Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Marek (administrator) on MAREK-PC on 20-03-2015 22:34:15 Running from C:\Users\Marek\Desktop\diagnostyka Loaded Profiles: Marek (Available profiles: Marek & DefaultAppPool) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Users\Marek\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-02-05] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation) HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-11-25] (ASUSTeK Computer Inc.) HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2010-11-08] (ASUSTek Computer Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3251776730-861767313-4254609882-1000\...\Policies\system: [DisableChangePassword] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled () ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers: [Uchwyt nakładania ikony podpisu cyfrowego] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2013-03-21] (EJIE Technology) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll No File BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll No File Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2012-12-20] (Microsoft Corporation) Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll [2012-12-20] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 31.11.202.254 37.8.214.2 FireFox: ======== FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\u672s3gb.default-1425499287904 FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC) FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-07-06] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll No File FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( ) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation) FF Plugin HKU\S-1-5-21-3251776730-861767313-4254609882-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Marek\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin HKU\S-1-5-21-3251776730-861767313-4254609882-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Marek\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin HKU\S-1-5-21-3251776730-861767313-4254609882-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3251776730-861767313-4254609882-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-11] () FF Extension: Screengrab (fix version) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\u672s3gb.default-1425499287904\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2015-03-05] FF Extension: Flagfox - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\u672s3gb.default-1425499287904\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2015-03-04] FF Extension: Download Status Bar - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\u672s3gb.default-1425499287904\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-03-04] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-07-04] Chrome: ======= CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-20] CHR Extension: (Google Docs) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-31] CHR Extension: (Google Drive) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-31] CHR Extension: (YouTube) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-31] CHR Extension: (Google Search) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-31] CHR Extension: (Google Sheets) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-20] CHR Extension: (Google Wallet) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-31] CHR Extension: (Gmail) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-31] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] () R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] () R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-05] (NVIDIA Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-05] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-07] (Electronic Arts) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-11-23] () S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2011-08-17] () [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-10-07] (MCCI Corporation) S3 awUSB; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [18392 2013-01-25] (Scott) R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros) S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation) S3 CXSONORA64; C:\Windows\System32\drivers\VMTVE88x64.sys [483712 2010-06-14] (Compro Technology., Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-18] (Disc Soft Ltd) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [27456 2012-07-09] (Intel Corporation) S2 Kmm4xNT; C:\Windows\SysWow64\Drivers\Kmm4xNT.sys [95484 2000-11-25] (DATOM Dariusz Cielebąk) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-20] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-05] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation) S3 PRODIGY; C:\Windows\System32\Drivers\PRODIGY.SYS [32377 2006-08-29] (B-phreaks) [File not signed] S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited) S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-06-27] (RapidSolution Software AG) R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-06-27] (RapidSolution Software AG) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-18] (Duplex Secure Ltd.) S3 ULCDRHlp; C:\Windows\SysWOW64\Drivers\ULCDRHlp.sys [27232 2004-08-11] (Ulead Systems, Inc.) [File not signed] S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation) S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [18392 2013-01-25] (Scott) S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [198784 2009-05-25] (Vimicro Corporation) S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation) U3 aoc2kc2q; No ImagePath S3 cpuz138; \??\C:\Users\Marek\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-20 22:32 - 2015-03-20 22:32 - 00000000 ___RD () C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2015-03-20 18:19 - 2015-03-20 18:19 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\4E0A4C1B.sys 2015-03-19 13:23 - 2015-03-19 13:23 - 00002184 _____ () C:\Users\Marek\AppData\Local\recently-used.xbel 2015-03-18 19:35 - 2015-03-18 21:58 - 03481442 _____ () C:\Users\Marek\Desktop\Walory turystyczne wybranego regionu Polski - Michał Arnold.pptx 2015-03-18 15:19 - 2015-03-13 16:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-03-18 15:17 - 2015-03-13 20:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-03-18 15:17 - 2015-03-13 20:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-03-18 15:17 - 2015-03-13 20:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-03-12 20:53 - 2015-03-12 20:53 - 00000000 ____D () C:\Windows\pss 2015-03-12 15:37 - 2015-03-20 22:34 - 00000000 ____D () C:\Users\Marek\Desktop\diagnostyka 2015-03-12 14:11 - 2015-03-20 22:34 - 00000000 ____D () C:\FRST 2015-03-09 16:52 - 2015-03-09 16:52 - 00000000 ____D () C:\Users\Marek\AppData\Local\UnrealEngineLauncher 2015-03-07 19:17 - 2015-03-07 19:18 - 00000000 ____D () C:\Users\Marek\Desktop\pieprzone ogłoszeniqa 2015-03-06 10:43 - 2015-03-06 10:43 - 00000000 ____D () C:\Users\Marek\Documents\UnrealTournament 2015-03-06 10:25 - 2015-03-06 10:25 - 00000363 _____ () C:\Windows\DirectX.log 2015-03-06 10:25 - 2015-03-06 10:25 - 00000000 ____D () C:\Users\Marek\AppData\Local\EpicGamesLauncher 2015-03-06 10:24 - 2015-03-09 16:56 - 00000000 ____D () C:\Program Files\Epic Games 2015-03-06 10:24 - 2015-03-09 16:52 - 00000000 ____D () C:\ProgramData\Epic 2015-03-06 10:24 - 2015-03-06 10:24 - 00001200 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2015-03-06 10:24 - 2015-03-06 10:24 - 00001188 _____ () C:\Users\Marek\Epic Games Launcher.lnk 2015-03-06 10:11 - 2015-03-06 10:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-05 21:01 - 2015-03-05 21:01 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-03-05 21:01 - 2015-03-05 21:01 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-03-05 19:40 - 2015-03-05 19:40 - 00000000 ____D () C:\KVRT_Data 2015-03-05 17:52 - 2015-03-05 17:52 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-03-05 17:52 - 2015-03-05 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-03-05 17:52 - 2015-03-05 17:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-03-05 17:52 - 2014-11-21 06:23 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-05 17:52 - 2014-11-21 06:23 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-05 17:50 - 2015-03-20 22:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-05 17:50 - 2015-03-05 17:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-03-05 17:50 - 2014-11-21 06:23 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-04 19:46 - 2015-03-20 22:28 - 00008218 _____ () C:\Windows\PFRO.log 2015-03-04 18:20 - 2015-03-04 19:10 - 00001730 _____ () C:\Users\Public\Desktop\Counter-Strike 1.6 v48.lnk 2015-03-04 18:20 - 2015-03-04 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 v48 2015-03-04 18:18 - 2015-03-04 18:18 - 00000000 ____D () C:\Gry 2015-03-04 17:48 - 2015-03-04 17:48 - 00000000 ____D () C:\Users\Marek\AppData\Local\Steam 2015-02-28 20:52 - 2015-02-28 20:52 - 00000000 ____D () C:\LGE400 2015-02-27 19:02 - 2015-03-19 13:05 - 00000000 ____D () C:\Users\Marek\Desktop\zdjecia mieszkania ogłoszenie 2015-02-27 18:13 - 2015-03-20 22:33 - 00136729 _____ () C:\Windows\setupact.log 2015-02-27 18:13 - 2015-02-27 18:13 - 00000000 _____ () C:\Windows\setuperr.log 2015-02-27 18:12 - 2015-02-27 18:12 - 00035482 _____ () C:\Users\Marek\Documents\cc_20150227_181227.reg 2015-02-27 18:07 - 2015-02-27 18:07 - 00000000 ____D () C:\Users\Marek\AppData\Local\Qualcomm Atheros 2015-02-27 18:04 - 2015-02-27 22:58 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Atheros 2015-02-27 18:04 - 2015-02-27 18:06 - 00000000 ____D () C:\ProgramData\Atheros 2015-02-27 17:57 - 2015-02-27 17:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program 2015-02-26 21:19 - 2015-02-26 21:19 - 00045218 _____ () C:\Users\Marek\Desktop\Mazury.pptx 2015-02-26 20:28 - 2015-02-26 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-02-26 20:25 - 2015-02-26 20:25 - 00000000 ___RD () C:\MSOCache 2015-02-26 18:53 - 2015-02-26 18:53 - 00001256 _____ () C:\Users\Marek\Desktop\msconfig.exe — skrót.lnk 2015-02-24 17:59 - 2015-02-24 15:15 - 00007946 _____ () C:\Users\Marek\AppData\Roaming\PStrip.bko 2015-02-24 15:15 - 2015-02-23 23:08 - 00008065 _____ () C:\Users\Marek\AppData\Roaming\PStrip.bk! 2015-02-24 15:00 - 2015-02-24 15:15 - 00007946 _____ () C:\Users\Marek\AppData\Roaming\PStrip.bak 2015-02-23 22:51 - 2015-02-23 22:51 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NEC Display Solutions 2015-02-23 22:49 - 2015-02-23 22:51 - 00000000 ____D () C:\Program Files (x86)\NEC DISPLAY SOLUTIONS 2015-02-23 22:15 - 2015-02-24 18:10 - 00008044 _____ () C:\Users\Marek\AppData\Roaming\PStrip.ini 2015-02-23 22:12 - 2006-09-30 10:36 - 00013008 _____ () C:\Windows\system32\Drivers\pstrip64.sys 2015-02-23 20:46 - 2015-02-28 20:51 - 00000831 _____ () C:\Users\Marek\Desktop\LGMobile Support Tool.lnk 2015-02-23 15:36 - 2015-02-23 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewSonic Corporation 2015-02-23 15:36 - 2015-02-23 15:36 - 00000000 ____D () C:\Program Files (x86)\ViewSonic Corporation 2015-02-23 15:36 - 1998-12-14 14:29 - 00013192 _____ () C:\Windows\SysWOW64\GETEDID.DLL 2015-02-23 15:36 - 1998-06-24 00:00 - 00203576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX 2015-02-23 15:36 - 1998-06-12 12:23 - 00031152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMPfcc6.rra 2015-02-23 15:36 - 1995-08-15 00:00 - 00935632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40016.dll 2015-02-23 15:36 - 1995-08-15 00:00 - 00536048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Oc25.dll 2015-02-22 22:51 - 2015-02-27 17:59 - 00000000 ____D () C:\Program Files\Common Files\QCA_Bluetooth 2015-02-21 13:52 - 2015-02-21 13:52 - 00000945 _____ () C:\Users\Marek\Desktop\Far Cry 4.lnk 2015-02-21 13:52 - 2015-02-21 13:52 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Far Cry 4 2015-02-20 22:17 - 2015-03-03 14:33 - 00000873 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2015-02-20 22:17 - 2015-02-20 22:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2015-02-20 22:17 - 2015-02-20 22:17 - 00000000 ____D () C:\Program Files\CPUID 2015-02-20 22:15 - 2015-02-21 20:35 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\NVIDIA 2015-02-20 22:15 - 2015-02-20 22:15 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z 2015-02-20 22:15 - 2015-02-20 22:15 - 00000000 ____D () C:\Program Files (x86)\GPU-Z 2015-02-20 21:04 - 2015-02-20 21:04 - 00000000 ____D () C:\Users\Marek\Documents\Assassin's Creed Unity 2015-02-20 18:22 - 2015-02-20 18:22 - 00000000 ____D () C:\Users\Marek\Desktop\PROPHIO 2015-02-19 19:23 - 2015-02-19 19:23 - 00000952 _____ () C:\Users\Marek\Desktop\Crysis 3.lnk 2015-02-19 19:23 - 2015-02-19 19:23 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Crysis 3 2015-02-19 19:05 - 2015-03-13 20:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-02-19 19:05 - 2015-03-13 20:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-02-19 19:05 - 2015-02-05 22:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll 2015-02-19 19:05 - 2015-02-05 22:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll 2015-02-19 18:38 - 2015-03-13 20:41 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-02-19 18:38 - 2015-03-13 20:41 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-02-19 18:38 - 2015-03-13 17:16 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-02-19 18:38 - 2015-03-13 17:16 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-02-19 18:38 - 2015-03-13 17:16 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-02-19 18:38 - 2015-03-13 17:16 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-02-19 18:38 - 2015-03-13 17:16 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-02-19 18:38 - 2015-03-13 17:16 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-02-19 18:38 - 2015-03-11 14:10 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin 2015-02-19 17:58 - 2007-08-07 03:08 - 00010727 _____ () C:\Windows\system32\Drivers\nl19wv.cat 2015-02-19 17:58 - 2007-08-01 23:13 - 00000520 ____R () C:\Windows\system32\Drivers\nl19wv.icm 2015-02-18 23:52 - 2015-02-19 17:43 - 00000000 ____D () C:\Users\Marek\AppData\Local\NVIDIA 2015-02-18 23:49 - 2015-03-18 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-02-18 23:49 - 2015-02-19 19:07 - 00001307 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2015-02-18 23:49 - 2015-02-18 23:49 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2015-02-18 23:49 - 2015-02-05 22:01 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-02-18 23:49 - 2015-02-05 22:01 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-02-18 23:49 - 2015-02-05 22:01 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-02-18 23:49 - 2015-02-05 22:01 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-02-18 23:47 - 2015-02-05 22:01 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2015-02-18 23:47 - 2015-02-05 22:01 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2015-02-18 23:47 - 2015-02-05 22:01 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-02-18 23:47 - 2015-02-05 22:01 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-02-18 23:47 - 2015-02-05 22:01 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-02-18 23:47 - 2015-02-05 22:01 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-20 22:34 - 2014-11-30 14:01 - 01686436 _____ () C:\Windows\WindowsUpdate.log 2015-03-20 22:29 - 2012-04-30 14:20 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-03-20 22:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-20 22:26 - 2014-12-09 19:07 - 00000000 ____D () C:\Users\Marek\Desktop\Pulpit 2015-03-20 22:26 - 2013-08-17 15:17 - 00000000 ___HD () C:\Users\Marek\AppData\Roaming\Origin 2015-03-20 22:26 - 2012-01-08 10:18 - 00000000 ____D () C:\Users\Marek\Graphisoft 2015-03-20 22:26 - 2011-12-04 14:17 - 00000000 ____D () C:\Users\Marek\Documents\Inventor Server x64 AutoCAD 2012 Language Pack - English 2015-03-20 22:26 - 2011-12-04 13:44 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Autodesk 2015-03-20 22:26 - 2011-08-17 08:00 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2015-03-20 22:26 - 2011-08-15 19:32 - 00000000 ____D () C:\Users\Marek 2015-03-20 22:24 - 2014-03-03 08:29 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\BitTorrent 2015-03-20 22:16 - 2011-08-29 20:01 - 00000000 ____D () C:\Program Files (x86)\Java 2015-03-20 22:14 - 2011-08-16 02:46 - 00000000 ____D () C:\Windows\SysWOW64\Adobe 2015-03-20 22:11 - 2011-10-14 13:39 - 00000000 ____D () C:\Users\Marek\Documents\My Safes 2015-03-20 22:11 - 2011-10-14 13:39 - 00000000 ____D () C:\Users\Marek\AppData\Local\PasswordSafe 2015-03-20 20:28 - 2014-05-27 18:29 - 00003966 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0073EAE8-2EA2-4CF8-B16D-E9E476343F9F} 2015-03-19 21:21 - 2014-09-04 20:59 - 00000000 ____D () C:\Users\Marek\AppData\Local\Adobe 2015-03-19 13:26 - 2014-02-03 21:43 - 00000000 ____D () C:\Users\Marek\.gimp-2.8 2015-03-19 13:13 - 2015-02-01 18:45 - 00000000 ____D () C:\Users\Marek\Desktop\zdjęcia kreta 2015-03-19 13:07 - 2015-02-01 18:49 - 00000000 ____D () C:\Users\Marek\Desktop\swieta 12 2015-03-18 22:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-03-18 18:36 - 2014-02-06 14:40 - 00000000 ___RD () C:\Users\Marek\Desktop\Emilka 2015-03-18 15:17 - 2012-04-30 14:19 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-03-18 14:11 - 2014-09-01 16:54 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Mp3tag 2015-03-17 20:23 - 2009-07-14 18:55 - 00902192 _____ () C:\Windows\system32\perfh015.dat 2015-03-17 20:23 - 2009-07-14 18:55 - 00219538 _____ () C:\Windows\system32\perfc015.dat 2015-03-17 20:23 - 2009-07-14 06:13 - 02114674 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-17 19:26 - 2014-07-25 21:18 - 00000000 ____D () C:\Users\Marek\Desktop\Renualda Emilson 2015-03-16 18:21 - 2012-03-22 21:26 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Skype 2015-03-16 17:18 - 2013-02-05 22:39 - 00000000 ____D () C:\Users\Marek\Documents\BIMx 2015-03-13 20:41 - 2014-07-06 08:17 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-03-13 20:41 - 2014-07-06 08:17 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-03-13 20:41 - 2014-07-06 08:17 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-03-13 20:41 - 2014-07-06 08:17 - 00027441 _____ () C:\Windows\system32\nvinfo.pb 2015-03-12 12:36 - 2011-08-19 06:40 - 00000000 ____D () C:\Users\Marek\AppData\Local\CrashDumps 2015-03-07 22:19 - 2012-02-14 13:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2015-03-07 20:55 - 2013-03-01 17:53 - 00000000 ____D () C:\ProgramData\Origin 2015-03-07 15:46 - 2013-08-17 15:16 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-03-06 13:29 - 2013-02-13 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-05 18:19 - 2011-08-15 19:43 - 00359992 _____ () C:\Users\Marek\AppData\Local\GDIPFONTCACHEV1.DAT 2015-03-05 18:18 - 2009-07-14 05:45 - 07441440 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-05 18:17 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media 2015-03-04 21:40 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2015-03-04 21:38 - 2014-04-14 08:49 - 00000000 ____D () C:\Program Files (x86)\Accord 2015-03-04 21:38 - 2011-04-24 20:42 - 00000000 ____D () C:\zdjęcia tel 2015-03-04 21:18 - 2015-01-18 12:42 - 00000000 ____D () C:\AdwCleaner 2015-03-04 19:58 - 2009-07-14 03:34 - 00000997 _____ () C:\Windows\win.ini 2015-02-28 20:51 - 2012-01-13 10:18 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini 2015-02-28 13:15 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-02-27 18:11 - 2011-08-15 22:18 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\DAEMON Tools Lite 2015-02-27 18:01 - 2009-07-14 05:45 - 00023632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-27 18:01 - 2009-07-14 05:45 - 00023632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-27 17:59 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-02-27 17:57 - 2012-03-18 13:06 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite 2015-02-27 16:50 - 2014-10-01 16:57 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-02-27 16:50 - 2012-03-22 21:26 - 00000000 ____D () C:\ProgramData\Skype 2015-02-26 20:28 - 2012-04-13 23:32 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-26 20:28 - 2011-09-17 07:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2015-02-26 20:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-02-26 20:26 - 2013-01-14 13:27 - 00000000 ____D () C:\Program Files\Microsoft Office 2015-02-26 20:26 - 2009-07-14 19:09 - 00000000 ____D () C:\Windows\ShellNew 2015-02-26 18:54 - 2011-12-20 22:08 - 00000598 __RSH () C:\Users\Marek\ntuser.pol 2015-02-25 21:10 - 2014-07-30 18:30 - 00000000 ____D () C:\Users\Marek\Documents\FIFA 14 2015-02-23 20:47 - 2012-01-13 10:17 - 00000000 ____D () C:\ProgramData\LGMOBILEAX 2015-02-23 15:36 - 2011-08-17 00:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-02-21 13:52 - 2015-01-19 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2015-02-21 09:55 - 2012-02-14 13:04 - 00000000 ____D () C:\Users\Marek\AppData\Local\Thunderbird 2015-02-20 21:07 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-02-20 16:18 - 2015-01-17 14:26 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Tropico 5 2015-02-20 16:06 - 2011-12-25 02:00 - 00000000 ___RD () C:\Users\Marek\Brat 2015-02-19 22:35 - 2013-06-07 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remember Me 2015-02-19 20:14 - 2012-07-13 14:22 - 00000000 ____D () C:\Users\Marek\AppData\Local\Skyrim 2015-02-19 18:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help 2015-02-19 18:37 - 2012-04-30 14:19 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2015-02-19 18:37 - 2011-08-17 00:47 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-02-18 23:53 - 2013-11-19 21:36 - 00000000 ____D () C:\Users\Marek\AppData\Local\NVIDIA Corporation 2015-02-18 23:23 - 2011-08-17 00:00 - 00000000 ____D () C:\Program Files (x86)\Intel ==================== Files in the root of some directories ======= 2014-04-20 01:38 - 2014-04-20 01:38 - 0000288 _____ () C:\Users\Marek\AppData\Roaming\.backup.dm 2012-08-06 23:23 - 2014-02-21 01:07 - 0002298 _____ () C:\Users\Marek\AppData\Roaming\ASSDraw3.cfg 2011-08-27 12:21 - 2012-10-22 10:42 - 0000029 _____ () C:\Users\Marek\AppData\Roaming\default.rss 2012-10-22 10:41 - 2012-10-22 10:41 - 0000000 _____ () C:\Users\Marek\AppData\Roaming\downloads.m3u 2012-09-13 17:32 - 2012-09-13 17:32 - 0000995 _____ () C:\Users\Marek\AppData\Roaming\DVDSubEdit.ini 2012-09-22 22:36 - 2012-10-02 19:10 - 0000132 _____ () C:\Users\Marek\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP 2014-02-15 19:25 - 2014-06-25 12:01 - 0000132 _____ () C:\Users\Marek\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG 2015-02-24 15:00 - 2015-02-24 15:15 - 0007946 _____ () C:\Users\Marek\AppData\Roaming\PStrip.bak 2015-02-24 15:15 - 2015-02-23 23:08 - 0008065 _____ () C:\Users\Marek\AppData\Roaming\PStrip.bk! 2015-02-24 17:59 - 2015-02-24 15:15 - 0007946 _____ () C:\Users\Marek\AppData\Roaming\PStrip.bko 2015-02-23 22:15 - 2015-02-24 18:10 - 0008044 _____ () C:\Users\Marek\AppData\Roaming\PStrip.ini 2012-05-18 04:17 - 2012-06-25 18:01 - 0000310 _____ () C:\Users\Marek\AppData\Roaming\regdatels.dat 2011-08-24 20:25 - 2011-08-24 20:25 - 0013734 _____ () C:\Users\Marek\AppData\Roaming\UserTile.png 2013-09-05 18:09 - 2013-09-05 18:09 - 0000055 _____ () C:\Users\Marek\AppData\Roaming\WB.CFG 2013-09-05 18:09 - 2013-09-05 18:09 - 0000005 _____ () C:\Users\Marek\AppData\Roaming\WBPU-TTL.DAT 2012-10-06 13:12 - 2012-10-06 13:12 - 0001496 _____ () C:\Users\Marek\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs 2011-11-28 23:09 - 2015-01-29 15:22 - 0034816 _____ () C:\Users\Marek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-11-10 20:05 - 2012-02-01 19:44 - 0004096 _____ () C:\Users\Marek\AppData\Local\keyfile3.drm 2012-03-07 20:06 - 2012-03-07 20:06 - 0000001 _____ () C:\Users\Marek\AppData\Local\llftool.4.25.agreement 2015-03-19 13:23 - 2015-03-19 13:23 - 0002184 _____ () C:\Users\Marek\AppData\Local\recently-used.xbel 2011-08-17 01:33 - 2011-10-07 14:38 - 0007605 _____ () C:\Users\Marek\AppData\Local\resmon.resmoncfg 2011-12-04 13:58 - 2011-12-04 13:58 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2014-02-21 01:12 - 2014-02-21 01:12 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT 2014-02-21 01:11 - 2014-02-21 01:11 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT 2014-02-21 01:11 - 2014-02-21 01:11 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT 2015-01-18 12:25 - 2015-01-18 12:25 - 0000040 _____ () C:\ProgramData\ra3.ini ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-15 14:03 ==================== End Of Log ============================