Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2015 Ran by Daniel (administrator) on DANIEL-HP on 21-05-2015 21:10:54 Running from C:\Users\Daniel\Downloads Loaded Profiles: Daniel (Available profiles: Daniel & Classic .NET AppPool & DefaultAppPool) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (AMD) C:\Windows\System32\atieclxx.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe (Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe (Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (BitTorrent Inc.) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe (Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3\HDDC3Service.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe (CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-23308739-1893522827-1990450072-1001\...\Run: [uTorrent] => C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-06] (BitTorrent Inc.) HKU\S-1-5-21-23308739-1893522827-1990450072-1001\...\Run: [Spotify Web Helper] => C:\Users\Daniel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-05-04] (Spotify Ltd) HKU\S-1-5-21-23308739-1893522827-1990450072-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-18\...\RunOnce: [SIA2006] => C:\Program Files (x86)\Steganos Internet Anonym 2006\SIA2006.exe [3063808 2005-11-09] () Lsa: [Notification Packages] DPPassFilter scecli ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-23308739-1893522827-1990450072-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-23308739-1893522827-1990450072-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-23308739-1893522827-1990450072-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ SearchScopes: HKLM-x32 -> {5A836ECE-1745-46DD-9689-CBFC0FA5DB04} URL = http://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 -> {5E6893E6-0889-43A4-AC10-38C241CF0071} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-23308739-1893522827-1990450072-1001 -> {D67BA941-8AC5-41FA-A58F-C1A3D9FACC1B} URL = https://www.google.com/search?q={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO: No Name -> {FD6EF0F0-B46B-4CB2-839C-BBE569FAA859} -> No File BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-04-22] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-04-22] (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-08-17] (EasyBits Software Corp.) Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 Tcpip\..\Interfaces\{61045D06-73E4-4295-9616-EB65D0D97A98}: [NameServer] 10.1.1.0,10.1.1.100 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL No File FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2010-05-05] (Adobe Systems, Inc.) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-04-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-04-22] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL No File FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-29] (Nero AG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2014-11-22] Chrome: ======= CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-25] CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-25] CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-25] CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-25] CHR Extension: (uBlock Origin) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-04-25] CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-25] CHR Extension: (Google Sheets) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-25] CHR Extension: (Bookmark Manager) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-25] CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-25] CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-04-25] CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-25] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1517480 2015-04-15] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.) S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation) S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed] R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2015-05-12] (Macrovision Europe Ltd.) [File not signed] R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2015-05-12] (Macrovision Europe Ltd.) [File not signed] S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [File not signed] R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed] R2 HDDC3Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3\HDDC3Service.exe [324456 2014-12-17] () R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company) R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation) R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-16] (Electronic Arts) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-10] () R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed] R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12730048 2015-02-06] () S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation) S3 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe [223624 2014-06-16] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-04-22] (The OpenVPN Project) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [67040 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [52000 2015-01-09] (AVG Technologies) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2009-02-10] (EZB Systems, Inc.) R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner64.sys [14320 2014-03-20] () R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-03-10] (Razer, Inc.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-02-28] (Duplex Secure Ltd.) S1 StarPortLite; C:\Windows\System32\DRIVERS\StarPortLite.sys [109568 2008-01-16] (Rocket Division Software) R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-01-07] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.) S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [11304 2015-05-08] (wisecleaner.com) [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-21 21:12 - 2015-05-21 21:12 - 00602112 _____ (OldTimer Tools) C:\Users\Daniel\Downloads\OTL.exe 2015-05-21 21:10 - 2015-05-21 21:12 - 00020847 _____ () C:\Users\Daniel\Downloads\FRST.txt 2015-05-21 21:09 - 2015-05-21 21:11 - 00000000 ____D () C:\FRST 2015-05-21 21:09 - 2015-05-21 21:09 - 02108416 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe 2015-05-21 20:54 - 2015-05-21 20:54 - 00044544 ___SH () C:\Users\Daniel\Desktop\Thumbs.db 2015-05-21 18:02 - 2015-05-21 18:02 - 05170820 _____ () C:\Users\Daniel\Downloads\CCleaner Professional 5.00.5035 Beta + Crack.rar 2015-05-20 20:37 - 2015-05-20 20:48 - 104306688 _____ () C:\Users\Daniel\Desktop\OFFICE 2013 ISO.iso 2015-05-20 20:22 - 2015-05-20 20:48 - 00000000 ____D () C:\Users\Daniel\Desktop\OFFICE 2013 2015-05-19 16:27 - 2015-05-19 16:27 - 00056215 _____ () C:\Users\Daniel\Downloads\[Zodiac-Torrent.pl] Wiedzmin 2 Zabojcy Krolow Edycja Rozszerzona 2012 [Dubbing PL] [POLISH REPACK GTX BOX Team] [.iso] [marcinc33].torrent 2015-05-19 16:10 - 2015-05-19 16:10 - 00017053 _____ () C:\Users\Daniel\Downloads\[torrenty.pl] Haker - Blackhat -2015- [BRRip] [XviD-J25] [Lektor PL] [AgusiQ].torrent 2015-05-18 18:22 - 2015-05-18 18:22 - 00089499 _____ () C:\Users\Daniel\Downloads\[torrenty.pl] Wolfenstein- The Old Blood (2015) [MULTi6] [.iso] [CODEX].torrent 2015-05-18 18:15 - 2015-05-18 18:15 - 00013888 _____ () C:\Users\Daniel\Downloads\[torrenty.pl] Chrome OS Linux CD.iso.torrent 2015-05-18 17:57 - 2015-05-18 17:57 - 00041151 _____ () C:\Users\Daniel\Downloads\[torrenty.pl] Mac OS X Snow Leopard 10 6 7 ISO.torrent 2015-05-17 20:43 - 2015-05-21 20:48 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-17 20:43 - 2015-05-17 20:43 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-17 15:43 - 2015-05-17 15:53 - 111273672 _____ (Oracle Corporation) C:\Users\Daniel\Downloads\virtualbox.exe 2015-05-17 11:37 - 2015-05-17 11:40 - 842704896 _____ () C:\Users\Daniel\Desktop\OFFICE 2013 64 BIT.iso 2015-05-16 23:17 - 2015-05-17 13:45 - 00000000 ____D () C:\Users\Daniel\Desktop\Windows Hotfix Downloader 2015-05-14 19:27 - 2015-05-14 19:27 - 00000000 ____D () C:\ProgramData\Reflexive 2015-05-14 19:26 - 2015-05-14 19:26 - 00001116 _____ () C:\Users\Public\Desktop\Plants vs. Zombies.lnk 2015-05-14 19:26 - 2015-05-14 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies 2015-05-14 19:26 - 2015-05-14 19:26 - 00000000 ____D () C:\Program Files (x86)\Plants vs. Zombies 2015-05-14 19:24 - 2015-05-14 19:26 - 27549727 _____ () C:\Users\Daniel\Downloads\PlantsVsZombies.exe 2015-05-13 21:52 - 2015-05-13 21:52 - 00003130 _____ () C:\Windows\System32\Tasks\{90023F48-EE10-4190-A70E-44C158D87979} 2015-05-13 21:48 - 2015-05-13 21:50 - 37602760 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp68201.exe 2015-05-13 21:48 - 2015-05-13 21:48 - 02362496 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp57864 (1).exe 2015-05-13 21:25 - 2015-05-13 21:25 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\TuneUp Software 2015-05-13 21:22 - 2015-05-13 21:22 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Avg 2015-05-13 00:39 - 2010-10-12 17:49 - 00082432 _____ (TODO: ) C:\Windows\system32\HPMSVideo.dll 2015-05-13 00:29 - 2015-05-13 00:29 - 00003184 _____ () C:\Windows\System32\Tasks\MirageAgent 2015-05-13 00:22 - 2010-11-09 11:21 - 00082432 _____ (TODO: ) C:\Windows\system32\HPMSWebcam.dll 2015-05-13 00:08 - 2015-05-13 00:08 - 00003130 _____ () C:\Windows\System32\Tasks\{41368238-722B-47A1-9F18-15727E936CC4} 2015-05-13 00:01 - 2010-11-09 11:21 - 00082432 _____ (TODO: ) C:\Windows\system32\HPMSPhoto.dll 2015-05-12 23:47 - 2010-11-09 11:21 - 00082432 _____ (TODO: ) C:\Windows\system32\HPMSDVD.dll 2015-05-12 23:42 - 2010-11-09 11:21 - 00082432 _____ (TODO: ) C:\Windows\system32\HPMSMusic.dll 2015-05-12 23:39 - 2015-05-13 00:06 - 161300800 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp50497.exe 2015-05-12 23:27 - 2015-05-12 23:46 - 71252728 _____ (InstallShield Software Corporation ) C:\Users\Daniel\Downloads\sp50046.exe 2015-05-12 23:23 - 2015-05-13 00:02 - 159921856 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp50791.exe 2015-05-12 23:23 - 2015-05-13 00:00 - 148512560 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp51029.exe 2015-05-12 23:23 - 2015-05-12 23:39 - 58564464 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp50935.exe 2015-05-12 23:23 - 2015-05-12 23:36 - 45144288 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp51027.exe 2015-05-12 23:23 - 2015-05-12 23:27 - 14908552 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp50077.exe 2015-05-12 23:20 - 2015-05-12 23:20 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\InstallShield 2015-05-12 23:12 - 2015-05-12 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth 2015-05-12 23:12 - 2011-04-15 20:15 - 00009048 _____ (Motorola Solutions, Inc.) C:\Windows\system32\btmsstverschk.dll 2015-05-12 23:12 - 2011-02-22 18:33 - 00052736 _____ (Motorola Solutions, Inc.) C:\Windows\system32\Drivers\btmcom.sys 2015-05-12 23:11 - 2015-05-12 23:11 - 00000000 ____D () C:\Program Files\Motorola 2015-05-12 23:11 - 2011-03-23 12:08 - 00663936 _____ (Motorola Solutions, Inc.) C:\Windows\system32\Drivers\btmusb.sys 2015-05-12 23:11 - 2011-02-22 18:42 - 00326736 _____ (Motorola Solutions, Inc.) C:\Windows\system32\btmcls.dll 2015-05-12 23:06 - 2015-05-12 23:06 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared 2015-05-12 22:55 - 2015-05-12 22:56 - 02362496 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp57864.exe 2015-05-12 22:55 - 2015-05-12 22:55 - 01592920 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp52407.exe 2015-05-12 22:53 - 2015-05-12 23:02 - 51046824 _____ (Hewlett-Packard Company ) C:\Users\Daniel\Downloads\sp55063.exe 2015-05-12 22:53 - 2015-05-12 22:59 - 27476784 _____ (Hewlett-Packard Company ) C:\Users\Daniel\Downloads\sp54841.exe 2015-05-12 22:52 - 2015-05-12 22:58 - 25424520 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp52354.exe 2015-05-12 22:52 - 2015-05-12 22:55 - 10161592 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp48922.exe 2015-05-12 22:49 - 2015-05-12 22:49 - 00000000 ____D () C:\Intel 2015-05-12 22:48 - 2015-05-12 22:48 - 05940736 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp52353.exe 2015-05-12 22:48 - 2015-05-12 22:48 - 03192968 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp47397.exe 2015-05-12 22:48 - 2015-05-12 22:48 - 02424648 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp52355.exe 2015-05-12 22:47 - 2010-07-22 03:19 - 00646656 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll 2015-05-12 22:45 - 2010-07-22 03:19 - 01466880 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll 2015-05-12 22:45 - 2010-07-22 03:19 - 00515584 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys 2015-05-12 22:45 - 2010-07-22 03:19 - 00431616 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll 2015-05-12 22:44 - 2015-05-12 22:47 - 00000000 ____D () C:\Program Files\IDT 2015-05-12 22:42 - 2015-05-12 22:43 - 28194792 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp50642.exe 2015-05-12 22:42 - 2015-05-12 22:42 - 00000000 ____D () C:\Program Files\CONEXANT 2015-05-12 22:41 - 2015-05-12 22:41 - 03132968 _____ (Hewlett-Packard ) C:\Users\Daniel\Downloads\sp55461.exe 2015-05-12 22:33 - 2015-05-12 22:33 - 05197824 _____ () C:\Users\Daniel\Downloads\HPSupportSolutionsFramework-11.51.0049.msi 2015-05-11 00:18 - 2015-05-11 00:18 - 00000052 _____ () C:\Windows\system32\winpeshl.ini 2015-05-10 23:37 - 2010-07-22 03:19 - 12829184 _____ (IDT, Inc.) C:\Windows\system32\idtcpl64.cpl 2015-05-10 23:37 - 2010-07-22 03:19 - 01952256 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll 2015-05-10 23:37 - 2010-07-22 03:19 - 00487424 _____ (IDT, Inc.) C:\Windows\sttray64.exe 2015-05-10 23:37 - 2010-07-22 03:19 - 00220672 _____ (IDT, Inc.) C:\Windows\system32\HPToneCtrls64.dll 2015-05-10 23:37 - 2010-04-01 15:11 - 00162304 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll 2015-05-10 23:37 - 2009-10-10 01:45 - 00442368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll 2015-05-10 23:37 - 2009-03-03 02:58 - 00068608 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll 2015-05-10 23:37 - 2009-03-03 02:47 - 00090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll 2015-05-10 23:30 - 2010-07-22 03:19 - 00209920 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll 2015-05-08 14:57 - 2015-05-08 14:57 - 00011304 _____ (wisecleaner.com) C:\Windows\WiseHDInfo64.dll 2015-05-08 14:56 - 2015-05-08 14:57 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\WiseUpdate 2015-05-07 22:47 - 2015-05-07 22:47 - 00546464 _____ () C:\Users\Daniel\Downloads\Autoruns.zip 2015-05-07 22:47 - 2015-05-07 22:47 - 00000000 ____D () C:\Users\Daniel\Desktop\Autoruns 2015-05-07 15:58 - 2015-05-07 15:58 - 00000000 ____D () C:\Users\Daniel\Documents\Moje pokazy Corel Show 2015-05-07 15:58 - 2015-05-07 15:58 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Corel 2015-05-07 15:56 - 2015-05-07 15:58 - 00000000 ____D () C:\Users\Daniel\Documents\My PSP Files 2015-05-07 15:56 - 2015-05-07 15:57 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Corel 2015-05-07 15:51 - 2014-11-13 01:40 - 00001541 _____ () C:\Users\Daniel\Desktop\Visual Studio 2013.lnk 2015-05-06 22:36 - 2015-05-06 22:35 - 01078784 _____ () C:\Users\Daniel\Desktop\MicrosoftFixit50733.msi 2015-05-06 22:35 - 2015-05-06 22:35 - 01078784 _____ () C:\Users\Daniel\Downloads\MicrosoftFixit50733.msi 2015-05-06 22:00 - 2015-05-06 22:01 - 02947139 _____ () C:\Users\Daniel\Downloads\O15CTRRemove.diagcab 2015-05-06 21:48 - 2015-05-06 21:49 - 01184256 _____ () C:\Users\Daniel\Downloads\MicrosoftFixit50450.msi 2015-05-04 16:55 - 2015-05-04 16:56 - 00000000 ____D () C:\Users\Daniel\Downloads\Renderman 2015-05-04 16:54 - 2015-05-04 16:54 - 00000000 ____D () C:\Users\Daniel\Downloads\Antywirusy 2015-05-04 15:46 - 2015-05-04 15:46 - 00000000 ____D () C:\Users\Daniel\Documents\My ISO Files 2015-05-04 15:46 - 2015-05-04 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO 2015-05-04 15:46 - 2015-05-04 15:46 - 00000000 ____D () C:\Program Files (x86)\UltraISO 2015-05-03 00:01 - 2014-09-01 07:06 - 01474560 _____ () C:\Users\Daniel\Desktop\Windows95b.img 2015-05-02 21:52 - 2015-05-02 21:52 - 01474560 _____ () C:\Users\Daniel\Desktop\Dyskietka startowa (Bootdisk).IMA 2015-05-02 21:32 - 2015-05-02 21:32 - 00000000 ____D () C:\Users\Daniel\Desktop\Windows 95 [PL] [ISO] [Floppy] 2015-05-02 20:04 - 2015-05-02 20:04 - 00004978 _____ () C:\Users\Daniel\AppData\Local\mbt-actwiz.log 2015-05-01 18:05 - 2015-05-21 17:54 - 00734461 ____N () C:\Windows\WindowsUpdate.log 2015-05-01 18:03 - 2015-05-20 22:44 - 00135912 _____ () C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT 2015-05-01 17:28 - 2015-05-01 17:29 - 13087456 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\Silverlight_x64 (1).exe 2015-05-01 17:05 - 2015-05-01 17:06 - 13087456 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\Silverlight_x64.exe 2015-05-01 16:59 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-05-01 16:59 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-05-01 16:59 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-05-01 16:59 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-05-01 16:59 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll 2015-05-01 16:59 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2015-05-01 16:59 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe 2015-05-01 16:59 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-05-01 16:59 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-01 13:32 - 2015-05-01 13:32 - 06684672 _____ () C:\Users\Daniel\Downloads\Dataram_RAMDisk_4_4_0_RC33.msi 2015-05-01 13:26 - 2015-05-01 13:27 - 06610944 _____ () C:\Users\Daniel\Downloads\RAMDisk 4.4.0 RC 32 2015-05-01 13:16 - 2015-05-01 13:38 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Dataram_Corporation 2015-05-01 13:13 - 2015-05-01 13:13 - 07278592 _____ () C:\Users\Daniel\Downloads\Radeon RAMDisk 4.4.0 RC32 (4gb Free).msi 2015-04-29 20:53 - 2015-04-29 20:53 - 00069632 _____ () C:\Users\Daniel\Desktop\dziennik zdarzeń.evtx 2015-04-29 20:53 - 2015-04-29 20:53 - 00000000 ____D () C:\Users\Daniel\Desktop\LocaleMetaData 2015-04-26 22:31 - 2015-04-26 22:31 - 00347816 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\MicrosoftFixit.ProgramInstallUninstall.MATSKB.Run.exe 2015-04-26 20:56 - 2015-04-26 20:56 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\AVG2015 2015-04-26 20:55 - 2015-05-13 21:25 - 00000995 _____ () C:\Users\Public\Desktop\AVG 2015.lnk 2015-04-26 20:55 - 2015-05-13 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-04-26 20:55 - 2015-04-26 20:56 - 00000000 ____D () C:\ProgramData\AVG2015 2015-04-26 20:55 - 2015-04-26 20:55 - 00000000 ___HD () C:\$AVG 2015-04-26 20:54 - 2015-04-26 20:54 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-04-26 20:49 - 2015-05-13 22:03 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Avg2015 2015-04-26 20:48 - 2015-05-21 20:25 - 00000000 ____D () C:\ProgramData\MFAData 2015-04-26 20:48 - 2015-04-26 20:48 - 00000000 ____D () C:\Users\Daniel\AppData\Local\MFAData 2015-04-26 20:48 - 2015-04-26 20:48 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Avg2014 2015-04-26 20:08 - 2015-04-26 20:08 - 01180529 _____ () C:\Windows\unins000.exe 2015-04-26 20:08 - 2015-04-26 20:08 - 00001237 _____ () C:\Windows\unins000.dat 2015-04-26 13:04 - 2015-04-26 13:04 - 00000000 ____D () C:\Users\Daniel\AppData\Local\DriverToolkit 2015-04-26 13:03 - 2015-04-26 13:04 - 02448688 _____ (Megaify Software ) C:\Users\Daniel\Downloads\DriverToolkitInstaller (1).exe 2015-04-26 13:03 - 2015-04-26 13:03 - 02448688 _____ (Megaify Software ) C:\Users\Daniel\Downloads\DriverToolkitInstaller.exe 2015-04-26 12:59 - 2015-04-26 12:59 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2015-04-26 12:59 - 2015-04-26 12:59 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe 2015-04-26 12:59 - 2015-04-26 12:59 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2015-04-26 12:59 - 2015-04-26 12:59 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2015-04-26 12:59 - 2015-04-26 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center 2015-04-26 12:59 - 2015-04-26 12:59 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center 2015-04-26 12:55 - 2015-04-26 12:59 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2015-04-26 12:54 - 2015-04-26 12:57 - 50067152 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\MouseKeyboardCenter_64bit_ENG_2.3.188.exe 2015-04-26 12:54 - 2015-04-26 12:56 - 16783224 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\IPx64_1033_7.10.344.0.exe 2015-04-26 12:54 - 2015-04-26 12:54 - 00002978 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe 2015-04-26 12:52 - 2015-04-26 12:53 - 22413696 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\IPx64_1033_8.20.468.0.exe 2015-04-26 12:46 - 2009-07-14 05:01 - 00200272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys 2015-04-26 12:46 - 2009-07-14 05:01 - 00052304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys 2015-04-26 12:46 - 2009-07-14 05:01 - 00046672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys 2015-04-26 12:46 - 2009-07-14 05:01 - 00034896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys 2015-04-26 12:46 - 2009-07-14 05:01 - 00021760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys 2015-04-26 12:46 - 2009-07-14 03:45 - 00096320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sacdrv.sys 2015-04-26 12:46 - 2009-07-14 02:01 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ramdisk.sys 2015-04-26 12:46 - 2009-07-14 01:29 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fbwf.sys 2015-04-26 12:46 - 2009-07-14 01:29 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimfsf.sys 2015-04-26 12:46 - 2009-06-10 22:45 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf 2015-04-26 12:13 - 2015-04-26 12:13 - 00000000 ____D () C:\Users\Daniel\AppData\Local\GHISLER 2015-04-26 11:53 - 2015-04-26 12:02 - 00000000 ____D () C:\Users\Daniel\Desktop\usbdeview-x64 2015-04-26 11:52 - 2015-04-26 11:52 - 00108666 _____ () C:\Users\Daniel\Downloads\usbdeview-x64.zip 2015-04-26 11:52 - 2015-04-26 11:52 - 00003209 _____ () C:\Users\Daniel\Downloads\usbdeview_polish.zip 2015-04-25 23:39 - 2015-04-25 23:39 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome 2015-04-25 23:37 - 2015-04-25 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-04-25 23:34 - 2015-05-21 20:48 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-25 23:34 - 2015-05-17 20:43 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-04-25 23:34 - 2015-04-25 23:36 - 00000000 ____D () C:\Program Files (x86)\Google 2015-04-25 23:34 - 2015-04-25 23:34 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Apps\2.0 2015-04-25 19:06 - 2015-04-25 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center 2015-04-25 01:32 - 2015-04-25 01:32 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Steam 2015-04-24 21:50 - 2015-04-24 21:50 - 00002794 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-04-24 21:49 - 2015-05-21 18:03 - 00000000 ____D () C:\Program Files\CCleaner 2015-04-24 21:49 - 2015-05-04 00:42 - 00000868 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-04-24 21:49 - 2015-04-24 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-04-24 21:47 - 2015-04-24 21:48 - 06484352 _____ (Piriform Ltd) C:\Users\Daniel\Downloads\ccsetup505.exe 2015-04-24 21:27 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-04-24 21:27 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-04-24 21:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-04-24 21:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-04-24 21:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-04-24 21:27 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2015-04-24 21:27 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2015-04-24 21:27 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2015-04-24 21:26 - 2015-04-25 01:41 - 00000000 ____D () C:\Qoobox 2015-04-24 21:25 - 2015-04-24 22:04 - 00000000 ____D () C:\Windows\erdnt 2015-04-24 21:24 - 2015-04-24 21:25 - 05619466 ____R (Swearware) C:\Users\Daniel\Downloads\ComboFix.exe 2015-04-24 21:12 - 2015-04-24 21:12 - 02224640 _____ () C:\Users\Daniel\Downloads\adwcleaner_4.202.exe 2015-04-22 23:12 - 2015-04-22 23:12 - 00000000 ____D () C:\ProgramData\Oracle 2015-04-22 22:57 - 2015-04-22 22:57 - 00000879 _____ () C:\Users\Daniel\Desktop\ścieżki.txt 2015-04-22 21:23 - 2015-04-22 21:23 - 00044640 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aswTap.sys 2015-04-22 18:56 - 2015-04-22 18:56 - 00000074 _____ () C:\Windows\avast5.ini 2015-04-22 18:56 - 2015-04-22 18:56 - 00000002 _____ () C:\Windows\SysWOW64\avast5.ini 2015-04-22 13:43 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2015-04-22 13:43 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll 2015-04-22 13:43 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2015-04-22 13:43 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll 2015-04-22 13:42 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-04-22 13:42 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2015-04-21 19:44 - 2015-04-21 19:47 - 38862544 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Daniel\Downloads\ashampoo_gadge_it_e1.0.1_sm.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-21 21:12 - 2014-11-13 20:59 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\uTorrent 2015-05-21 20:28 - 2015-01-24 01:44 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-21 16:31 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-21 16:31 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-21 16:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\inetsrv 2015-05-21 16:22 - 2014-12-07 13:36 - 00000000 ____D () C:\ProgramData\VMware 2015-05-21 16:21 - 2009-07-14 06:45 - 05118872 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-21 16:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-20 21:12 - 2014-11-23 17:51 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-05-20 21:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-05-20 21:08 - 2014-11-23 18:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-05-20 17:08 - 2015-03-18 19:44 - 00000000 ____D () C:\Steam 2015-05-20 17:08 - 2015-01-15 20:06 - 1073741824 _____ () C:\Users\Daniel\Desktop\Sejf danych.avgfv 2015-05-20 16:25 - 2014-11-24 21:50 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Spotify 2015-05-20 15:59 - 2014-11-24 21:34 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Spotify 2015-05-19 17:58 - 2015-04-20 00:01 - 00000000 ____D () C:\Users\Daniel\Desktop\50 rocznica 2015-05-19 17:57 - 2014-12-07 13:41 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\VMware 2015-05-19 17:57 - 2014-12-07 13:41 - 00000000 ____D () C:\Users\Daniel\AppData\Local\VMware 2015-05-19 17:57 - 2014-11-07 22:48 - 00000000 ____D () C:\Program Files\Bandizip 2015-05-19 17:56 - 2014-12-07 13:46 - 00000000 ____D () C:\Users\Daniel\Documents\Virtual Machines 2015-05-19 17:40 - 2014-11-14 23:21 - 00000000 ____D () C:\Users\Daniel\Desktop\torrenty 2015-05-19 00:18 - 2014-11-24 23:27 - 00007646 _____ () C:\Users\Daniel\AppData\Local\resmon.resmoncfg 2015-05-18 23:20 - 2015-04-15 22:57 - 00000000 ____D () C:\Users\Daniel\Desktop\PDF 2015-05-18 20:02 - 2015-02-27 18:50 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDaniel 2015-05-18 20:02 - 2015-02-27 18:50 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForDaniel.job 2015-05-18 17:59 - 2015-02-16 17:49 - 00000000 ____D () C:\inetpub 2015-05-18 04:09 - 2014-11-06 07:54 - 00000000 ____D () C:\ProgramData\Recovery 2015-05-17 18:33 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-05-17 17:45 - 2014-11-23 19:59 - 00000000 ____D () C:\Windows\Minidump 2015-05-17 15:43 - 2014-12-06 00:04 - 00000000 ____D () C:\Users\Daniel\VirtualBox VMs 2015-05-17 15:43 - 2014-12-06 00:03 - 00000000 ____D () C:\Users\Daniel\.VirtualBox 2015-05-17 15:40 - 2015-04-14 18:17 - 00000000 ____D () C:\Program Files (x86)\DOSBox-0.74 2015-05-17 15:24 - 2015-04-14 18:17 - 00000000 ____D () C:\Wolf3D 2015-05-17 14:53 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-05-17 13:09 - 2014-11-09 13:32 - 00000000 ____D () C:\Users\Daniel\Documents\Visual Studio 2013 2015-05-17 00:48 - 2015-04-16 22:39 - 00000000 ____D () C:\ProgramData\Origin 2015-05-16 20:49 - 2010-08-17 19:20 - 00834930 _____ () C:\Windows\system32\perfh015.dat 2015-05-16 20:49 - 2010-08-17 19:20 - 00196040 _____ () C:\Windows\system32\perfc015.dat 2015-05-16 20:49 - 2009-07-14 07:13 - 01918166 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-16 19:23 - 2014-11-06 00:20 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Hewlett-Packard 2015-05-14 20:52 - 2015-03-10 15:40 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\CodeBlocks 2015-05-14 20:39 - 2015-04-14 22:37 - 00000000 ____D () C:\Users\Daniel\Desktop\Projekt cpp 2015-05-13 21:51 - 2014-11-06 00:18 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Hewlett-Packard 2015-05-13 21:50 - 2014-11-05 23:21 - 00000000 ____D () C:\Windows\Hewlett-Packard 2015-05-13 21:37 - 2010-08-17 11:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services 2015-05-13 21:37 - 2010-08-17 11:02 - 00000000 ___RD () C:\Program Files (x86)\Online Services 2015-05-13 00:33 - 2010-08-17 10:42 - 00000000 ____D () C:\ProgramData\Temp 2015-05-13 00:10 - 2015-01-22 23:35 - 00000000 ____D () C:\Users\Daniel\AppData\Local\PowerCinema 2015-05-13 00:03 - 2010-08-17 09:54 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard 2015-05-12 23:49 - 2010-06-07 19:38 - 00000000 ____D () C:\HP 2015-05-12 23:47 - 2009-09-07 02:40 - 00000000 ____D () C:\SwSetup 2015-05-12 23:44 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2015-05-12 23:42 - 2010-08-17 11:38 - 00000000 ____D () C:\ProgramData\CyberLink 2015-05-12 23:20 - 2010-08-17 10:09 - 00000000 ____D () C:\Program Files (x86)\Intel 2015-05-12 22:36 - 2014-11-05 23:21 - 00000000 ____D () C:\Program Files (x86)\HP 2015-05-10 22:47 - 2014-11-23 23:13 - 00000431 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2015-05-09 00:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2015-05-08 14:57 - 2015-03-25 16:48 - 00002060 _____ () C:\Users\Public\Desktop\Wise Care 365.lnk 2015-05-07 11:20 - 2015-02-27 21:52 - 00000000 ____D () C:\Users\DefaultAppPool 2015-05-04 16:54 - 2015-03-21 21:33 - 00000000 ____D () C:\Users\Daniel\Downloads\Torrenty 2015-05-04 00:42 - 2015-02-28 19:54 - 00001107 _____ () C:\Users\Daniel\Desktop\Adobe Photoshop CS6 (64 Bit).lnk 2015-05-04 00:42 - 2015-02-01 20:37 - 00001244 _____ () C:\Users\Public\Desktop\Ashampoo 3D CAD Architecture 5.lnk 2015-05-03 01:47 - 2014-11-24 21:50 - 00001758 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-05-02 21:12 - 2014-11-06 00:12 - 00000000 ____D () C:\Users\Daniel 2015-05-02 20:04 - 2014-11-05 23:21 - 00000000 ____D () C:\ProgramData\FLEXnet 2015-05-01 17:49 - 2015-04-11 21:06 - 00000000 ____D () C:\ProgramData\DriverGenius 2015-05-01 17:49 - 2015-03-06 21:13 - 00000000 ____D () C:\Users\Daniel\Documents\Euro Truck Simulator 2 2015-05-01 17:49 - 2015-02-17 23:47 - 00000000 ____D () C:\Program Files (x86)\Hard Disk Sentinel 2015-05-01 17:49 - 2015-01-12 19:27 - 00000000 ____D () C:\Program Files (x86)\Bruteforce Save Data 2015-05-01 17:49 - 2014-11-19 19:20 - 00000000 ____D () C:\Program Files (x86)\Notepad++ 2015-05-01 17:49 - 2014-11-17 18:28 - 00000000 ____D () C:\Program Files (x86)\Universal Extractor 2015-05-01 17:49 - 2014-11-15 23:42 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-05-01 17:49 - 2014-11-07 00:35 - 00000000 ____D () C:\Windows\pss 2015-05-01 17:49 - 2014-11-06 00:21 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\hpqLog 2015-05-01 17:49 - 2014-11-05 23:36 - 00000000 ____D () C:\Program Files (x86)\HP Games 2015-05-01 17:49 - 2009-09-07 02:40 - 00000000 ____D () C:\SYSTEM.SAV 2015-05-01 17:36 - 2015-03-26 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixar 2015-05-01 17:36 - 2014-11-07 17:51 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashDumps 2015-05-01 17:35 - 2015-03-25 16:48 - 00000000 ____D () C:\Program Files (x86)\Wise 2015-04-30 18:46 - 2014-11-06 00:21 - 00000000 ____D () C:\Users\Daniel\Documents\Moje przyjęte pliki 2015-04-29 22:53 - 2014-11-11 17:06 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\GG 2015-04-29 20:27 - 2014-11-14 16:14 - 00000000 ____D () C:\Program Files\AMD 2015-04-29 00:09 - 2015-04-16 23:11 - 00000000 ____D () C:\AdwCleaner 2015-04-26 18:25 - 2015-02-10 23:12 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Skype 2015-04-25 23:37 - 2014-11-07 16:56 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Google 2015-04-25 23:34 - 2014-11-07 16:55 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Deployment 2015-04-25 19:05 - 2014-11-05 23:14 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2015-04-24 21:58 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2015-04-23 00:17 - 2014-12-06 00:11 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2015-04-22 23:13 - 2014-11-11 02:18 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-04-22 23:11 - 2014-11-11 02:17 - 00000000 ____D () C:\Program Files (x86)\Java 2015-04-22 20:02 - 2015-01-24 01:44 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-04-22 20:02 - 2014-12-26 19:53 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-04-22 20:02 - 2014-12-26 19:53 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-04-22 17:37 - 2015-01-09 21:12 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Avg_Update_1014av 2015-04-22 15:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers 2015-04-21 20:22 - 2015-04-17 23:47 - 00000000 ____D () C:\Users\Daniel\Desktop\Biblioteki DLL 2015-04-21 19:49 - 2014-12-02 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2015-04-21 19:49 - 2014-12-02 16:40 - 00000000 ____D () C:\Program Files (x86)\Ashampoo 2015-04-21 19:48 - 2014-12-02 16:40 - 00000000 ____D () C:\ProgramData\Ashampoo ==================== Files in the root of some directories ======= 2015-05-02 20:04 - 2015-05-02 20:04 - 0004978 _____ () C:\Users\Daniel\AppData\Local\mbt-actwiz.log 2014-11-24 23:27 - 2015-05-19 00:18 - 0007646 _____ () C:\Users\Daniel\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-19 15:07 ==================== End of log ============================