Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Marek (administrator) on MAREK-PC on 12-03-2015 14:15:05
Running from C:\Users\Marek\Downloads
Loaded Profiles: Marek (Available profiles: Marek & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Akamai Technologies, Inc.) C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Akamai Technologies, Inc.) C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-11-25] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2010-11-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3251776730-861767313-4254609882-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3251776730-861767313-4254609882-1000\...\Policies\system: [DisableChangePassword] 1
HKU\S-1-5-21-3251776730-861767313-4254609882-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Uchwyt nakładania ikony podpisu cyfrowego] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3251776730-861767313-4254609882-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3251776730-861767313-4254609882-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKU\S-1-5-21-3251776730-861767313-4254609882-1000 - (No Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - No File
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3251776730-861767313-4254609882-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2013-03-21] (EJIE Technology)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2012-12-20] (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll [2012-12-20] (Microsoft Corporation)
Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} -  No File
Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: 127.0.0.1	localhost
Tcpip\Parameters: [DhcpNameServer] 31.11.202.254 37.8.214.2

FireFox:
========
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\u672s3gb.default-1425499287904
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-07-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll No File
FF Plugin HKU\S-1-5-21-3251776730-861767313-4254609882-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Marek\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-3251776730-861767313-4254609882-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Marek\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3251776730-861767313-4254609882-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Marek\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3251776730-861767313-4254609882-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3251776730-861767313-4254609882-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-11] ()
FF Extension: Screengrab  (fix version) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\u672s3gb.default-1425499287904\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2015-03-05]
FF Extension: Flagfox - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\u672s3gb.default-1425499287904\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2015-03-04]
FF Extension: Download Status Bar - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\u672s3gb.default-1425499287904\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-03-04]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-07-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.pl/
CHR StartupUrls: Default -> "hxxp://www.omniboxes.com/?type=hp&ts=1425494452&from=obw&uid=ST3500413AS_Z2A7FQ7PXXXXZ2A7FQ7P"
CHR DefaultSearchKeyword: Default -> omniboxes
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-31]
CHR Extension: (Google Drive) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-31]
CHR Extension: (YouTube) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-31]
CHR Extension: (Google Search) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-31]
CHR Extension: (Google Wallet) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-31]
CHR Extension: (Gmail) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-31]
CHR HKLM-x32\...\Chrome\Extension: [ahllmicjfilnopfmpmokidfabdacfkpi] - C:\ProgramData\Bcool\ahllmicjfilnopfmpmokidfabdacfkpi.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-05] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-05] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-07] (Electronic Arts)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-11-23] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2011-08-17] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)
S2 BasementDuster; C:\Program Files (x86)\IGS\BasementDuster.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-10-07] (MCCI Corporation)
S3 awUSB; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [18392 2013-01-25] (Scott)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros)
S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
S3 CXSONORA64; C:\Windows\System32\drivers\VMTVE88x64.sys [483712 2010-06-14] (Compro Technology., Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-18] (Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [27456 2012-07-09] (Intel Corporation)
S2 Kmm4xNT; C:\Windows\SysWow64\Drivers\Kmm4xNT.sys [95484 2000-11-25] (DATOM Dariusz Cielebąk)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\3901.tmp [6144 2009-06-18] (Sophos Plc) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation)
S3 PRODIGY; C:\Windows\System32\Drivers\PRODIGY.SYS [32377 2006-08-29] (B-phreaks) [File not signed]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-06-27] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-06-27] (RapidSolution Software AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-18] (Duplex Secure Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-03-05] ()
S3 ULCDRHlp; C:\Windows\SysWOW64\Drivers\ULCDRHlp.sys [27232 2004-08-11] (Ulead Systems, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [18392 2013-01-25] (Scott)
S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [198784 2009-05-25] (Vimicro Corporation)
S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)
U3 albxpmi3; No ImagePath
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 appliandMP; system32\DRIVERS\appliand.sys [X]
S2 ATE_PROCMON; \??\C:\Program Files (x86)\Anti Trojan Elite\ATEPMon.sys [X]
S3 ATSZIO; \??\C:\Program Files (x86)\ASUS\ASUS PC Diagnostics\ATSZIO64.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S0 fsned; system32\drivers\bbcqq.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 NDSPCIIO; \??\C:\Windows\system32\DRIVERS\NDSPCIIO64.SYS [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
U2 TMAgent; No ImagePath
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vserial; System32\DRIVERS\vserial.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S0 zhhh; system32\drivers\emeqb.sys [X]
U3 ugloypow; \??\C:\Users\Marek\AppData\Local\Temp\ugloypow.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-12 14:15 - 2015-03-12 14:15 - 00025678 _____ () C:\Users\Marek\Downloads\FRST.txt
2015-03-12 14:11 - 2015-03-12 14:15 - 00000000 ____D () C:\FRST
2015-03-12 14:11 - 2015-03-12 14:11 - 02095616 _____ (Farbar) C:\Users\Marek\Downloads\FRST64.exe
2015-03-12 14:09 - 2015-03-12 14:09 - 00016193 _____ () C:\Users\Marek\Desktop\GMER.txt
2015-03-12 14:05 - 2015-03-12 14:05 - 00016193 _____ () C:\Users\Marek\Desktop\my skan.txt
2015-03-12 12:32 - 2015-03-12 12:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2785510A.sys
2015-03-12 12:32 - 2015-03-12 12:32 - 00000000 ___RD () C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-03-09 16:52 - 2015-03-09 16:52 - 00000000 ____D () C:\Users\Marek\AppData\Local\UnrealEngineLauncher
2015-03-07 19:17 - 2015-03-07 19:18 - 00000000 ____D () C:\Users\Marek\Desktop\pieprzone ogłoszeniqa
2015-03-06 10:43 - 2015-03-06 10:43 - 00000000 ____D () C:\Users\Marek\Documents\UnrealTournament
2015-03-06 10:25 - 2015-03-06 10:25 - 00000363 _____ () C:\Windows\DirectX.log
2015-03-06 10:25 - 2015-03-06 10:25 - 00000000 ____D () C:\Users\Marek\AppData\Local\EpicGamesLauncher
2015-03-06 10:24 - 2015-03-09 16:56 - 00000000 ____D () C:\Program Files\Epic Games
2015-03-06 10:24 - 2015-03-09 16:52 - 00000000 ____D () C:\ProgramData\Epic
2015-03-06 10:24 - 2015-03-06 10:24 - 00001200 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2015-03-06 10:24 - 2015-03-06 10:24 - 00001188 _____ () C:\Users\Marek\Epic Games Launcher.lnk
2015-03-06 10:11 - 2015-03-06 10:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-05 21:01 - 2015-03-05 21:01 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-05 21:01 - 2015-03-05 21:01 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-05 20:38 - 2015-03-05 20:38 - 00380416 _____ () C:\Users\Marek\Downloads\GMER.exe
2015-03-05 20:29 - 2015-03-05 20:29 - 00243496 _____ () C:\Users\Marek\Downloads\Firefox Setup Stub 36.0.exe
2015-03-05 19:40 - 2015-03-05 19:40 - 00000000 ____D () C:\KVRT_Data
2015-03-05 17:52 - 2015-03-05 17:52 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-05 17:52 - 2015-03-05 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-05 17:52 - 2015-03-05 17:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-05 17:52 - 2014-11-21 06:23 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-05 17:52 - 2014-11-21 06:23 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-05 17:50 - 2015-03-12 12:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-05 17:50 - 2015-03-05 17:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-05 17:50 - 2014-11-21 06:23 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-04 22:28 - 2015-03-05 10:52 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2015-03-04 21:07 - 2015-03-04 21:07 - 15566936 _____ () C:\Users\Marek\Downloads\RogueKiller.exe
2015-03-04 21:01 - 2015-03-04 21:01 - 00000000 ____D () C:\Users\Marek\Desktop\Stare dane programu Firefox
2015-03-04 20:59 - 2015-03-04 20:59 - 00003224 _____ () C:\Windows\System32\Tasks\{8F129C33-F3CF-40C4-82F8-A713F2562375}
2015-03-04 20:20 - 2015-03-04 20:20 - 01204159 _____ () C:\Users\Marek\Downloads\v2_03_12_build.rar
2015-03-04 19:51 - 2015-03-04 19:52 - 00010640 _____ () C:\Windows\SysWOW64\BasementDuster.ini
2015-03-04 19:51 - 2015-03-04 19:52 - 00008544 _____ () C:\Windows\SysWOW64\BasementDusterOff.ini
2015-03-04 19:51 - 2015-03-04 19:52 - 00008544 _____ () C:\Windows\system32\BasementDusterOff.ini
2015-03-04 19:46 - 2015-03-06 09:45 - 00007642 _____ () C:\Windows\PFRO.log
2015-03-04 19:34 - 2015-03-04 21:15 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-04 18:20 - 2015-03-04 19:10 - 00001730 _____ () C:\Users\Public\Desktop\Counter-Strike 1.6 v48.lnk
2015-03-04 18:20 - 2015-03-04 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 v48
2015-03-04 18:18 - 2015-03-04 18:18 - 00000000 ____D () C:\Gry
2015-03-04 17:48 - 2015-03-04 17:48 - 00000000 ____D () C:\Users\Marek\AppData\Local\Steam
2015-02-28 20:52 - 2015-02-28 20:52 - 00000000 ____D () C:\LGE400
2015-02-27 19:02 - 2015-02-27 19:35 - 00000000 ____D () C:\Users\Marek\Desktop\zdjecia mieszkania ogłoszenie
2015-02-27 18:13 - 2015-03-12 14:05 - 00081914 _____ () C:\Windows\setupact.log
2015-02-27 18:13 - 2015-02-27 18:13 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-27 18:12 - 2015-02-27 18:12 - 00035482 _____ () C:\Users\Marek\Documents\cc_20150227_181227.reg
2015-02-27 18:07 - 2015-02-27 18:07 - 00000000 ____D () C:\Users\Marek\AppData\Local\Qualcomm Atheros
2015-02-27 18:04 - 2015-02-27 22:58 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Atheros
2015-02-27 18:04 - 2015-02-27 18:06 - 00000000 ____D () C:\ProgramData\Atheros
2015-02-27 17:57 - 2015-02-27 17:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2015-02-26 21:19 - 2015-02-26 21:19 - 00045218 _____ () C:\Users\Marek\Desktop\Mazury.pptx
2015-02-26 20:28 - 2015-02-26 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-02-26 20:25 - 2015-02-26 20:25 - 00000000 ___RD () C:\MSOCache
2015-02-26 18:53 - 2015-02-26 18:53 - 00001256 _____ () C:\Users\Marek\Desktop\msconfig.exe — skrót.lnk
2015-02-24 17:59 - 2015-02-24 15:15 - 00007946 _____ () C:\Users\Marek\AppData\Roaming\PStrip.bko
2015-02-24 15:15 - 2015-02-23 23:08 - 00008065 _____ () C:\Users\Marek\AppData\Roaming\PStrip.bk!
2015-02-24 15:00 - 2015-02-24 15:15 - 00007946 _____ () C:\Users\Marek\AppData\Roaming\PStrip.bak
2015-02-23 22:51 - 2015-02-23 22:51 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NEC Display Solutions
2015-02-23 22:49 - 2015-02-23 22:51 - 00000000 ____D () C:\Program Files (x86)\NEC DISPLAY SOLUTIONS
2015-02-23 22:15 - 2015-02-24 18:10 - 00008044 _____ () C:\Users\Marek\AppData\Roaming\PStrip.ini
2015-02-23 22:12 - 2006-09-30 10:36 - 00013008 _____ () C:\Windows\system32\Drivers\pstrip64.sys
2015-02-23 20:46 - 2015-02-28 20:51 - 00000831 _____ () C:\Users\Marek\Desktop\LGMobile Support Tool.lnk
2015-02-23 15:36 - 2015-02-23 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewSonic Corporation
2015-02-23 15:36 - 2015-02-23 15:36 - 00000000 ____D () C:\Program Files (x86)\ViewSonic Corporation
2015-02-23 15:36 - 1998-12-14 14:29 - 00013192 _____ () C:\Windows\SysWOW64\GETEDID.DLL
2015-02-23 15:36 - 1998-06-24 00:00 - 00203576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX
2015-02-23 15:36 - 1998-06-12 12:23 - 00031152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMPfcc6.rra
2015-02-23 15:36 - 1995-08-15 00:00 - 00935632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40016.dll
2015-02-23 15:36 - 1995-08-15 00:00 - 00536048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Oc25.dll
2015-02-22 22:51 - 2015-02-27 17:59 - 00000000 ____D () C:\Program Files\Common Files\QCA_Bluetooth
2015-02-21 13:52 - 2015-02-21 13:52 - 00000945 _____ () C:\Users\Marek\Desktop\Far Cry 4.lnk
2015-02-21 13:52 - 2015-02-21 13:52 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Far Cry 4
2015-02-20 22:17 - 2015-03-03 14:33 - 00000873 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-02-20 22:17 - 2015-02-20 22:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-02-20 22:17 - 2015-02-20 22:17 - 00000000 ____D () C:\Program Files\CPUID
2015-02-20 22:15 - 2015-02-21 20:35 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\NVIDIA
2015-02-20 22:15 - 2015-02-20 22:15 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2015-02-20 22:15 - 2015-02-20 22:15 - 00000000 ____D () C:\Program Files (x86)\GPU-Z
2015-02-20 21:04 - 2015-02-20 21:04 - 00000000 ____D () C:\Users\Marek\Documents\Assassin's Creed Unity
2015-02-20 18:22 - 2015-02-20 18:22 - 00000000 ____D () C:\Users\Marek\Desktop\PROPHIO
2015-02-19 19:23 - 2015-02-19 19:23 - 00000952 _____ () C:\Users\Marek\Desktop\Crysis 3.lnk
2015-02-19 19:23 - 2015-02-19 19:23 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Crysis 3
2015-02-19 19:06 - 2015-02-05 18:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-19 19:05 - 2015-02-05 22:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-19 19:05 - 2015-02-05 22:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-19 19:05 - 2015-02-05 22:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-19 18:38 - 2015-02-05 22:01 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-02-19 18:38 - 2015-02-05 22:01 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-02-19 18:38 - 2015-02-05 20:07 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-19 18:38 - 2015-02-05 20:07 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-19 18:38 - 2015-02-05 20:07 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-19 18:38 - 2015-02-05 20:07 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-19 18:38 - 2015-02-05 20:07 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-19 18:38 - 2015-02-05 20:06 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-19 18:38 - 2015-02-05 13:50 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin
2015-02-19 17:58 - 2007-08-07 03:08 - 00010727 _____ () C:\Windows\system32\Drivers\nl19wv.cat
2015-02-19 17:58 - 2007-08-01 23:13 - 00000520 ____R () C:\Windows\system32\Drivers\nl19wv.icm
2015-02-18 23:52 - 2015-02-19 17:43 - 00000000 ____D () C:\Users\Marek\AppData\Local\NVIDIA
2015-02-18 23:49 - 2015-02-19 19:07 - 00001307 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-02-18 23:49 - 2015-02-19 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-18 23:49 - 2015-02-18 23:49 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-02-18 23:49 - 2015-02-05 22:01 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-02-18 23:49 - 2015-02-05 22:01 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-02-18 23:49 - 2015-02-05 22:01 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-02-18 23:49 - 2015-02-05 22:01 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-02-18 23:47 - 2015-02-05 22:01 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-02-18 23:47 - 2015-02-05 22:01 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-02-18 23:47 - 2015-02-05 22:01 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-02-18 23:47 - 2015-02-05 22:01 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-02-18 23:47 - 2015-02-05 22:01 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-02-18 23:47 - 2015-02-05 22:01 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-02-13 15:59 - 2015-02-13 15:59 - 00001600 _____ () C:\Users\Marek\Desktop\Besiege_v0.03.lnk
2015-02-11 19:58 - 2015-02-11 19:58 - 00001546 _____ () C:\Users\Marek\AppData\Local\recently-used.xbel
2015-02-10 20:40 - 2015-02-10 20:40 - 00001249 _____ () C:\Users\Marek\Desktop\Subtitle Edit.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-12 12:36 - 2011-08-19 06:40 - 00000000 ____D () C:\Users\Marek\AppData\Local\CrashDumps
2015-03-12 12:36 - 2009-07-14 18:55 - 00902192 _____ () C:\Windows\system32\perfh015.dat
2015-03-12 12:36 - 2009-07-14 18:55 - 00219538 _____ () C:\Windows\system32\perfc015.dat
2015-03-12 12:36 - 2009-07-14 06:13 - 02114674 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-12 12:34 - 2014-11-30 14:01 - 01521869 _____ () C:\Windows\WindowsUpdate.log
2015-03-12 12:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-12 12:30 - 2012-04-30 14:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-12 12:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-11 22:13 - 2014-05-27 18:29 - 00003966 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0073EAE8-2EA2-4CF8-B16D-E9E476343F9F}
2015-03-11 21:36 - 2014-03-03 08:29 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\BitTorrent
2015-03-11 20:10 - 2011-10-14 13:39 - 00000000 ____D () C:\Users\Marek\AppData\Local\PasswordSafe
2015-03-10 18:54 - 2012-03-22 21:26 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Skype
2015-03-09 11:01 - 2011-10-14 13:39 - 00000000 ____D () C:\Users\Marek\Documents\My Safes
2015-03-08 19:01 - 2014-09-01 16:54 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Mp3tag
2015-03-07 22:19 - 2012-02-14 13:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-03-07 20:55 - 2013-03-01 17:53 - 00000000 ____D () C:\ProgramData\Origin
2015-03-07 18:33 - 2014-02-06 14:40 - 00000000 ___RD () C:\Users\Marek\Desktop\Emilka
2015-03-07 15:46 - 2013-08-17 15:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-06 13:29 - 2013-02-13 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-06 10:39 - 2011-08-15 19:32 - 00000000 ____D () C:\Users\Marek
2015-03-05 18:19 - 2011-08-15 19:43 - 00359992 _____ () C:\Users\Marek\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-05 18:18 - 2009-07-14 05:45 - 07441440 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-05 18:17 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2015-03-05 17:43 - 2014-09-24 19:50 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-04 21:40 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-04 21:38 - 2014-04-14 08:49 - 00000000 ____D () C:\Program Files (x86)\Accord
2015-03-04 21:38 - 2011-04-24 20:42 - 00000000 ____D () C:\zdjęcia tel
2015-03-04 21:18 - 2015-01-18 12:42 - 00000000 ____D () C:\AdwCleaner
2015-03-04 19:58 - 2009-07-14 03:34 - 00000997 _____ () C:\Windows\win.ini
2015-03-04 19:41 - 2012-09-13 19:37 - 00001123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-28 20:51 - 2012-01-13 10:18 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini
2015-02-28 13:15 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-27 18:11 - 2011-08-15 22:18 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\DAEMON Tools Lite
2015-02-27 18:01 - 2009-07-14 05:45 - 00023632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-27 18:01 - 2009-07-14 05:45 - 00023632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-27 17:59 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-27 17:57 - 2012-03-18 13:06 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2015-02-27 16:50 - 2014-10-01 16:57 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-27 16:50 - 2012-03-22 21:26 - 00000000 ____D () C:\ProgramData\Skype
2015-02-26 20:28 - 2012-04-13 23:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-26 20:28 - 2011-09-17 07:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-26 20:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-26 20:26 - 2013-01-14 13:27 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-02-26 20:26 - 2009-07-14 19:09 - 00000000 ____D () C:\Windows\ShellNew
2015-02-26 18:54 - 2011-12-20 22:08 - 00000598 __RSH () C:\Users\Marek\ntuser.pol
2015-02-25 21:10 - 2014-07-30 18:30 - 00000000 ____D () C:\Users\Marek\Documents\FIFA 14
2015-02-23 20:47 - 2012-01-13 10:17 - 00000000 ____D () C:\ProgramData\LGMOBILEAX
2015-02-23 15:36 - 2011-08-17 00:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-21 13:52 - 2015-01-19 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-02-21 09:55 - 2012-02-14 13:04 - 00000000 ____D () C:\Users\Marek\AppData\Local\Thunderbird
2015-02-20 21:07 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-20 21:04 - 2012-12-25 20:19 - 00000000 ____D () C:\ProgramData\Orbit
2015-02-20 16:18 - 2015-01-17 14:26 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Tropico 5
2015-02-20 16:06 - 2011-12-25 02:00 - 00000000 ___RD () C:\Users\Marek\Brat
2015-02-19 22:35 - 2013-06-07 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remember Me
2015-02-19 20:14 - 2012-07-13 14:22 - 00000000 ____D () C:\Users\Marek\AppData\Local\Skyrim
2015-02-19 19:05 - 2012-04-30 14:19 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-19 18:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-02-19 18:37 - 2012-04-30 14:19 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-19 18:37 - 2011-08-17 00:47 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-18 23:53 - 2013-11-19 21:36 - 00000000 ____D () C:\Users\Marek\AppData\Local\NVIDIA Corporation
2015-02-18 23:23 - 2011-08-17 00:00 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-15 21:27 - 2014-12-09 19:07 - 00000000 ____D () C:\Users\Marek\Desktop\Pulpit
2015-02-13 15:58 - 2012-03-19 21:54 - 00000000 ____D () C:\games
2015-02-11 20:03 - 2014-02-03 21:43 - 00000000 ____D () C:\Users\Marek\.gimp-2.8
2015-02-10 20:40 - 2012-12-23 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2015-02-10 20:40 - 2012-12-23 21:49 - 00000000 ____D () C:\Program Files (x86)\Subtitle Edit

==================== Files in the root of some directories =======

2014-04-20 01:38 - 2014-04-20 01:38 - 0000288 _____ () C:\Users\Marek\AppData\Roaming\.backup.dm
2012-08-06 23:23 - 2014-02-21 01:07 - 0002298 _____ () C:\Users\Marek\AppData\Roaming\ASSDraw3.cfg
2013-02-14 22:10 - 2013-02-14 22:11 - 0000000 _____ () C:\Users\Marek\AppData\Roaming\bitlord_log.txt
2011-08-27 12:21 - 2012-10-22 10:42 - 0000029 _____ () C:\Users\Marek\AppData\Roaming\default.rss
2012-10-22 10:41 - 2012-10-22 10:41 - 0000000 _____ () C:\Users\Marek\AppData\Roaming\downloads.m3u
2012-09-13 17:32 - 2012-09-13 17:32 - 0000995 _____ () C:\Users\Marek\AppData\Roaming\DVDSubEdit.ini
2012-09-22 22:36 - 2012-10-02 19:10 - 0000132 _____ () C:\Users\Marek\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP
2014-02-15 19:25 - 2014-06-25 12:01 - 0000132 _____ () C:\Users\Marek\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
2015-02-24 15:00 - 2015-02-24 15:15 - 0007946 _____ () C:\Users\Marek\AppData\Roaming\PStrip.bak
2015-02-24 15:15 - 2015-02-23 23:08 - 0008065 _____ () C:\Users\Marek\AppData\Roaming\PStrip.bk!
2015-02-24 17:59 - 2015-02-24 15:15 - 0007946 _____ () C:\Users\Marek\AppData\Roaming\PStrip.bko
2015-02-23 22:15 - 2015-02-24 18:10 - 0008044 _____ () C:\Users\Marek\AppData\Roaming\PStrip.ini
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Marek\AppData\Roaming\PT
2012-05-18 04:17 - 2012-06-25 18:01 - 0000310 _____ () C:\Users\Marek\AppData\Roaming\regdatels.dat
2011-08-24 20:25 - 2011-08-24 20:25 - 0013734 _____ () C:\Users\Marek\AppData\Roaming\UserTile.png
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Marek\AppData\Roaming\VJ
2013-09-05 18:09 - 2013-09-05 18:09 - 0000055 _____ () C:\Users\Marek\AppData\Roaming\WB.CFG
2013-09-05 18:09 - 2013-09-05 18:09 - 0000005 _____ () C:\Users\Marek\AppData\Roaming\WBPU-TTL.DAT
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Marek\AppData\Roaming\WUUQGY
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Marek\AppData\Roaming\ZNJT
2012-10-06 13:12 - 2012-10-06 13:12 - 0001496 _____ () C:\Users\Marek\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
2014-02-17 16:52 - 2014-04-14 08:30 - 0000149 _____ () C:\Users\Marek\AppData\Local\BvCVTAfEFLcTfo5q2WAdGHVdWD496UF3Ia1
2011-11-28 23:09 - 2015-01-29 15:22 - 0034816 _____ () C:\Users\Marek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-10 20:05 - 2012-02-01 19:44 - 0004096 _____ () C:\Users\Marek\AppData\Local\keyfile3.drm
2012-03-07 20:06 - 2012-03-07 20:06 - 0000001 _____ () C:\Users\Marek\AppData\Local\llftool.4.25.agreement
2015-02-11 19:58 - 2015-02-11 19:58 - 0001546 _____ () C:\Users\Marek\AppData\Local\recently-used.xbel
2011-08-17 01:33 - 2011-10-07 14:38 - 0007605 _____ () C:\Users\Marek\AppData\Local\resmon.resmoncfg
2008-02-05 13:28 - 2008-02-05 13:28 - 0000051 _____ () C:\Users\Marek\AppData\Local\setup.txt
2011-12-21 08:12 - 2011-12-21 08:12 - 0038215 _____ () C:\ProgramData\bdinstall.bin
2011-12-04 13:58 - 2011-12-04 13:58 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-02-21 01:12 - 2014-02-21 01:12 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2014-02-21 01:11 - 2014-02-21 01:11 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2014-02-21 01:11 - 2014-02-21 01:11 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT
2015-01-18 12:25 - 2015-01-18 12:25 - 0000040 _____ () C:\ProgramData\ra3.ini
2013-06-04 15:37 - 2013-06-04 15:37 - 0000012 _____ () C:\ProgramData\svcnet2.cfg
2013-06-04 15:38 - 2013-06-04 18:39 - 0006186 _____ () C:\ProgramData\svcnet2.inc
2013-06-04 15:37 - 2013-06-04 18:39 - 0002433 _____ () C:\ProgramData\svcnet2.txt

Files to move or delete:
====================
C:\Users\Marek\storage.dat
C:\Users\Marek\AppData\Roaming\Origin\update.vbe


Some content of TEMP:
====================
C:\Users\Marek\AppData\Local\Temp\dllnt_dump.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-15 14:03

==================== End Of Log ============================