Anonim / 3 lata, 2 miesiące temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by Konrad (administrator) on KONRAD_PC on 23-09-2014 11:16:29
Running from C:\FRST64
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Binary Fortress Software) D:\Programy\DisplayFusion\DisplayFusion.exe
(Binary Fortress Software) D:\Programy\DisplayFusion\DisplayFusionService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() D:\Programy\EslWire\service\WireHelperSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Binary Fortress Software) D:\Programy\DisplayFusion\DisplayFusionAppHook.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Notepad2\Notepad2.exe
() C:\Program Files\Notepad2\Notepad2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [218880 2012-05-31] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-1339429657-3563075926-2128736263-1000\...\Run: [DisplayFusion] => D:\Programy\DisplayFusion\DisplayFusion.exe [8073088 2013-07-15] (Binary Fortress Software)
HKU\S-1-5-21-1339429657-3563075926-2128736263-1000\...\Policies\Explorer: [] 
IFEO\notepad.exe: [Debugger] "C:\Program Files\Notepad2\Notepad2.exe" /z
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Programy\Microsoft Office 2013\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Programy\Java\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Programy\Java\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programy\Microsoft Office 2013\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Konrad\AppData\Roaming\Mozilla\Firefox\Profiles\btci0vyt.default
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Programy\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programy\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Programy\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> D:\Programy\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> D:\Programy\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\Programy\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Twitch.tv Stream Browser - C:\Users\Konrad\AppData\Roaming\Mozilla\Firefox\Profiles\btci0vyt.default\Extensions\jid0-5q424C3HVeyE2T4d9bkO7CpXNjU@jetpack.xpi [2014-08-03]
FF Extension: Adblock Plus - C:\Users\Konrad\AppData\Roaming\Mozilla\Firefox\Profiles\btci0vyt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-03]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基网址顾问 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2014-03-13]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 安全键盘 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2014-03-13]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: 反广告 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2014-03-13]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: 安全支付 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2014-03-13]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Przelewy24) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiicmmpkicnndkhlnnloilpgncbpkbjj [2014-07-03]
CHR Extension: (BetterTTV) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-05-14]
CHR Extension: (Google Docs) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-13]
CHR Extension: (Google Drive) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-13]
CHR Extension: (YouTube) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-13]
CHR Extension: (Google Search) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-13]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-05-14]
CHR Extension: (Marlies Dekkers) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm [2014-05-14]
CHR Extension: (AdBlock) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-14]
CHR Extension: (Safe Money) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-05-14]
CHR Extension: (IE Tab) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2014-08-31]
CHR Extension: (Virtual Keyboard) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-05-14]
CHR Extension: (Google Wallet) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-13]
CHR Extension: (Gmail) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-13]
CHR Extension: (Anti-Banner) - C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-05-14]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-06-03]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-06-03]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-06-03]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-06-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [218880 2012-05-31] (Kaspersky Lab ZAO)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-03-13] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 DisplayFusionService; D:\Programy\DisplayFusion\DisplayFusionService.exe [1622928 2013-07-15] (Binary Fortress Software)
R2 EslWireHelper; D:\Programy\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2014-04-13] (<Turtle Entertainment>)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-17] ()
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458544 2012-04-13] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [85336 2012-05-29] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [640344 2012-05-29] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30000 2012-03-27] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2012-05-25] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [27992 2012-05-25] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54064 2012-05-12] (Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [172888 2012-05-24] (Kaspersky Lab)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-19] (Duplex Secure Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 11:16 - 2014-09-23 11:16 - 00000000 ____D () C:\FRST64
2014-09-23 11:08 - 2014-09-23 11:16 - 00000000 ____D () C:\FRST
2014-09-14 23:07 - 2014-09-14 23:31 - 00000000 ____D () C:\Users\Konrad\Desktop\Kubek
2014-09-14 00:57 - 2014-09-18 06:59 - 00000000 ____D () C:\Windows\pss
2014-09-14 00:52 - 2014-09-18 06:58 - 00000000 ___RD () C:\Users\Konrad\Dropbox
2014-09-14 00:51 - 2014-09-18 06:50 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\Dropbox
2014-09-14 00:51 - 2014-09-14 00:51 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-13 19:13 - 2014-09-13 19:13 - 00018511 _____ () C:\Windows\DirectX.log
2014-09-12 21:07 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 21:07 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 21:07 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 21:07 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 21:07 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 21:07 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 21:07 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 21:07 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 21:07 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 21:07 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 21:07 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 21:07 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 21:07 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 21:07 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 21:07 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 21:07 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 21:07 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 21:07 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 21:07 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 21:07 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 21:07 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 21:07 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 21:07 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 21:07 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 21:07 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 21:07 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 21:07 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 21:07 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 21:07 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 21:07 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 21:07 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 21:07 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 21:07 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 21:07 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 21:07 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 21:07 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 21:07 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 21:07 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 21:07 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 21:07 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 21:07 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 21:07 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 21:07 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 21:07 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 21:07 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 21:07 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 21:07 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 21:07 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 21:07 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 21:07 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 21:07 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 21:07 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 21:07 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 21:07 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 21:07 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 21:07 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 21:04 - 2014-09-12 21:04 - 00259590 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-09-12 21:04 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 21:04 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 21:02 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 21:02 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 21:02 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 21:02 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 21:02 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 21:02 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 21:02 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-12 21:02 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 21:02 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-12 21:01 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-12 21:01 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-12 21:01 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-05 06:21 - 2014-09-23 09:43 - 00004312 _____ () C:\Windows\setupact.log
2014-09-05 06:21 - 2014-09-05 06:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-04 23:04 - 2014-09-04 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A9Tech
2014-09-04 23:03 - 2014-09-04 23:03 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-08-31 20:50 - 2014-08-31 20:50 - 00000000 ____D () C:\ProgramData\Motorola
2014-08-31 20:26 - 2014-08-31 20:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motoandroid_01009.Wdf
2014-08-31 20:25 - 2014-08-31 20:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motccgp_01009.Wdf
2014-08-31 20:24 - 2014-08-31 20:24 - 00000000 ____D () C:\Users\Konrad\AppData\Local\Motorola
2014-08-31 20:22 - 2014-08-31 21:20 - 00000000 ____D () C:\Users\Konrad\AppData\Local\Motosftemp
2014-08-31 19:58 - 2014-09-23 09:43 - 00000000 ____D () C:\Temp
2014-08-31 19:58 - 2014-08-31 19:58 - 00003488 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Update
2014-08-31 19:58 - 2014-08-31 19:58 - 00003470 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Engine
2014-08-31 19:58 - 2014-08-31 19:58 - 00003296 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2014-08-31 19:58 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\Motorola Mobility
2014-08-31 19:57 - 2014-08-31 19:58 - 00000000 ____D () C:\Program Files (x86)\Motorola Mobility
2014-08-31 19:57 - 2014-08-31 19:57 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\Motorola
2014-08-31 19:57 - 2014-08-31 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2014-08-31 19:57 - 2014-08-31 19:57 - 00000000 ____D () C:\Program Files\Motorola Mobility LLC
2014-08-31 19:57 - 2014-08-31 19:57 - 00000000 ____D () C:\Program Files\Common Files\Motorola Shared
2014-08-31 19:57 - 2014-08-31 19:57 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-08-31 19:57 - 2014-08-31 19:57 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-08-31 19:51 - 2014-09-01 06:58 - 00002587 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSD Lite.lnk
2014-08-31 18:31 - 2014-08-31 18:31 - 00000000 __SHD () C:\Users\Konrad\AppData\Local\EmieUserList
2014-08-31 18:31 - 2014-08-31 18:31 - 00000000 __SHD () C:\Users\Konrad\AppData\Local\EmieSiteList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 11:16 - 2014-09-23 11:16 - 00000000 ____D () C:\FRST64
2014-09-23 11:16 - 2014-09-23 11:08 - 00000000 ____D () C:\FRST
2014-09-23 11:10 - 2014-03-18 00:35 - 00023990 _____ () C:\Users\Konrad\AppData\Roaming\Notepad2.ini
2014-09-23 10:50 - 2009-07-14 06:45 - 00027840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-23 10:50 - 2009-07-14 06:45 - 00027840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-23 09:59 - 2014-03-13 12:31 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-23 09:49 - 2011-04-12 15:21 - 00740098 _____ () C:\Windows\system32\perfh015.dat
2014-09-23 09:49 - 2011-04-12 15:21 - 00155672 _____ () C:\Windows\system32\perfc015.dat
2014-09-23 09:49 - 2009-07-14 07:13 - 01669190 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-23 09:46 - 2014-03-13 11:40 - 01486974 _____ () C:\Windows\WindowsUpdate.log
2014-09-23 09:43 - 2014-09-05 06:21 - 00004312 _____ () C:\Windows\setupact.log
2014-09-23 09:43 - 2014-08-31 19:58 - 00000000 ____D () C:\Temp
2014-09-23 09:43 - 2014-03-13 13:08 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-09-23 09:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 19:49 - 2014-03-13 13:08 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-09-22 19:26 - 2014-03-13 23:48 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\vlc
2014-09-21 11:30 - 2014-03-15 00:29 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\foobar2000
2014-09-21 08:24 - 2014-03-13 13:13 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\uTorrent
2014-09-18 06:59 - 2014-09-14 00:57 - 00000000 ____D () C:\Windows\pss
2014-09-18 06:58 - 2014-09-14 00:52 - 00000000 ___RD () C:\Users\Konrad\Dropbox
2014-09-18 06:50 - 2014-09-14 00:51 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\Dropbox
2014-09-14 23:31 - 2014-09-14 23:07 - 00000000 ____D () C:\Users\Konrad\Desktop\Kubek
2014-09-14 22:17 - 2014-07-21 14:51 - 00000000 ____D () C:\Users\Konrad\Desktop\Konrad
2014-09-14 22:17 - 2014-03-13 12:35 - 00000000 ____D () C:\Users\Konrad\Desktop\Programy
2014-09-14 00:52 - 2014-03-13 11:39 - 00000000 ____D () C:\Users\Konrad
2014-09-14 00:51 - 2014-09-14 00:51 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-13 19:13 - 2014-09-13 19:13 - 00018511 _____ () C:\Windows\DirectX.log
2014-09-13 15:11 - 2014-08-14 08:12 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-13 09:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-13 08:41 - 2014-04-05 11:18 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\DisplayFusion
2014-09-12 22:59 - 2009-07-14 06:45 - 00438408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-12 21:07 - 2014-03-13 12:26 - 01640860 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-12 21:06 - 2014-03-13 13:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 21:04 - 2014-09-12 21:04 - 00259590 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-09-12 21:04 - 2014-03-13 13:31 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-05 06:21 - 2014-09-05 06:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-04 23:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-09-04 23:27 - 2014-07-03 08:37 - 00000132 _____ () C:\Users\Konrad\Desktop\paysafecard.txt
2014-09-04 23:04 - 2014-09-04 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A9Tech
2014-09-04 23:03 - 2014-09-04 23:03 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-09-04 22:47 - 2014-06-23 09:08 - 00045107 _____ () C:\Windows\system32\webservice4.log
2014-09-04 22:33 - 2014-05-30 16:32 - 00000000 ____D () C:\Users\Konrad\AppData\Local\cache
2014-09-01 06:58 - 2014-08-31 19:51 - 00002587 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSD Lite.lnk
2014-08-31 21:20 - 2014-08-31 20:22 - 00000000 ____D () C:\Users\Konrad\AppData\Local\Motosftemp
2014-08-31 20:50 - 2014-08-31 20:50 - 00000000 ____D () C:\ProgramData\Motorola
2014-08-31 20:26 - 2014-08-31 20:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motoandroid_01009.Wdf
2014-08-31 20:25 - 2014-08-31 20:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motccgp_01009.Wdf
2014-08-31 20:24 - 2014-08-31 20:24 - 00000000 ____D () C:\Users\Konrad\AppData\Local\Motorola
2014-08-31 19:58 - 2014-08-31 19:58 - 00003488 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Update
2014-08-31 19:58 - 2014-08-31 19:58 - 00003470 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Engine
2014-08-31 19:58 - 2014-08-31 19:58 - 00003296 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2014-08-31 19:58 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\Motorola Mobility
2014-08-31 19:58 - 2014-08-31 19:57 - 00000000 ____D () C:\Program Files (x86)\Motorola Mobility
2014-08-31 19:57 - 2014-08-31 19:57 - 00000000 ____D () C:\Users\Konrad\AppData\Roaming\Motorola
2014-08-31 19:57 - 2014-08-31 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2014-08-31 19:57 - 2014-08-31 19:57 - 00000000 ____D () C:\Program Files\Motorola Mobility LLC
2014-08-31 19:57 - 2014-08-31 19:57 - 00000000 ____D () C:\Program Files\Common Files\Motorola Shared
2014-08-31 19:57 - 2014-08-31 19:57 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-08-31 19:57 - 2014-08-31 19:57 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-08-31 19:57 - 2014-03-13 12:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-31 18:31 - 2014-08-31 18:31 - 00000000 __SHD () C:\Users\Konrad\AppData\Local\EmieUserList
2014-08-31 18:31 - 2014-08-31 18:31 - 00000000 __SHD () C:\Users\Konrad\AppData\Local\EmieSiteList
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Konrad\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpahwzaa.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-21 10:34

==================== End Of Log ============================