Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02 Ran by Patryk (administrator) on PATRYK-KOMP on 06-09-2014 10:15:50 Running from C:\Users\Patryk\Desktop Platform: Windows 8 (X64) OS Language: Polski (Polska) Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Windows\SysWOW64\ASGT.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (GG Network S.A.) C:\Program Files\WindowsApps\6298F5A8.GG_2.0.0.179_x64__nmmbtdjpca5da\GG.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-18] (AVAST Software) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => E:\Ituns\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKU\S-1-5-21-2222167901-162697703-688589523-1001\...\Run: [EADM] => E:\BF3\Origin\Origin.exe [3600216 2014-09-02] (Electronic Arts) HKU\S-1-5-21-2222167901-162697703-688589523-1001\...\Run: [Steam] => E:\steam\steam\Steam.exe [1753280 2014-07-16] (Valve Corporation) HKU\S-1-5-21-2222167901-162697703-688589523-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21653096 2014-07-24] (Skype Technologies S.A.) HKU\S-1-5-21-2222167901-162697703-688589523-1001\...\MountPoints2: {b4a39b7a-b5df-11e2-be66-806e6f6e6963} - "D:\Autorun.exe" ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD4FA409ECC6ACE01 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 95.160.170.92 88.156.222.92 109.241.239.12 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Ituns\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-03-03] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-08] Chrome: ======= CHR HomePage: Default -> hxxp://pl.msn.com/?pc=UP97&ocid=UP97DHP CHR StartupUrls: Default -> "hxxp://google.pl/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Translate) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-08-26] CHR Extension: (Battlefield Heroes) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-03-15] CHR Extension: (avast! Online Security) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-18] CHR Extension: (Minimal) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfhcmjkebafbfikmbkhdpbmfpfjgiog [2014-08-26] CHR Extension: (Sprawdzanie poczty Google) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-08-26] CHR Extension: (Google Wallet) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-18] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-18] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-08-14] (Ellora Assets Corp.) [File not signed] S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation) S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4609416 2013-11-06] (INCA Internet Co., Ltd.) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-23] () S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-18] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-18] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-18] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-18] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-18] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-18] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-18] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-18] () S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-09-04] (LogMeIn Inc.) R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [15168 2012-03-10] () R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-06 10:14 - 2014-09-06 10:14 - 00006910 _____ () C:\Users\Patryk\Desktop\AdwCleaner[S0].txt 2014-09-06 10:09 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-09-06 10:08 - 2014-09-06 10:12 - 00000000 ____D () C:\AdwCleaner 2014-09-06 09:58 - 2014-09-06 09:58 - 01370467 _____ () C:\Users\Patryk\Downloads\adwcleaner_3.309.exe 2014-09-06 09:21 - 2014-09-06 09:21 - 00127022 _____ () C:\Users\Patryk\Desktop\OTL.Txt 2014-09-06 09:13 - 2014-09-06 09:20 - 00127022 _____ () C:\Users\Patryk\Downloads\OTL.Txt 2014-09-06 09:13 - 2014-09-06 09:13 - 00083632 _____ () C:\Users\Patryk\Desktop\Extras.Txt 2014-09-06 09:04 - 2014-09-06 10:15 - 00014325 _____ () C:\Users\Patryk\Desktop\FRST.txt 2014-09-06 09:04 - 2014-09-06 09:04 - 00044469 _____ () C:\Users\Patryk\Downloads\Shortcut.txt 2014-09-06 09:04 - 2014-09-06 09:04 - 00044469 _____ () C:\Users\Patryk\Desktop\Shortcut.txt 2014-09-06 09:04 - 2014-09-06 09:04 - 00031617 _____ () C:\Users\Patryk\Desktop\Addition.txt 2014-09-06 09:03 - 2014-09-06 09:04 - 00053067 _____ () C:\Users\Patryk\Downloads\FRST.txt 2014-09-06 09:03 - 2014-09-06 09:04 - 00031617 _____ () C:\Users\Patryk\Downloads\Addition.txt 2014-09-06 09:02 - 2014-09-06 10:15 - 00000000 ____D () C:\FRST 2014-09-06 09:01 - 2014-09-06 09:01 - 00475550 _____ () C:\Users\Patryk\Desktop\gmer.txt 2014-09-06 08:57 - 2014-09-06 08:57 - 00380416 _____ () C:\Users\Patryk\Downloads\2vornp0u.exe 2014-09-06 08:55 - 2014-09-06 08:55 - 02104832 _____ (Farbar) C:\Users\Patryk\Desktop\FRST64.exe 2014-09-06 08:55 - 2014-09-06 08:55 - 00602112 _____ (OldTimer Tools) C:\Users\Patryk\Downloads\OTL.exe 2014-09-06 08:43 - 2014-09-06 08:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patryk\Downloads\mbam-setup-2.0.2.1012 (1).exe 2014-09-06 08:29 - 2014-09-06 08:39 - 00021440 _____ () C:\Windows\WindowsUpdate.log 2014-09-06 08:26 - 2014-09-06 10:13 - 00025718 _____ () C:\Windows\PFRO.log 2014-09-06 07:40 - 2014-09-06 07:41 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patryk\Downloads\mbam-setup-2.0.2.1012.exe 2014-09-06 07:25 - 2014-09-06 07:25 - 00000000 _____ () C:\autoexec.bat 2014-09-05 20:17 - 2014-09-05 20:17 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Cool Record Edit Pro 2014-09-05 20:15 - 2014-09-05 20:20 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Free Sound Recorder 2014-09-05 20:15 - 2014-09-05 20:16 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\New Version Available 2014-09-05 20:15 - 2014-09-05 20:15 - 00000000 ____D () C:\Users\Patryk\Documents\Free Sound Recorder 2014-09-05 20:14 - 2014-09-05 20:14 - 11379008 _____ (Copyright© 2005-2014 FreeSoundRecorder Technologies, Inc. ) C:\Users\Patryk\Downloads\FreeSoundRecorder.exe 2014-09-04 17:34 - 2014-09-04 17:34 - 00049800 _____ () C:\Users\Patryk\AppData\Local\recently-used.xbel 2014-09-04 11:44 - 2014-09-04 11:44 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys 2014-09-03 14:00 - 2014-09-03 14:02 - 00000000 ____D () C:\Users\Patryk\Desktop\Gimp2 2014-09-02 16:49 - 2014-09-02 16:49 - 00006618 _____ () C:\Users\Patryk\Downloads\chrissdynamiccompressor-1_2_6.zip 2014-09-01 15:20 - 2014-09-01 16:22 - 00000063 _____ () C:\Users\Patryk\Desktop\kody.txt 2014-09-01 13:05 - 2014-09-02 07:06 - 00000004 _____ () C:\Users\Patryk\Desktop\event letni.txt 2014-08-31 15:53 - 2014-08-31 15:53 - 00000000 _____ () C:\Users\Patryk\Desktop\pamietnik.txt 2014-08-31 12:53 - 2014-08-31 12:53 - 08783059 _____ () C:\Users\Patryk\Downloads\Conquistadors_by_ICrafting_HARDCORE_v1.4.zip 2014-08-31 11:25 - 2014-08-31 11:25 - 00000133 _____ () C:\Users\Patryk\Desktop\Nowy dokument tekstowy (2).txt 2014-08-30 23:32 - 2014-09-01 11:23 - 00000005 _____ () C:\Users\Patryk\Desktop\masterchefbarry.txt 2014-08-30 14:44 - 2014-08-30 14:44 - 75147752 _____ () C:\Users\Patryk\Desktop\xd2.wav 2014-08-30 12:03 - 2014-09-01 15:31 - 00000614 _____ () C:\Users\Patryk\Desktop\Nowy dokument tekstowy.txt 2014-08-30 11:09 - 2014-08-30 11:10 - 07964793 _____ () C:\Users\Patryk\Downloads\faithful32packOptiFine.zip 2014-08-29 22:35 - 2014-08-29 22:52 - 79187636 _____ () C:\Users\Patryk\Desktop\xd1.wav 2014-08-29 20:56 - 2014-09-06 10:14 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Skype 2014-08-29 20:56 - 2014-08-29 20:56 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-08-29 20:56 - 2014-08-29 20:56 - 00000000 ____D () C:\Users\Patryk\AppData\Local\Skype 2014-08-29 20:56 - 2014-08-29 20:56 - 00000000 ____D () C:\ProgramData\Skype 2014-08-29 20:56 - 2014-08-29 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-08-29 20:55 - 2014-08-29 20:55 - 35596384 _____ (Skype Technologies S.A.) C:\Users\Patryk\Downloads\SkypeSetupFull.exe 2014-08-29 16:54 - 2014-08-29 17:09 - 1172548021 _____ () C:\Users\Patryk\Downloads\Tavia.pl_Klient_Gry.zip 2014-08-28 20:01 - 2014-08-28 20:01 - 00026598 _____ () C:\Users\Patryk\Downloads\MrMeep_x3s Shaders v04.0 RC4.zip 2014-08-28 17:02 - 2014-08-28 17:02 - 23305296 _____ () C:\Users\Patryk\Downloads\mmc-stable-win32.zip 2014-08-28 09:24 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-28 09:24 - 2014-07-16 01:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 09:24 - 2014-07-12 04:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-26 16:40 - 2014-09-05 14:32 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\inkscape 2014-08-26 16:39 - 2014-08-26 16:39 - 00000662 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk 2014-08-26 16:34 - 2014-08-26 16:34 - 34573304 _____ (inkscape.org) C:\Users\Patryk\Downloads\Inkscape-0.48.5-1-win32.exe 2014-08-26 15:52 - 2014-08-26 15:52 - 00675988 _____ () C:\Users\Patryk\Downloads\Minecraft (1).exe 2014-08-26 15:06 - 2014-08-26 15:15 - 346323041 _____ () C:\Users\Patryk\Downloads\X-Pack Adventure 1.7.2_2.exe 2014-08-25 12:48 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-08-25 12:45 - 2014-08-25 12:58 - 00000000 ____D () C:\Users\Patryk\Desktop\iphone 2014-08-25 12:45 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-08-25 12:45 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-08-25 12:45 - 2014-07-02 22:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-08-24 22:26 - 2014-08-24 22:26 - 01269464 _____ (Ellora Assets Corporation ) C:\Users\Patryk\Downloads\FreemakeVideoDownloaderSetup (1).exe 2014-08-19 08:54 - 2014-05-15 03:02 - 00059424 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-19 08:54 - 2014-05-15 00:43 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-19 08:54 - 2014-05-15 00:43 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-19 08:54 - 2014-05-15 00:43 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2014-08-19 08:54 - 2014-05-15 00:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2014-08-18 22:45 - 2014-08-18 22:46 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\DropboxMaster 2014-08-18 22:45 - 2014-08-18 22:45 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-08-18 22:43 - 2014-08-18 22:46 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Dropbox 2014-08-18 11:00 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys 2014-08-18 10:59 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-18 10:59 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-18 10:58 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-18 10:58 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2014-08-18 10:57 - 2014-08-07 08:33 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-18 10:57 - 2014-08-07 05:09 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-18 10:57 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-18 10:57 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-18 10:57 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-18 10:57 - 2014-07-24 14:10 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-08-18 10:57 - 2014-07-24 14:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-18 10:57 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-18 10:57 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-18 10:57 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-18 10:57 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-18 10:57 - 2014-07-24 12:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-18 10:57 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-18 10:57 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-18 10:57 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-18 10:57 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-18 10:57 - 2014-07-24 10:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2014-08-18 10:57 - 2014-06-20 01:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-18 10:57 - 2014-06-20 00:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-18 10:57 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-18 10:57 - 2014-06-05 19:30 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2014-08-18 10:57 - 2014-06-05 19:29 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-18 10:57 - 2014-06-05 19:29 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-18 10:57 - 2014-06-05 19:28 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-18 10:57 - 2014-06-05 19:28 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2014-08-18 10:57 - 2014-06-05 15:12 - 08857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2014-08-18 10:57 - 2014-06-05 15:11 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-18 10:57 - 2014-06-05 15:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-18 10:57 - 2014-06-05 15:10 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-18 10:57 - 2014-06-05 15:10 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2014-08-18 10:57 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2014-08-18 10:57 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2014-08-18 10:57 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-08-18 10:57 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-08-18 10:57 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-08-18 10:57 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-08-18 10:57 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe 2014-08-18 10:57 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe 2014-08-18 10:57 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-08-18 10:57 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-08-18 10:57 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-08-18 10:57 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-08-18 10:53 - 2014-08-18 10:53 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-08-18 10:53 - 2014-08-18 10:53 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-08-13 22:34 - 2014-08-13 22:49 - 00000000 ____D () C:\Program Files (x86)\Java 2014-08-13 22:34 - 2014-08-13 22:34 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-13 22:34 - 2014-08-13 22:34 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-13 22:34 - 2014-08-13 22:34 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-13 22:34 - 2014-08-13 22:34 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-06 10:16 - 2014-09-06 09:04 - 00014325 _____ () C:\Users\Patryk\Desktop\FRST.txt 2014-09-06 10:15 - 2014-09-06 09:02 - 00000000 ____D () C:\FRST 2014-09-06 10:14 - 2014-09-06 10:14 - 00006910 _____ () C:\Users\Patryk\Desktop\AdwCleaner[S0].txt 2014-09-06 10:14 - 2014-08-29 20:56 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Skype 2014-09-06 10:14 - 2013-05-05 20:09 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-06 10:13 - 2014-09-06 08:26 - 00025718 _____ () C:\Windows\PFRO.log 2014-09-06 10:13 - 2013-05-05 20:14 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-09-06 10:13 - 2013-05-05 20:09 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-06 10:13 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-06 10:12 - 2014-09-06 10:08 - 00000000 ____D () C:\AdwCleaner 2014-09-06 10:11 - 2012-07-26 11:51 - 00793704 _____ () C:\Windows\system32\perfh015.dat 2014-09-06 10:11 - 2012-07-26 11:51 - 00159324 _____ () C:\Windows\system32\perfc015.dat 2014-09-06 10:11 - 2012-07-26 09:28 - 01793398 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-06 10:10 - 2013-05-05 20:11 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2222167901-162697703-688589523-1001 2014-09-06 10:05 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-09-06 10:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru 2014-09-06 09:58 - 2014-09-06 09:58 - 01370467 _____ () C:\Users\Patryk\Downloads\adwcleaner_3.309.exe 2014-09-06 09:21 - 2014-09-06 09:21 - 00127022 _____ () C:\Users\Patryk\Desktop\OTL.Txt 2014-09-06 09:20 - 2014-09-06 09:13 - 00127022 _____ () C:\Users\Patryk\Downloads\OTL.Txt 2014-09-06 09:13 - 2014-09-06 09:13 - 00083632 _____ () C:\Users\Patryk\Desktop\Extras.Txt 2014-09-06 09:04 - 2014-09-06 09:04 - 00044469 _____ () C:\Users\Patryk\Downloads\Shortcut.txt 2014-09-06 09:04 - 2014-09-06 09:04 - 00044469 _____ () C:\Users\Patryk\Desktop\Shortcut.txt 2014-09-06 09:04 - 2014-09-06 09:04 - 00031617 _____ () C:\Users\Patryk\Desktop\Addition.txt 2014-09-06 09:04 - 2014-09-06 09:03 - 00053067 _____ () C:\Users\Patryk\Downloads\FRST.txt 2014-09-06 09:04 - 2014-09-06 09:03 - 00031617 _____ () C:\Users\Patryk\Downloads\Addition.txt 2014-09-06 09:01 - 2014-09-06 09:01 - 00475550 _____ () C:\Users\Patryk\Desktop\gmer.txt 2014-09-06 08:57 - 2014-09-06 08:57 - 00380416 _____ () C:\Users\Patryk\Downloads\2vornp0u.exe 2014-09-06 08:55 - 2014-09-06 08:55 - 02104832 _____ (Farbar) C:\Users\Patryk\Desktop\FRST64.exe 2014-09-06 08:55 - 2014-09-06 08:55 - 00602112 _____ (OldTimer Tools) C:\Users\Patryk\Downloads\OTL.exe 2014-09-06 08:50 - 2013-05-05 20:44 - 00000000 ____D () C:\Users\Patryk\AppData\Local\CrashDumps 2014-09-06 08:44 - 2014-09-06 08:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patryk\Downloads\mbam-setup-2.0.2.1012 (1).exe 2014-09-06 08:39 - 2014-09-06 08:29 - 00021440 _____ () C:\Windows\WindowsUpdate.log 2014-09-06 08:27 - 2013-06-08 12:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-09-06 07:41 - 2014-09-06 07:40 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patryk\Downloads\mbam-setup-2.0.2.1012.exe 2014-09-06 07:25 - 2014-09-06 07:25 - 00000000 _____ () C:\autoexec.bat 2014-09-05 22:27 - 2013-05-15 18:57 - 00000000 ____D () C:\Users\Patryk\Downloads\Gameforge Live 2014-09-05 22:03 - 2013-09-10 15:32 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Audacity 2014-09-05 20:20 - 2014-09-05 20:15 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Free Sound Recorder 2014-09-05 20:17 - 2014-09-05 20:17 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Cool Record Edit Pro 2014-09-05 20:16 - 2014-09-05 20:15 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\New Version Available 2014-09-05 20:15 - 2014-09-05 20:15 - 00000000 ____D () C:\Users\Patryk\Documents\Free Sound Recorder 2014-09-05 20:14 - 2014-09-05 20:14 - 11379008 _____ (Copyright© 2005-2014 FreeSoundRecorder Technologies, Inc. ) C:\Users\Patryk\Downloads\FreeSoundRecorder.exe 2014-09-05 14:32 - 2014-08-26 16:40 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\inkscape 2014-09-05 14:21 - 2013-05-08 18:28 - 00000000 ____D () C:\ProgramData\Origin 2014-09-05 13:49 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-09-05 13:46 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp 2014-09-04 17:34 - 2014-09-04 17:34 - 00049800 _____ () C:\Users\Patryk\AppData\Local\recently-used.xbel 2014-09-04 17:34 - 2014-03-06 21:59 - 00000000 ____D () C:\Users\Patryk\AppData\Local\gtk-2.0 2014-09-04 17:34 - 2014-03-04 20:58 - 00000000 ____D () C:\Users\Patryk\.gimp-2.8 2014-09-04 11:44 - 2014-09-04 11:44 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys 2014-09-03 18:26 - 2014-05-09 17:47 - 00000000 ____D () C:\Users\Patryk\Desktop\muzyka 2014-09-03 14:31 - 2013-05-15 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2014-09-03 14:02 - 2014-09-03 14:00 - 00000000 ____D () C:\Users\Patryk\Desktop\Gimp2 2014-09-02 16:49 - 2014-09-02 16:49 - 00006618 _____ () C:\Users\Patryk\Downloads\chrissdynamiccompressor-1_2_6.zip 2014-09-02 07:06 - 2014-09-01 13:05 - 00000004 _____ () C:\Users\Patryk\Desktop\event letni.txt 2014-09-01 16:22 - 2014-09-01 15:20 - 00000063 _____ () C:\Users\Patryk\Desktop\kody.txt 2014-09-01 15:31 - 2014-08-30 12:03 - 00000614 _____ () C:\Users\Patryk\Desktop\Nowy dokument tekstowy.txt 2014-09-01 11:23 - 2014-08-30 23:32 - 00000005 _____ () C:\Users\Patryk\Desktop\masterchefbarry.txt 2014-08-31 16:08 - 2013-05-05 20:05 - 00000000 ____D () C:\Users\Patryk\AppData\Local\Packages 2014-08-31 15:53 - 2014-08-31 15:53 - 00000000 _____ () C:\Users\Patryk\Desktop\pamietnik.txt 2014-08-31 12:53 - 2014-08-31 12:53 - 08783059 _____ () C:\Users\Patryk\Downloads\Conquistadors_by_ICrafting_HARDCORE_v1.4.zip 2014-08-31 11:25 - 2014-08-31 11:25 - 00000133 _____ () C:\Users\Patryk\Desktop\Nowy dokument tekstowy (2).txt 2014-08-30 15:32 - 2014-07-24 22:58 - 00000000 ___RD () C:\Users\Patryk\Desktop\YouTube 2014-08-30 15:28 - 2013-05-05 20:05 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Adobe 2014-08-30 14:44 - 2014-08-30 14:44 - 75147752 _____ () C:\Users\Patryk\Desktop\xd2.wav 2014-08-30 14:04 - 2013-09-10 17:50 - 00000000 ____D () C:\Users\Patryk\AppData\Local\Adobe 2014-08-30 11:10 - 2014-08-30 11:09 - 07964793 _____ () C:\Users\Patryk\Downloads\faithful32packOptiFine.zip 2014-08-29 22:52 - 2014-08-29 22:35 - 79187636 _____ () C:\Users\Patryk\Desktop\xd1.wav 2014-08-29 20:56 - 2014-08-29 20:56 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-08-29 20:56 - 2014-08-29 20:56 - 00000000 ____D () C:\Users\Patryk\AppData\Local\Skype 2014-08-29 20:56 - 2014-08-29 20:56 - 00000000 ____D () C:\ProgramData\Skype 2014-08-29 20:56 - 2014-08-29 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-08-29 20:56 - 2013-08-31 00:10 - 00000000 ___RD () C:\Users\Patryk\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App 2014-08-29 20:55 - 2014-08-29 20:55 - 35596384 _____ (Skype Technologies S.A.) C:\Users\Patryk\Downloads\SkypeSetupFull.exe 2014-08-29 17:09 - 2014-08-29 16:54 - 1172548021 _____ () C:\Users\Patryk\Downloads\Tavia.pl_Klient_Gry.zip 2014-08-29 16:08 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF 2014-08-29 16:03 - 2014-07-22 16:03 - 00409440 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-28 20:01 - 2014-08-28 20:01 - 00026598 _____ () C:\Users\Patryk\Downloads\MrMeep_x3s Shaders v04.0 RC4.zip 2014-08-28 17:02 - 2014-08-28 17:02 - 23305296 _____ () C:\Users\Patryk\Downloads\mmc-stable-win32.zip 2014-08-28 16:06 - 2014-07-05 12:05 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\.minecraft 2014-08-27 17:49 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP 2014-08-27 16:55 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-08-26 16:39 - 2014-08-26 16:39 - 00000662 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk 2014-08-26 16:34 - 2014-08-26 16:34 - 34573304 _____ (inkscape.org) C:\Users\Patryk\Downloads\Inkscape-0.48.5-1-win32.exe 2014-08-26 15:52 - 2014-08-26 15:52 - 00675988 _____ () C:\Users\Patryk\Downloads\Minecraft (1).exe 2014-08-26 15:15 - 2014-08-26 15:06 - 346323041 _____ () C:\Users\Patryk\Downloads\X-Pack Adventure 1.7.2_2.exe 2014-08-25 12:58 - 2014-08-25 12:45 - 00000000 ____D () C:\Users\Patryk\Desktop\iphone 2014-08-25 12:49 - 2013-05-05 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-08-25 12:48 - 2013-05-05 20:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-08-25 12:47 - 2013-05-05 20:14 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-08-25 12:10 - 2014-07-29 16:01 - 00000000 ____D () C:\Users\Patryk\AppData\Local\ftblauncher 2014-08-24 22:29 - 2014-02-22 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2014-08-24 22:29 - 2014-02-22 19:47 - 00000000 ____D () C:\ProgramData\Freemake 2014-08-24 22:26 - 2014-08-24 22:26 - 01269464 _____ (Ellora Assets Corporation ) C:\Users\Patryk\Downloads\FreemakeVideoDownloaderSetup (1).exe 2014-08-23 08:47 - 2014-08-28 09:24 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-19 09:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache 2014-08-18 22:46 - 2014-08-18 22:45 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\DropboxMaster 2014-08-18 22:46 - 2014-08-18 22:43 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Dropbox 2014-08-18 22:45 - 2014-08-18 22:45 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-08-18 14:45 - 2014-07-18 23:43 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-18 14:45 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData 2014-08-18 14:45 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore 2014-08-18 11:07 - 2013-08-17 10:50 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-18 11:06 - 2013-05-05 21:25 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-18 10:53 - 2014-08-18 10:53 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-08-18 10:53 - 2014-08-18 10:53 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-08-18 10:53 - 2014-02-18 23:17 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-08-18 10:53 - 2013-06-08 12:16 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-08-18 10:53 - 2013-06-08 12:16 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-08-18 10:53 - 2013-06-08 12:16 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-08-18 10:53 - 2013-06-08 12:16 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-08-18 10:53 - 2013-06-08 12:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-08-18 10:53 - 2013-06-08 12:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-08-18 10:53 - 2013-06-08 12:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-08-17 12:14 - 2013-06-08 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-08-13 22:49 - 2014-08-13 22:34 - 00000000 ____D () C:\Program Files (x86)\Java 2014-08-13 22:49 - 2014-07-11 22:19 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-13 22:34 - 2014-08-13 22:34 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-13 22:34 - 2014-08-13 22:34 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-13 22:34 - 2014-08-13 22:34 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-13 22:34 - 2014-08-13 22:34 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-13 22:34 - 2014-02-19 18:21 - 00321448 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-08-13 22:34 - 2014-02-19 18:21 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-08-13 22:34 - 2014-02-19 18:21 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-08-13 22:34 - 2014-02-19 18:21 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-08-13 22:34 - 2014-02-19 18:21 - 00000000 ____D () C:\Program Files\Java 2014-08-07 08:33 - 2014-08-18 10:57 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-07 05:09 - 2014-08-18 10:57 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll Some content of TEMP: ==================== C:\Users\Patryk\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-29 09:54 ==================== End Of Log ============================