Anonim / 2 lata, 7 miesięcy temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2015
Ran by HP (administrator) on HP-LAPTOP on 14-04-2015 11:06:58
Running from C:\Users\elmaestro\Desktop\frst
Loaded Profiles: HP (Available profiles: HP & elmaestro & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oacat.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oasrv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oaui.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oahlp.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe


==================== Registry (All) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [171992 2014-01-29] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [399832 2014-01-29] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [442328 2014-01-29] (Intel Corporation)
HKLM\...\Run: [@OnlineArmor GUI] => C:\Program Files (x86)\Online Armor\oaui.exe [7558464 2013-10-11] (Emsisoft GmbH)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-12] (Avast Software s.r.o.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-06-24] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe, [30720 2010-11-21] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [2871808 2012-03-20] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2012-03-20] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-950601680-909652224-4197209155-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 145
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\SysWOW64\EhStorShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\SysWOW64\ntshrui.dll (Microsoft Corporation)
BootExecute: autocheck autochk * 
AlternateShell: cmd.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-950601680-909652224-4197209155-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
HKU\S-1-5-21-950601680-909652224-4197209155-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=CMNTDF
HKU\S-1-5-21-950601680-909652224-4197209155-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://pl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-950601680-909652224-4197209155-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-950601680-909652224-4197209155-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-950601680-909652224-4197209155-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-950601680-909652224-4197209155-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-950601680-909652224-4197209155-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://pl.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12] (Avast Software s.r.o.)
BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Tcpip\..\Interfaces\{912D7D8D-6D80-4A22-BD49-5D6522226C87}: [NameServer] 194.204.159.1,194.204.152.34
Tcpip\..\Interfaces\{936CE2CD-E440-46B6-8F6A-6633FAD03574}: [NameServer] 194.204.159.1,194.204.152.34
Tcpip\..\Interfaces\{FA6D2E10-D447-438C-9ACF-CD0083214141}: [NameServer] 194.204.159.1,194.204.152.34

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-11]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-11]

==================== Services (All) ========================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208 2009-11-18] (Andrea Electronics Corporation)
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2015-03-11] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation)
S4 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [50864 2014-04-11] (Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [680960 2015-03-11] (Microsoft Corporation)
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [680960 2015-03-11] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-12] (Avast Software s.r.o.)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-21] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-21] (Microsoft Corporation)
R2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-21] (Microsoft Corporation)
R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-05] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [67224 2014-03-21] (Microsoft Corporation)
S3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [103608 2014-04-12] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2014-04-11] (Microsoft Corporation)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [187904 2015-03-11] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [143872 2015-03-11] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-21] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-21] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2012-03-20] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-21] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-21] (Microsoft Corporation)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2015-02-20] (Comodo Security Solutions, Inc.)
S3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation)
S3 EFS; C:\Windows\System32\lsass.exe [31232 2015-03-11] (Microsoft Corporation)
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-21] (Microsoft Corporation)
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation)
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-21] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation)
S4 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-21] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation)
R3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2014-07-02] (Microsoft Corporation)
R3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [206072 2010-10-12] (WildTangent, Inc.)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-21] (Microsoft Corporation)
S3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation)
S3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-21] (Microsoft Corporation)
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-21] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-21] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-21] (Microsoft Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86072 2011-09-09] (Hewlett-Packard Company)
R2 HPDrvMntSvc.exe; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [94264 2011-03-28] (Hewlett-Packard Company)
S3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [994688 2012-02-01] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [35200 2012-03-05] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592 2011-11-29] (Intel Corporation)
S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [859280 2014-07-01] (Microsoft Corporation)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2015-03-11] (Microsoft Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-12] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [628448 2012-02-02] (Intel(R) Corporation)
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
S3 KeyIso; C:\Windows\system32\lsass.exe [31232 2015-03-11] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-11-21] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-21] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784 2012-02-08] (Intel Corporation)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-21] (Microsoft Corporation)
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [148080 2015-04-03] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-21] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-21] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-21] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-21] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2015-03-11] (Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation)
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation)
R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation)
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303616 2014-12-06] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation)
R2 OAcat; C:\Program Files (x86)\Online Armor\OAcat.exe [584864 2013-10-11] (Emsisoft GmbH)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [188416 2015-03-11] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-02-19] (PDF Complete Inc)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-21] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-21] (Microsoft Corporation)
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2012-03-20] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-21] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [163840 2012-03-20] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [210432 2014-12-19] (Microsoft Corporation)
R3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2015-03-11] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-21] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2015-03-11] (Microsoft Corporation)
S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-21] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-21] (Microsoft Corporation)
S4 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-21] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation)
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation)
S4 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-21] (Microsoft Corporation)
S4 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-21] (Microsoft Corporation)
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-21] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-21] (Microsoft Corporation)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-21] (Microsoft Corporation)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation)
R2 SQLWriter; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [134336 2014-02-21] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation)
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-21] (Microsoft Corporation)
R2 SvcOnlineArmor; C:\Program Files (x86)\Online Armor\oasrv.exe [4457688 2013-10-11] (Emsisoft GmbH)
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-21] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-21] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-21] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-21] (Microsoft Corporation)
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TermService; C:\Windows\System32\termsrv.dll [683520 2014-10-14] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-21] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800 2012-02-08] (Intel Corporation)
S3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation)
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation)
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2015-03-11] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-21] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-21] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2014-07-01] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-21] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-21] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-21] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [91136 2015-02-12] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76800 2015-02-12] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [91136 2015-02-12] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76800 2015-02-12] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation)
S4 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation)
R3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-21] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-21] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation)
S4 WinRM; C:\Windows\system32\WsmSvc.dll [2020352 2014-10-03] (Microsoft Corporation)
S4 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1177088 2014-10-03] (Microsoft Corporation)
S3 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation)
S4 wlcrasvc; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [57184 2010-09-22] (Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corp.)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-21] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-21] (Microsoft Corporation)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2012-03-20] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2012-03-20] (Microsoft Corporation)
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2477536 2014-05-14] (Microsoft Corporation)
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-28] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-12] ()
R0 F731DF91; C:\Windows\System32\drivers\F731DF91.sys [457824 2015-04-04] (Kaspersky Lab ZAO)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 NPF; C:\Windows\SysWOW64\drivers\npf.sys [30336 2003-04-04] (Politecnico di Torino) [File not signed]
R1 OADevice; C:\Windows\SysWow64\Drivers\OADriver.sys [64720 2013-10-11] ()
R1 oahlpXX; C:\Windows\syswow64\drivers\oahlp64.sys [62008 2013-10-11] ()
R1 OAmon; C:\Windows\SysWOW64\Drivers\OAmon.sys [52360 2013-10-11] (Emsisoft)
R3 OAnet; C:\Windows\System32\DRIVERS\oanet.sys [35368 2013-10-11] (Emsisoft)
S3 PORTMON; C:\Users\elmaestro\Downloads\sys\PORTMSYS.SYS [28656 2015-03-23] (Systems Internals) [File not signed]
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 10:58 - 2015-04-14 10:58 - 00000000 ____D () C:\Users\TEMP.HP-LAPTOP\AppData\Roaming\OnlineArmor
2015-04-14 10:58 - 2015-04-14 10:58 - 00000000 ____D () C:\Users\TEMP.HP-LAPTOP\AppData\Roaming\AVAST Software
2015-04-14 10:57 - 2015-04-14 11:07 - 00003976 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A3FC43E1-CE0E-495B-9B4A-0E524638B2CB}
2015-04-14 10:57 - 2015-04-14 10:57 - 00001421 _____ () C:\Users\TEMP.HP-LAPTOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-14 10:57 - 2015-04-14 10:57 - 00000000 ____D () C:\Users\TEMP.HP-LAPTOP\AppData\Roaming\Adobe
2015-04-14 10:56 - 2015-04-14 10:57 - 00000000 ____D () C:\Users\TEMP.HP-LAPTOP
2015-04-14 10:56 - 2015-04-14 10:56 - 00000020 ___SH () C:\Users\TEMP.HP-LAPTOP\ntuser.ini
2015-04-14 10:56 - 2015-04-14 10:56 - 00000000 _SHDL () C:\Users\TEMP.HP-LAPTOP\Ustawienia lokalne
2015-04-14 10:56 - 2015-04-14 10:56 - 00000000 _SHDL () C:\Users\TEMP.HP-LAPTOP\Szablony
2015-04-14 10:56 - 2015-04-14 10:56 - 00000000 _SHDL () C:\Users\TEMP.HP-LAPTOP\Moje dokumenty
2015-04-14 10:56 - 2015-04-14 10:56 - 00000000 _SHDL () C:\Users\TEMP.HP-LAPTOP\Menu Start
2015-04-14 10:56 - 2015-04-14 10:56 - 00000000 _SHDL () C:\Users\TEMP.HP-LAPTOP\Documents\Moje wideo
2015-04-14 10:56 - 2015-04-14 10:56 - 00000000 _SHDL () C:\Users\TEMP.HP-LAPTOP\Documents\Moje obrazy
2015-04-14 10:56 - 2015-04-14 10:56 - 00000000 _SHDL () C:\Users\TEMP.HP-LAPTOP\Documents\Moja muzyka
2015-04-14 10:56 - 2015-04-14 10:56 - 00000000 _SHDL () C:\Users\TEMP.HP-LAPTOP\Dane aplikacji
2015-04-14 10:56 - 2015-04-14 10:56 - 00000000 _SHDL () C:\Users\TEMP.HP-LAPTOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-04-14 10:56 - 2015-04-14 10:56 - 00000000 _SHDL () C:\Users\TEMP.HP-LAPTOP\AppData\Local\Historia
2015-04-14 10:56 - 2015-04-14 10:56 - 00000000 _SHDL () C:\Users\TEMP.HP-LAPTOP\AppData\Local\Dane aplikacji
2015-04-14 10:56 - 2015-04-14 10:56 - 00000000 ____D () C:\Users\TEMP.HP-LAPTOP\AppData\Local\VirtualStore
2015-04-14 10:56 - 2015-04-12 13:01 - 00000000 ____D () C:\Users\TEMP.HP-LAPTOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-14 10:56 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\TEMP.HP-LAPTOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-14 10:56 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\TEMP.HP-LAPTOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-14 10:53 - 2015-04-14 10:53 - 00020526 _____ () C:\Users\elmaestro\AppData\Local\recently-used.xbel
2015-04-13 11:21 - 2015-04-13 11:21 - 00001407 _____ () C:\Users\elmaestro\Downloads\gmer.txt
2015-04-13 10:14 - 2015-04-13 10:14 - 00380416 _____ () C:\Users\elmaestro\Downloads\32bjv68l.exe
2015-04-13 10:11 - 2015-04-13 10:11 - 00380416 _____ () C:\Users\elmaestro\Downloads\tmjvvfhz.exe
2015-04-12 13:08 - 2015-04-12 13:09 - 00243600 _____ () C:\Users\elmaestro\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-12 13:01 - 2015-04-12 13:01 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-12 13:01 - 2015-04-12 13:01 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-12 13:01 - 2015-04-12 13:01 - 00000000 ____D () C:\Program Files\WinRAR
2015-04-12 12:09 - 2015-04-12 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-12 12:08 - 2015-04-12 12:10 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-12 12:06 - 2015-04-12 12:06 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-12 12:06 - 2015-04-12 12:06 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-12 12:06 - 2015-04-12 12:06 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-12 12:06 - 2015-04-12 12:06 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-12 12:06 - 2015-04-12 12:06 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-12 12:06 - 2015-04-12 12:06 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-12 12:06 - 2015-04-12 12:06 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-12 12:06 - 2015-04-12 12:06 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-12 12:06 - 2015-04-12 12:06 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-12 12:06 - 2015-04-12 12:06 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-11 19:13 - 2015-04-11 19:16 - 00095930 _____ () C:\Users\elmaestro\Downloads\Extras.Txt
2015-04-11 19:11 - 2015-04-11 19:16 - 00097006 _____ () C:\Users\elmaestro\Downloads\OTL.Txt
2015-04-11 13:40 - 2015-04-11 13:40 - 00000000 ____D () C:\Program Files (x86)\River
2015-04-11 13:38 - 2015-04-11 13:38 - 00000000 ____D () C:\Program Files (x86)\Firebird
2015-04-11 13:35 - 2015-04-12 05:28 - 00000000 ____D () C:\Users\elmaestro\Downloads\zaranek
2015-04-11 13:16 - 2015-04-11 13:16 - 00000000 ____D () C:\Users\elmaestro\AppData\Roaming\AVAST Software
2015-04-11 13:05 - 2015-04-11 13:05 - 00000000 ____D () C:\Program Files\AVAST Software
2015-04-11 12:51 - 2015-04-11 12:58 - 00000000 ____D () C:\ProgramData\OnlineArmor
2015-04-10 17:30 - 2015-04-10 17:39 - 00000000 ____D () C:\Users\TEMP
2015-04-10 11:46 - 2015-04-14 11:07 - 00000000 ____D () C:\FRST
2015-04-09 18:17 - 2015-04-12 05:28 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
2015-04-09 18:08 - 2015-04-09 18:08 - 06420600 _____ (Tim Kosse) C:\Users\elmaestro\Downloads\FileZilla_3.10.3_win64-setup.exe
2015-04-09 17:54 - 2015-04-14 10:59 - 00107655 _____ () C:\Windows\WindowsUpdate.log
2015-04-09 17:53 - 2015-04-14 10:55 - 00000672 _____ () C:\Windows\setupact.log
2015-04-09 17:53 - 2015-04-12 18:04 - 00002542 _____ () C:\Windows\PFRO.log
2015-04-09 17:53 - 2015-04-09 17:53 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-09 17:48 - 2015-04-11 13:02 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-09 17:38 - 2015-04-09 17:38 - 01087448 _____ (Avira Operations GmbH & Co. KG) C:\Users\elmaestro\Downloads\avira_registry_cleaner_en(1).exe
2015-04-09 17:33 - 2015-04-09 17:33 - 05481352 _____ (Avast Software s.r.o.) C:\Users\elmaestro\Downloads\avast_free_antivirus_setup_online(1).exe
2015-04-09 17:15 - 2015-04-09 17:22 - 00003976 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5EBD4380-77D1-4E5C-9D36-6C3ADB263574}
2015-04-09 10:49 - 2015-04-09 10:49 - 00000000 ____D () C:\.Trash-999
2015-04-08 18:43 - 2015-04-08 18:43 - 00000000 ____D () C:\Users\elmaestro\AppData\Roaming\OnlineArmor
2015-04-08 18:30 - 2015-04-08 18:30 - 00003976 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{37D3BCB2-065A-4CBC-B724-00DFE5ADFC5C}
2015-04-08 18:08 - 2015-04-14 11:04 - 00000000 ____D () C:\Program Files (x86)\Online Armor
2015-04-08 18:08 - 2015-04-11 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Armor
2015-04-08 18:08 - 2013-10-11 03:41 - 00062008 _____ () C:\Windows\SysWOW64\Drivers\oahlp64.sys
2015-04-08 18:08 - 2013-10-11 03:40 - 00064720 _____ () C:\Windows\SysWOW64\Drivers\OADriver.sys
2015-04-08 18:08 - 2013-10-11 03:40 - 00052360 _____ (Emsisoft) C:\Windows\SysWOW64\Drivers\OAmon.sys
2015-04-08 18:08 - 2013-10-11 03:40 - 00035368 _____ (Emsisoft) C:\Windows\system32\Drivers\OAnet.sys
2015-04-08 17:55 - 2015-04-08 17:55 - 00003976 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{390E0FB0-6D49-4E3E-882F-721832944984}
2015-04-08 17:32 - 2015-04-08 17:32 - 00003290 _____ () C:\Windows\System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805}
2015-04-08 12:15 - 2015-04-08 12:15 - 00049657 _____ () C:\Users\HP\Documents\CisReport_x64_v8.1.0.4426_20150408-121504.zip
2015-04-08 10:38 - 2015-04-08 10:43 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Steganos VPN
2015-04-08 10:37 - 2015-04-08 10:49 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Steganos
2015-04-08 10:30 - 2015-04-08 10:30 - 00001323 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 2015.lnk
2015-04-08 10:30 - 2015-04-08 10:30 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Ashampoo
2015-04-08 10:30 - 2015-04-08 10:30 - 00000000 ____D () C:\Users\HP\AppData\Local\ashampoo
2015-04-08 10:30 - 2015-04-08 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-04-08 10:28 - 2015-04-08 10:30 - 00000000 ____D () C:\ProgramData\Ashampoo
2015-04-08 10:28 - 2015-04-08 10:28 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2015-04-07 12:27 - 2015-04-07 15:30 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2015-04-04 14:08 - 2015-04-11 22:49 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 14:08 - 2015-04-04 14:08 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 13:27 - 2015-04-04 13:28 - 00000000 ____D () C:\KVRT_Data
2015-04-04 13:27 - 2015-04-04 13:27 - 00457824 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\F731DF91.sys
2015-04-03 20:39 - 2015-04-03 20:39 - 00000000 ____D () C:\Users\elmaestro\AppData\Local\Google
2015-04-03 20:37 - 2015-04-12 13:15 - 00000000 ____D () C:\Users\HP\AppData\Local\Google
2015-04-03 20:37 - 2015-04-12 13:15 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-03 20:30 - 2015-04-03 20:30 - 05481352 _____ (Avast Software s.r.o.) C:\Users\elmaestro\Downloads\avast_free_antivirus_setup_online.exe
2015-04-03 18:48 - 2015-04-03 18:48 - 00000000 ____D () C:\Users\HP\AppData\Roaming\FileZilla Server
2015-04-03 12:25 - 2015-04-03 12:25 - 00000000 ____D () C:\Users\elmaestro\AppData\Roaming\FileZilla Server
2015-04-03 11:27 - 2015-04-03 11:27 - 06420600 _____ (Tim Kosse) C:\Users\HP\Downloads\FileZilla_3.10.3_win64-setup.exe
2015-04-03 11:05 - 2015-04-03 11:06 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-02 19:58 - 2015-04-02 19:58 - 00000350 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{B5739E4F-5CB8-45FE-A886-C157120CD0DC}.job
2015-04-02 19:58 - 2015-04-02 19:58 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieUserList
2015-04-02 19:58 - 2015-04-02 19:58 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieSiteList
2015-04-02 19:58 - 2015-04-02 19:58 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieBrowserModeList
2015-03-31 13:01 - 2015-04-11 13:02 - 00000000 ____D () C:\Users\elmaestro\Downloads\mark
2015-03-28 13:59 - 2015-04-12 13:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-27 19:25 - 2015-03-27 20:19 - 00000000 ____D () C:\Users\elmaestro\Downloads\pedzle
2015-03-26 13:42 - 2015-03-26 13:42 - 00003288 ____N () C:\bootsqm.dat
2015-03-24 14:38 - 2015-03-24 14:42 - 00000000 ____D () C:\pagefile
2015-03-24 13:55 - 2015-03-24 13:55 - 00000000 ____D () C:\output
2015-03-23 13:42 - 2015-04-12 05:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-03-23 12:26 - 2015-04-08 18:43 - 00000296 __RSH () C:\Users\elmaestro\ntuser.pol
2015-03-23 12:20 - 2015-03-23 12:20 - 00000000 ____D () C:\Users\elmaestro\Desktop\reg
2015-03-23 11:38 - 2015-04-03 17:34 - 00000008 __RSH () C:\Users\HP\ntuser.pol
2015-03-22 19:12 - 2015-03-23 12:23 - 00000000 ____D () C:\Users\elmaestro\Downloads\sys
2015-03-21 19:57 - 2015-03-21 20:00 - 10696960 _____ (Emsisoft GmbH ) C:\Users\elmaestro\Downloads\OnlineArmorSetup.exe
2015-03-21 19:21 - 2015-04-08 12:11 - 00000000 ____D () C:\Users\elmaestro\Desktop\scr
2015-03-21 15:24 - 2015-03-21 15:24 - 00000000 ____D () C:\Users\HP\AppData\Roaming\TrojanHunter
2015-03-21 14:27 - 2015-03-21 15:26 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.6
2015-03-21 14:27 - 2015-03-21 14:27 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2015-03-20 20:12 - 2015-03-27 20:20 - 00000000 ____D () C:\Users\elmaestro\Downloads\networkminer
2015-03-19 13:42 - 2015-03-19 13:43 - 00000000 ____D () C:\Users\elmaestro\Downloads\pe
2015-03-18 18:28 - 2015-04-14 11:06 - 00000000 ____D () C:\Users\elmaestro\Desktop\frst
2015-03-18 13:54 - 2015-03-18 13:54 - 00000000 ____D () C:\Users\elmaestro\Desktop\Stare dane programu Firefox
2015-03-18 12:29 - 2015-03-18 12:29 - 00448512 _____ (OldTimer Tools) C:\Users\elmaestro\Downloads\TFC.exe
2015-03-17 13:00 - 2015-03-24 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KFSensor
2015-03-17 13:00 - 2015-03-24 10:52 - 00000000 ____D () C:\kfsensor
2015-03-17 13:00 - 2015-03-17 13:00 - 00000000 ____D () C:\Program Files (x86)\KeyFocus
2015-03-17 12:56 - 2015-03-17 12:56 - 02754351 _____ () C:\Users\elmaestro\Downloads\kfsens40.exe
2015-03-17 11:44 - 2015-03-17 11:44 - 02171392 _____ () C:\Users\HP\Downloads\adwcleaner_4.112_www.INSTALKI.pl(1).exe
2015-03-17 11:04 - 2015-03-17 11:04 - 00051232 _____ (gkweb) C:\Users\elmaestro\Downloads\wwdc_141_(dobreprogramy.pl).exe
2015-03-16 20:05 - 2015-03-16 20:06 - 02171392 _____ () C:\Users\HP\Downloads\adwcleaner_4.112_www.INSTALKI.pl.exe
2015-03-15 14:33 - 2015-03-15 14:33 - 00368992 _____ (ESET) C:\Users\elmaestro\Downloads\ESETSirefefCleaner.exe
2015-03-15 13:26 - 2015-03-15 13:26 - 00004366 _____ () C:\Users\elmaestro\Desktop\registry.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 11:03 - 2009-07-14 06:45 - 00031248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-14 11:03 - 2009-07-14 06:45 - 00031248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-14 10:56 - 2012-03-19 16:25 - 00000000 ____D () C:\ProgramData\PDFC
2015-04-14 10:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 10:53 - 2014-07-11 11:45 - 00000000 ____D () C:\Users\elmaestro\.gimp-2.8
2015-04-14 10:53 - 2014-07-02 18:37 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9283A0E8-51E3-4F8B-9774-FF6E73BDB3CF}
2015-04-12 18:04 - 2014-11-11 20:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-12 13:12 - 2014-11-11 20:48 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-12 13:12 - 2014-11-11 20:48 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-12 13:01 - 2014-08-22 13:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-12 12:02 - 2014-06-05 14:14 - 00000000 ____D () C:\Users\HP
2015-04-12 05:28 - 2014-07-02 18:48 - 00000000 ____D () C:\Users\Administrator
2015-04-12 05:28 - 2014-07-02 18:37 - 00000000 ____D () C:\Users\elmaestro\AppData\Local\VirtualStore
2015-04-12 05:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-04-11 22:49 - 2015-02-20 16:25 - 00000000 ____D () C:\Program Files (x86)\Comodo
2015-04-11 22:49 - 2014-07-02 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-04-11 22:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-11 22:47 - 2014-07-02 19:28 - 00000000 ____D () C:\Users\elmaestro\AppData\Local\Mozilla
2015-04-11 19:30 - 2014-07-02 18:36 - 00000000 ____D () C:\Users\elmaestro
2015-04-11 17:38 - 2014-07-10 13:09 - 00000000 ____D () C:\Users\elmaestro\AppData\Roaming\FileZilla
2015-04-11 13:00 - 2014-09-01 18:32 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-11 13:00 - 2014-09-01 18:32 - 00000000 ____D () C:\ProgramData\Avira
2015-04-08 17:56 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-08 17:37 - 2014-07-02 17:58 - 00000000 ____D () C:\ProgramData\Comodo
2015-04-08 17:31 - 2012-03-20 00:26 - 00925304 _____ () C:\Windows\system32\perfh015.dat
2015-04-08 17:31 - 2012-03-20 00:26 - 00266850 _____ () C:\Windows\system32\perfc015.dat
2015-04-08 12:38 - 2014-09-02 18:11 - 00013312 ___SH () C:\Users\elmaestro\Downloads\Thumbs.db
2015-04-08 10:41 - 2013-09-13 15:57 - 00040664 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2015-04-08 10:25 - 2014-06-05 14:16 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2E384ABC-82E5-42B4-B4E9-13160CD16416}
2015-04-04 13:59 - 2014-06-05 14:14 - 00000000 ____D () C:\Users\HP\AppData\Local\VirtualStore
2015-04-03 17:32 - 2014-07-04 10:31 - 00000000 ____D () C:\Users\elmaestro\AppData\Roaming\Notepad++
2015-04-03 17:28 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-04-03 12:11 - 2012-03-19 16:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-03 12:11 - 2012-03-19 16:26 - 00000000 ____D () C:\ProgramData\Skype
2015-04-03 10:53 - 2014-06-18 13:12 - 00000000 ____D () C:\Users\HP\AppData\Local\CrashDumps
2015-04-02 20:16 - 2014-07-07 17:46 - 00000000 ____D () C:\Users\elmaestro\AppData\Roaming\Skype
2015-04-01 18:57 - 2009-07-14 07:13 - 01805500 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-29 18:49 - 2015-01-25 20:11 - 00000000 ____D () C:\Users\elmaestro\Desktop\gmic
2015-03-29 17:44 - 2015-01-29 20:04 - 00000000 ____D () C:\Users\elmaestro\Downloads\obama
2015-03-26 20:37 - 2014-07-03 13:21 - 00000000 ____D () C:\Users\HP\AppData\Roaming\FileZilla
2015-03-26 19:05 - 2015-02-27 13:45 - 00000000 ____D () C:\Users\elmaestro\Desktop\www - Kopia
2015-03-21 18:25 - 2009-07-14 07:08 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-20 18:51 - 2014-12-18 23:51 - 00000000 ____D () C:\Users\HP\Documents\Visual Studio 2013
2015-03-19 21:16 - 2015-03-01 18:12 - 00000000 ____D () C:\Users\elmaestro\Desktop\allegro
2015-03-19 11:29 - 2014-12-31 11:43 - 00000000 ____D () C:\Users\HP\AppData\Roaming\uTorrent
2015-03-18 23:12 - 2015-01-09 18:18 - 00000000 ___RD () C:\Users\elmaestro\Dropbox
2015-03-18 23:12 - 2015-01-07 10:03 - 00000000 ____D () C:\Users\elmaestro\AppData\Roaming\Dropbox
2015-03-18 17:58 - 2014-08-20 13:25 - 00000000 ____D () C:\Users\elmaestro\AppData\Local\CrashDumps
2015-03-15 12:52 - 2014-09-05 11:57 - 00000000 ____D () C:\Users\HP\AppData\Roaming\BitTorrent

Some content of TEMP:
====================
C:\Users\elmaestro\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-23 18:24

==================== End Of Log ============================