:\Program Files\1045.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0278528 _____ () C:\Program Files\1046.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0565248 _____ () C:\Program Files\1049.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0380928 _____ () C:\Program Files\1051.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0278528 _____ () C:\Program Files\1053.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0368640 _____ () C:\Program Files\1055.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0491520 _____ () C:\Program Files\1058.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0212992 _____ () C:\Program Files\1061.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0569344 _____ () C:\Program Files\1066.mst 2014-01-10 19:48 - 2013-06-28 04:41 - 0466944 _____ () C:\Program Files\2052.mst 2014-01-10 19:48 - 2013-06-28 05:22 - 8102912 _____ () C:\Program Files\ABBYY FineReader 11.msi 2014-01-10 19:48 - 2013-06-28 04:36 - 1228304 _____ (ABBYY InfoPoisk LLC) C:\Program Files\AutoRun.exe 2014-01-10 19:48 - 2011-05-17 21:16 - 0000093 _____ () C:\Program Files\AutoRun.inf 2014-01-10 19:48 - 2013-06-28 04:39 - 84334758 _____ () C:\Program Files\Bin.cab 2014-01-10 19:48 - 2013-06-28 04:41 - 32526522 _____ () C:\Program Files\DictLang.cab 2014-01-10 19:48 - 2009-07-07 19:12 - 1902392 _____ (Microsoft Corporation) C:\Program Files\instmsiw.exe 2014-01-10 19:48 - 2013-06-28 04:36 - 0737808 _____ (ABBYY InfoPoisk LLC) C:\Program Files\Setup.exe 2014-01-10 19:48 - 2012-08-21 17:49 - 0000635 _____ () C:\Program Files\setup.ini 2014-01-10 19:48 - 2009-07-07 19:12 - 0245408 _____ (Microsoft Corporation) C:\Program Files\unicows.dll 2011-06-06 12:55 - 2011-06-06 12:55 - 0016758 _____ () C:\Program Files (x86)\ReadMe.htm 2011-06-06 12:55 - 2011-06-06 12:55 - 0017476 _____ () C:\Program Files (x86)\ReadMePOL.htm 2015-02-02 15:07 - 2015-02-02 15:07 - 0000202 _____ () C:\Users\Basia\AppData\Roaming\AcrobatUpdater.exe.lnk 2015-02-02 15:07 - 2015-02-02 15:07 - 0000202 _____ () C:\Users\Basia\AppData\Roaming\black_25.gif.lnk 2014-04-04 16:05 - 2014-04-04 16:05 - 0000204 _____ () C:\Users\Basia\AppData\Local\20111112157.jpg.lnk 2014-08-08 09:54 - 2014-08-08 09:54 - 0000202 _____ () C:\Users\Basia\AppData\Local\20111113176.jpg.lnk 2014-05-05 18:17 - 2014-05-05 18:17 - 0000202 _____ () C:\Users\Basia\AppData\Local\20111113180.jpg.lnk 2014-12-12 20:44 - 2014-12-12 20:44 - 0000202 _____ () C:\Users\Basia\AppData\Local\AdobeARMHelper.exe.lnk 2014-01-01 19:23 - 2014-01-01 19:23 - 0000204 _____ () C:\Users\Basia\AppData\Local\Arial-ItalicMT.3792253860.fch.lnk 2015-02-02 09:27 - 2015-02-02 09:27 - 0000202 _____ () C:\Users\Basia\AppData\Local\black_50.gif.lnk 2013-12-12 19:42 - 2013-12-12 19:42 - 0000200 _____ () C:\Users\Basia\AppData\Local\CenturyGothic-BoldItalic.2324305075.fch.lnk 2015-03-03 14:37 - 2015-03-03 14:37 - 0000202 _____ () C:\Users\Basia\AppData\Local\Lexmark 4900 Series.lnk 2014-03-03 10:57 - 2014-03-03 10:57 - 0000204 _____ () C:\Users\Basia\AppData\Local\Licensing.cnt.lnk 2014-03-03 14:56 - 2014-03-03 14:56 - 0000204 _____ () C:\Users\Basia\AppData\Local\ReaderUpdater.exe.lnk 2014-11-11 10:35 - 2014-11-11 10:35 - 0000200 _____ () C:\Users\Basia\AppData\Local\Reader_10.1.3.lnk 2015-05-05 15:21 - 2015-05-05 15:21 - 0000200 _____ () C:\Users\Basia\AppData\Local\Setting.ini.lnk 2015-05-05 18:48 - 2015-05-05 18:48 - 0000204 _____ () C:\Users\Basia\AppData\Local\Setup.lnk 2014-04-04 19:18 - 2014-04-04 19:18 - 0000204 _____ () C:\Users\Basia\AppData\Local\ydfbst.lnk 2014-03-03 13:36 - 2014-03-03 13:36 - 0000204 _____ () C:\ProgramData\10.0.lnk 2014-02-02 13:55 - 2015-03-03 21:16 - 0000202 _____ () C:\ProgramData\11.00.lnk 2014-08-08 16:30 - 2014-08-08 16:30 - 0000200 _____ () C:\ProgramData\3.1.lnk 2015-05-05 18:10 - 2015-05-05 18:10 - 0000204 _____ () C:\ProgramData\7.0.lnk 2014-02-02 12:59 - 2014-02-02 21:09 - 0000204 _____ () C:\ProgramData\ABBYY.lnk 2014-07-07 16:53 - 2015-01-01 13:49 - 0000204 _____ () C:\ProgramData\ABCPY.INI.lnk 2014-06-06 20:03 - 2014-11-11 18:53 - 0000200 _____ () C:\ProgramData\Acrobat.lnk 2014-04-04 18:42 - 2014-04-04 18:42 - 0000204 _____ () C:\ProgramData\AcroRead.msi.lnk 2014-07-07 20:30 - 2014-10-10 19:03 - 0000204 _____ () C:\ProgramData\AdbeRdrUpd1014.msp.lnk 2014-10-10 19:05 - 2014-10-10 19:05 - 0000204 _____ () C:\ProgramData\AdbeRdrUpd942_all_incr.msp.lnk 2015-02-02 21:52 - 2015-02-02 21:52 - 0000204 _____ () C:\ProgramData\AdbeRdrUpd946_all_incr.msp.lnk 2014-04-04 15:28 - 2015-05-05 14:41 - 0000200 _____ () C:\ProgramData\Adobe.lnk 2014-02-02 10:19 - 2014-03-03 17:34 - 0000202 _____ () C:\ProgramData\AdobeARM.exe.lnk 2014-09-09 06:39 - 2014-09-09 06:39 - 0000200 _____ () C:\ProgramData\akiuje.lnk 2015-02-02 08:48 - 2015-02-02 08:48 - 0000202 _____ () C:\ProgramData\amnvgo.lnk 2014-01-01 21:41 - 2014-01-01 21:41 - 0000204 _____ () C:\ProgramData\Arial-BoldMT.2808623078.fch.lnk 2014-02-02 13:56 - 2014-02-02 21:10 - 0000204 _____ () C:\ProgramData\ATI.lnk 2015-05-05 08:21 - 2015-05-05 08:21 - 0000204 _____ () C:\ProgramData\bifh.lnk 2014-08-08 16:29 - 2014-08-08 16:29 - 0000200 _____ () C:\ProgramData\bptpp.lnk 2014-02-02 18:43 - 2014-02-02 18:43 - 0000202 _____ () C:\ProgramData\byhcku.lnk 2013-11-11 14:03 - 2013-11-11 14:03 - 0000200 _____ () C:\ProgramData\cjyslr.lnk 2014-01-01 21:42 - 2014-01-01 21:42 - 0000204 _____ () C:\ProgramData\CordiaNew-BoldItalic.3004981170.fch.lnk 2014-08-08 09:18 - 2014-08-08 09:18 - 0000202 _____ () C:\ProgramData\DAEMON Tools Lite.lnk 2014-10-10 20:05 - 2014-10-10 20:05 - 0000204 _____ () C:\ProgramData\Dane aplikacji.lnk 2014-04-04 18:41 - 2014-04-04 18:41 - 0000204 _____ () C:\ProgramData\Data1.cab.lnk 2014-04-04 15:30 - 2014-04-04 15:30 - 0000204 _____ () C:\ProgramData\directories.acrodata.lnk 2014-07-07 08:24 - 2015-03-03 13:59 - 0000202 _____ () C:\ProgramData\EVO.ini.lnk 2014-02-02 12:49 - 2015-05-05 14:43 - 0000200 _____ () C:\ProgramData\EVO.xml.lnk 2012-01-07 16:36 - 2012-01-07 17:45 - 0001267 _____ () C:\ProgramData\FastPics.log 2015-01-01 19:24 - 2015-01-01 19:24 - 0000204 _____ () C:\ProgramData\feavo.lnk 2014-08-08 19:20 - 2014-08-08 19:20 - 0000200 _____ () C:\ProgramData\FineReader.lnk 2014-01-01 10:31 - 2014-01-01 10:31 - 0000204 _____ () C:\ProgramData\FrankRuehl.525685114.FakeBold.fch.lnk 2014-01-01 18:03 - 2014-01-01 18:03 - 0000204 _____ () C:\ProgramData\gnvei.lnk 2014-01-01 10:33 - 2014-01-01 10:33 - 0000204 _____ () C:\ProgramData\Gulim.2512299512.FakeBold.fch.lnk 2015-03-03 21:14 - 2015-03-03 21:14 - 0000202 _____ () C:\ProgramData\iarnkw.lnk 2015-04-04 13:03 - 2015-04-04 13:03 - 0000200 _____ () C:\ProgramData\icbekd.lnk 2014-02-02 10:21 - 2014-02-02 10:21 - 0000200 _____ () C:\ProgramData\ihypes.lnk 2013-11-11 16:38 - 2013-11-11 16:38 - 0000200 _____ () C:\ProgramData\Impact.2745237646.FakeBold.fch.lnk 2014-08-08 09:16 - 2014-08-08 09:16 - 0000202 _____ () C:\ProgramData\jvtb.lnk 2014-05-05 17:39 - 2014-12-12 20:05 - 0000202 _____ () C:\ProgramData\Licenses.lnk 2014-02-02 13:01 - 2014-02-02 13:01 - 0000200 _____ () C:\ProgramData\Licensing.bin.lnk 2013-12-12 18:24 - 2013-12-12 18:24 - 0000200 _____ () C:\ProgramData\LucidaSansUnicode.2921137679.FakeBold.fch.lnk 2011-10-08 19:15 - 2013-12-31 14:52 - 0004525 _____ () C:\ProgramData\lxdr.log 2012-02-21 19:43 - 2012-05-27 17:39 - 0000309 _____ () C:\ProgramData\lxdrDiagnostics.log 2011-11-09 16:18 - 2013-04-28 13:24 - 0002510 _____ () C:\ProgramData\lxdrJSW.log 2014-01-01 18:05 - 2014-01-01 18:05 - 0000204 _____ () C:\ProgramData\MalgunGothicRegular.3396881242.fch.lnk 2014-11-11 09:58 - 2014-11-11 09:58 - 0000200 _____ () C:\ProgramData\nlcty.lnk 2014-03-03 17:33 - 2014-03-03 17:33 - 0000202 _____ () C:\ProgramData\ntnc.lnk 2015-01-01 10:43 - 2015-01-01 10:43 - 0000204 _____ () C:\ProgramData\Power2Go.lnk 2015-02-02 08:50 - 2015-02-02 08:50 - 0000202 _____ () C:\ProgramData\PowerRecover.lnk 2014-09-09 19:34 - 2014-09-09 19:34 - 0000202 _____ () C:\ProgramData\pxsad.lnk 2013-12-12 18:23 - 2014-11-11 09:56 - 0000200 _____ () C:\ProgramData\Reader10Manifest.msi.lnk 2014-02-02 12:47 - 2014-02-02 12:47 - 0000202 _____ () C:\ProgramData\Reader_10.1.1.lnk 2015-04-04 19:25 - 2015-04-04 19:25 - 0000202 _____ () C:\ProgramData\Reader_10.1.11.lnk 2014-02-02 18:41 - 2014-02-02 18:41 - 0000202 _____ () C:\ProgramData\Reader_10.1.2.lnk 2015-02-02 17:18 - 2015-02-02 17:18 - 0000204 _____ () C:\ProgramData\Reader_10.1.5.lnk 2015-03-03 20:39 - 2015-03-03 20:39 - 0000204 _____ () C:\ProgramData\Reader_10.1.6.lnk 2014-06-06 20:02 - 2015-01-01 13:51 - 0000204 _____ () C:\ProgramData\Reader_10.1.7.lnk 2014-07-07 20:28 - 2014-07-07 20:28 - 0000202 _____ () C:\ProgramData\Reader_10.1.8.lnk 2014-07-07 08:22 - 2014-07-07 08:22 - 0000204 _____ () C:\ProgramData\Replicate.lnk 2014-07-07 16:51 - 2014-07-07 16:51 - 0000200 _____ () C:\ProgramData\rghgmu.lnk 2015-04-04 13:04 - 2015-04-04 13:04 - 0000200 _____ () C:\ProgramData\Security.lnk 2015-04-04 19:26 - 2015-04-04 19:26 - 0000202 _____ () C:\ProgramData\Setting.ini.lnk 2015-01-01 10:41 - 2015-03-03 13:58 - 0000202 _____ () C:\ProgramData\setup.exe.lnk 2014-05-05 17:41 - 2014-05-05 17:41 - 0000202 _____ () C:\ProgramData\Setup.lnk 2013-03-15 10:02 - 2013-03-15 10:02 - 1988908 _____ () C:\ProgramData\SPL4079.tmp 2012-02-21 19:05 - 2012-02-21 19:05 - 4924208 _____ () C:\ProgramData\SPL76A5.tmp 2014-08-04 20:12 - 2014-08-04 20:12 - 2280970 _____ () C:\ProgramData\SPL8F74.tmp 2013-03-15 13:41 - 2013-03-15 13:41 - 1988908 _____ () C:\ProgramData\SPL98A6.tmp 2013-03-15 15:12 - 2013-03-15 15:12 - 1988908 _____ () C:\ProgramData\SPL9B25.tmp 2014-02-04 19:26 - 2014-02-04 19:26 - 2084315 _____ () C:\ProgramData\SPL9FF6.tmp 2013-09-12 17:19 - 2013-09-12 17:19 - 23536421 _____ () C:\ProgramData\SPLCBD.tmp 2012-02-20 19:57 - 2012-02-20 19:57 - 4924208 _____ () C:\ProgramData\SPLF90D.tmp 2013-11-11 16:39 - 2013-11-11 16:39 - 0000200 _____ () C:\ProgramData\Trebuchet-BoldItalic.2120542190.fch.lnk 2013-11-11 14:04 - 2013-11-11 14:04 - 0000200 _____ () C:\ProgramData\ugrbou.lnk 2011-09-19 20:06 - 2011-09-19 20:06 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt 2014-09-09 19:33 - 2014-09-09 19:33 - 0000202 _____ () C:\ProgramData\wdan.lnk 2014-07-07 20:41 - 2014-07-07 20:41 - 0000200 _____ () C:\ProgramData\wfiu.lnk 2014-08-08 19:18 - 2014-08-08 19:18 - 0000200 _____ () C:\ProgramData\yjaomp.lnk 2015-01-01 19:25 - 2015-01-01 19:25 - 0000204 _____ () C:\ProgramData\yknrqs.lnk 2014-03-03 09:38 - 2014-03-03 09:38 - 0000204 _____ () C:\ProgramData\YouCam.lnk 2015-05-05 18:08 - 2015-05-05 18:08 - 0000204 _____ () C:\ProgramData\{AC76BA86-7AD7-1045-7B44-AA1000000001}.lnk ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\SysWOW64\wininit.exe => File is digitally signed C:\windows\explorer.exe => File is digitally signed C:\windows\SysWOW64\explorer.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\SysWOW64\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\SysWOW64\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\SysWOW64\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\dnsapi.dll => File is digitally signed C:\windows\SysWOW64\dnsapi.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-08-03 11:57 ==================== End of log ============================