Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015 Ran by urban (administrator) on POTWORAURBANA on 25-06-2015 00:00:20 Running from C:\Users\urban\Downloads Loaded Profiles: urban & UpdatusUser (Available Profiles: urban & UpdatusUser) Platform: Windows 8.1 Pro (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [] => [X] HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [8925504 2014-10-15] () HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3014667882-616951395-1994978174-1001\...\Run: [Spotify] => C:\Users\urban\AppData\Roaming\Spotify\Spotify.exe [6342200 2014-09-19] (Spotify Ltd) HKU\S-1-5-21-3014667882-616951395-1994978174-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation) HKU\S-1-5-21-3014667882-616951395-1994978174-1001\...\Run: [Spotify Web Helper] => C:\Users\urban\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-19] (Spotify Ltd) HKU\S-1-5-21-3014667882-616951395-1994978174-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-3014667882-616951395-1994978174-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd) HKU\S-1-5-21-3014667882-616951395-1994978174-1001\...\Run: [Google Update] => C:\Users\urban\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-12-03] (Google Inc.) HKU\S-1-5-21-3014667882-616951395-1994978174-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2765256 2015-01-24] (ALLPlayer Group Ltd.) HKU\S-1-5-21-3014667882-616951395-1994978174-1001\...\Run: [Dropbox Update] => C:\Users\urban\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.) HKU\S-1-5-21-3014667882-616951395-1994978174-1002\...\Run: [Spotify] => C:\Users\urban\AppData\Roaming\Spotify\Spotify.exe [6342200 2014-09-19] (Spotify Ltd) Startup: C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2014-11-20] ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\urban\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3014667882-616951395-1994978174-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3014667882-616951395-1994978174-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-24] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-24] (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 10.10.10.1 StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1414606442&from=cor&uid=SanDiskXSDSSDHP128G_142046401072 FireFox: ======== FF ProfilePath: C:\Users\urban\AppData\Roaming\Mozilla\Firefox\Profiles\br0ujgeh.default FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-24] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-24] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-24] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3014667882-616951395-1994978174-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\urban\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-10-29] (Google) FF Plugin HKU\S-1-5-21-3014667882-616951395-1994978174-1001: @talk.google.com/O1DPlugin -> C:\Users\urban\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-10-29] (Google) FF Plugin HKU\S-1-5-21-3014667882-616951395-1994978174-1001: @tools.google.com/Google Update;version=3 -> C:\Users\urban\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-12-03] (Google Inc.) FF Plugin HKU\S-1-5-21-3014667882-616951395-1994978174-1001: @tools.google.com/Google Update;version=9 -> C:\Users\urban\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-12-03] (Google Inc.) FF Plugin HKU\S-1-5-21-3014667882-616951395-1994978174-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-09-21] () FF user.js: detected! => C:\Users\urban\AppData\Roaming\Mozilla\Firefox\Profiles\br0ujgeh.default\user.js [2014-10-29] FF Plugin ProgramFiles/Appdata: C:\Users\urban\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-10-29] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\urban\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-10-29] (Google) FF Extension: Mozilla Firefox Hotfixer - C:\Users\urban\AppData\Roaming\Mozilla\Firefox\Profiles\br0ujgeh.default\Extensions\veggy@veggyAddon.com [2015-04-11] FF Extension: Ultra Finder - C:\Users\urban\AppData\Roaming\Mozilla\Firefox\Profiles\br0ujgeh.default\Extensions\{60984d64-3925-4636-a8c2-1b22a35f133f} [2014-11-28] FF Extension: Adblock Plus - C:\Users\urban\AppData\Roaming\Mozilla\Firefox\Profiles\br0ujgeh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-13] Chrome: ======= CHR Profile: C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-27] CHR Extension: (Google Docs) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-27] CHR Extension: (Google Drive) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-27] CHR Extension: (YouTube) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-27] CHR Extension: (Google Search) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-27] CHR Extension: (Google Sheets) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-27] CHR Extension: (AdBlock) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-01] CHR Extension: (Ghostery) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-04-01] CHR Extension: (Google Wallet) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-27] CHR Extension: (Snapchat Desktop app) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\oobkakjofjhooboocplclkdclpniocbk [2014-12-27] CHR Extension: (Gmail) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-27] Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\urban\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-11-23] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation) R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [707888 2014-10-15] () R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed] S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) S3 scan; C:\Program Files\Cellebrite Mobile Synchronization\UFED Physical Analyzer\BitDefender\scan.dll [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation) R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2014-08-21] (BitDefender) R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261496 2014-08-21] (BitDefender) S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2014-08-21] (BitDefender) R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2014-07-10] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2014-07-10] (BitDefender LLC) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.) R3 cbrtucbl; C:\Windows\system32\DRIVERS\cbrtucbl.sys [41736 2011-08-15] (Cellebrite Mobile Synchronization) R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-07-10] (BitDefender LLC) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3668960 2013-12-05] (Intel Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-09-27] (NVIDIA Corporation) R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-18] (Realsil Semiconductor Corporation) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-25 00:00 - 2015-06-25 00:00 - 00023259 _____ C:\Users\urban\Downloads\FRST.txt 2015-06-24 23:59 - 2015-06-25 00:00 - 00000000 ____D C:\FRST 2015-06-24 23:57 - 2015-06-24 23:57 - 01636352 _____ (Farbar) C:\Users\urban\Downloads\FRST.exe 2015-06-24 23:54 - 2015-06-24 23:54 - 02112512 _____ (Farbar) C:\Users\urban\Downloads\FRST64.exe 2015-06-24 23:54 - 2015-06-24 23:54 - 00370943 _____ C:\Users\urban\Downloads\gmer.zip 2015-06-24 23:17 - 2015-06-24 23:17 - 10475360 _____ (Akamai Technologies, Inc.) C:\Users\urban\Downloads\AsusInstaller.exe 2015-06-24 23:11 - 2015-06-24 23:11 - 02132980 _____ C:\Users\urban\Downloads\Rapid Start Technology Installer_3.0.0.1053.zip 2015-06-24 23:08 - 2015-06-24 23:08 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2015-06-24 23:07 - 2015-06-24 23:07 - 00009701 _____ C:\Users\urban\Documents\Uninstall Dragon Age 2.log 2015-06-24 23:07 - 2015-06-24 23:07 - 00009467 _____ C:\Users\urban\Documents\Uninstall Dragon Age Początek.log 2015-06-24 23:07 - 2015-06-24 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-06-24 22:54 - 2015-06-24 22:54 - 00085164 _____ C:\Users\urban\Documents\cc_20150624_225417.reg 2015-06-24 22:32 - 2015-06-24 22:32 - 00007334 _____ C:\Users\urban\Desktop\Nowy OpenDocument Dokument tekstowy (2).odt 2015-06-24 22:28 - 2015-06-24 23:33 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-24 22:28 - 2015-06-24 22:33 - 00001070 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-24 22:28 - 2015-06-24 22:28 - 00931408 _____ (Google Inc.) C:\Users\urban\Downloads\ChromeSetup (1).exe 2015-06-24 22:22 - 2015-06-24 22:22 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-06-24 22:22 - 2015-06-24 22:22 - 00000000 ____D C:\ProgramData\Sun 2015-06-24 22:22 - 2015-06-24 22:22 - 00000000 ____D C:\ProgramData\Oracle 2015-06-24 22:22 - 2015-06-24 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-06-24 22:22 - 2015-06-24 22:22 - 00000000 ____D C:\Program Files (x86)\Java 2015-06-24 22:20 - 2015-06-24 22:20 - 00562272 _____ (Oracle Corporation) C:\Users\urban\Downloads\chromeinstall-8u45.exe 2015-06-24 20:07 - 2015-06-20 05:02 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-06-24 20:07 - 2015-06-20 05:02 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-24 18:36 - 2015-06-24 18:36 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-06-23 15:46 - 2015-06-12 16:20 - 362207439 _____ C:\Users\urban\Downloads\SydCol.mp4 2015-06-23 15:07 - 2015-06-23 16:18 - 320471901 _____ C:\Users\urban\Downloads\234252355.mp4 2015-06-23 15:07 - 2015-06-23 15:39 - 361548886 _____ C:\Users\urban\Downloads\SydCol.rar 2015-06-23 00:09 - 2015-06-24 23:14 - 00001190 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3014667882-616951395-1994978174-1001UA.job 2015-06-23 00:09 - 2015-06-24 00:14 - 00001138 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3014667882-616951395-1994978174-1001Core.job 2015-06-23 00:09 - 2015-06-23 00:09 - 00004136 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3014667882-616951395-1994978174-1001UA 2015-06-23 00:09 - 2015-06-23 00:09 - 00003756 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3014667882-616951395-1994978174-1001Core 2015-06-23 00:09 - 2015-06-23 00:09 - 00000000 ____D C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-06-23 00:09 - 2015-06-23 00:09 - 00000000 ____D C:\Users\urban\AppData\Local\Dropbox 2015-06-23 00:09 - 2015-06-23 00:09 - 00000000 ____D C:\ProgramData\Dropbox 2015-06-18 14:08 - 2015-06-18 14:09 - 34672322 _____ C:\Users\urban\Downloads\70-410.zip 2015-06-17 15:59 - 2015-06-17 16:15 - 114685820 _____ C:\Users\urban\Downloads\cc-ee.mp4 2015-06-17 15:45 - 2015-06-17 16:09 - 295143062 _____ C:\Users\urban\Downloads\Connie Carter - Please my pussy [720p].mp4 2015-06-17 14:49 - 2015-06-17 14:49 - 00107503 _____ C:\Users\urban\Desktop\projekt sieci inzynierka.pkt 2015-06-16 11:36 - 2015-06-15 21:37 - 327570440 _____ C:\Users\urban\Downloads\Ava Taylor - Her Brother's 1_SD.mp4 2015-06-16 10:19 - 2015-06-16 11:09 - 303966111 _____ C:\Users\urban\Downloads\Ava_Taylor_-_Her_Brother's_3_SD.mp4 2015-06-16 10:19 - 2015-06-16 10:41 - 400184641 _____ C:\Users\urban\Downloads\Ava_Taylor_-_Her_Brother's_2_SD.mp4 2015-06-15 13:54 - 2015-06-16 15:07 - 02149311 _____ C:\Users\urban\Desktop\CV.odt 2015-06-14 16:09 - 2015-06-14 17:09 - 360153066 _____ C:\Users\urban\Downloads\babes_bg_paula_shy_ph022315_480p_1500.mp4 2015-06-13 18:14 - 2015-06-13 18:14 - 00000355 _____ C:\Users\urban\Desktop\Kosz — skrót.lnk 2015-06-12 16:04 - 2015-06-12 16:04 - 00236546 _____ C:\Users\urban\Downloads\7TI2 (5).htm 2015-06-12 14:29 - 2015-06-12 15:04 - 326154086 _____ C:\Users\urban\Downloads\28968_01_big.mp4 2015-06-10 23:32 - 2015-06-11 00:00 - 207625324 _____ C:\Users\urban\Downloads\bbiitt.mp4 2015-06-10 23:13 - 2015-06-11 01:08 - 354030197 _____ C:\Users\urban\Downloads\ccrree.rar 2015-06-10 19:33 - 2015-06-10 19:33 - 00003882 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1416162750 2015-06-10 19:33 - 2015-06-10 19:33 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-06-10 13:38 - 2015-06-10 15:18 - 00194783 _____ C:\Users\urban\Downloads\inzynierka wersja 15kw.odt 2015-06-10 09:27 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-06-10 09:27 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-06-10 09:27 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll 2015-06-10 09:27 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-06-10 09:27 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-06-10 09:27 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-06-10 09:27 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2015-06-10 09:27 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2015-06-10 09:27 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2015-06-10 09:27 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2015-06-10 09:27 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-06-10 09:27 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2015-06-10 09:27 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2015-06-10 09:27 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2015-06-10 09:27 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-06-10 09:27 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2015-06-10 09:27 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll 2015-06-10 09:27 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2015-06-10 09:27 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2015-06-10 09:27 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2015-06-10 09:27 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll 2015-06-10 09:27 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll 2015-06-10 09:26 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-06-10 09:26 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-06-10 09:26 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-06-10 09:26 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2015-06-10 09:26 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-06-10 09:26 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-06-10 09:26 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2015-06-10 09:26 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-06-10 09:26 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-06-10 09:26 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-06-10 09:26 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-06-10 09:26 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-06-10 09:26 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-06-10 09:26 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-06-10 09:26 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-06-10 09:26 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-06-10 09:26 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-06-10 09:26 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-06-10 09:26 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-06-10 09:26 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-06-10 09:26 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-06-10 09:26 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-06-10 09:26 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2015-06-10 09:26 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-06-10 09:26 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-06-10 09:26 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-06-10 09:26 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2015-06-10 09:26 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-06-10 09:26 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-06-10 09:26 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-06-10 09:26 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-06-10 09:26 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-06-10 09:26 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-06-10 09:26 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-06-10 09:26 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-06-10 09:26 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-06-10 09:26 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-06-10 09:26 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-06-10 09:26 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-06-10 09:26 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-06-10 09:26 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-06-10 09:26 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2015-06-10 09:26 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2015-06-10 09:26 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-06-10 09:26 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2015-06-10 09:26 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll 2015-06-10 09:26 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-06-10 09:26 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-06-10 09:26 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll 2015-06-10 09:26 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2015-06-10 09:26 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2015-06-09 14:57 - 2015-06-09 14:57 - 00236546 _____ C:\Users\urban\Downloads\7TI2 (4).htm 2015-06-08 02:03 - 2015-06-08 02:53 - 153561280 _____ C:\Users\urban\Downloads\seeddostr.rar 2015-06-07 17:27 - 2014-06-25 16:20 - 224493584 _____ C:\Users\urban\Downloads\swwwarai.mp4 2015-06-07 14:03 - 2014-05-31 18:30 - 181816823 _____ C:\Users\urban\Downloads\eeearlll.mp4 2015-06-07 13:21 - 2015-06-07 13:24 - 16578402 _____ ( ) C:\Users\urban\Downloads\DLLSuite_Setup_2013.exe 2015-06-07 13:21 - 2015-06-07 13:22 - 00000000 ____D C:\Program Files (x86)\DLLEscort 2015-06-07 13:21 - 2015-06-07 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL Escort 2014 2015-06-07 13:21 - 2015-06-07 13:21 - 00000000 ____D C:\ProgramData\dllescort 2015-06-07 13:19 - 2015-06-07 13:20 - 08883105 _____ ( ) C:\Users\urban\Downloads\DLLEscort_Setup.exe 2015-06-06 16:04 - 2015-05-15 14:02 - 240404496 _____ C:\Users\urban\Downloads\ttddccqq.mp4 2015-06-06 14:34 - 2015-06-06 15:16 - 390933584 _____ C:\Users\urban\Downloads\29027_04_big.mp4 2015-06-06 14:34 - 2015-06-06 15:01 - 322813533 _____ C:\Users\urban\Downloads\porn602sd.mp4 2015-06-05 19:49 - 2015-05-05 17:28 - 262883320 _____ C:\Users\urban\Downloads\ggmmcc.mp4 2015-06-05 18:12 - 2015-05-01 12:23 - 187929082 _____ C:\Users\urban\Downloads\rraasssqqq.mp4 2015-06-05 15:49 - 2014-05-21 16:00 - 116717762 _____ C:\Users\urban\Downloads\cciimbtl.mp4 2015-06-05 15:00 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-06-05 15:00 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-06-05 15:00 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-06-05 15:00 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-06-05 15:00 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2015-06-05 15:00 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2015-06-05 15:00 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-06-05 15:00 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2015-06-03 18:34 - 2015-06-03 18:34 - 05197824 _____ C:\Users\urban\Downloads\HPSupportSolutionsFramework-11.51.0049.msi 2015-06-03 18:21 - 2015-06-03 18:21 - 00000408 __RSH C:\ProgramData\ntuser.pol 2015-06-03 17:17 - 2015-06-03 17:17 - 00001175 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2015-06-03 17:17 - 2015-06-03 17:17 - 00001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2015-06-03 17:17 - 2015-06-03 17:17 - 00000000 ____D C:\Users\urban\AppData\Roaming\Canneverbe Limited 2015-06-03 17:17 - 2015-06-03 17:17 - 00000000 ____D C:\ProgramData\Canneverbe Limited 2015-06-03 17:17 - 2015-06-03 17:17 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP 2015-06-03 17:16 - 2015-06-03 17:16 - 05650240 _____ (Canneverbe Limited ) C:\Users\urban\Downloads\cdbxp_setup_4.5.5.5642.exe 2015-06-03 17:13 - 2015-06-03 17:13 - 00827816 _____ (Akeo Consulting (http://akeo.ie)) C:\Users\urban\Downloads\rufus-2.2.exe 2015-06-03 16:17 - 2015-06-24 23:09 - 00000000 ____D C:\Program Files (x86)\UltraISO 2015-06-03 16:16 - 2015-06-03 16:16 - 04384520 _____ (EZB Systems, Inc. ) C:\Users\urban\Downloads\uiso9_pe.exe 2015-06-03 16:12 - 2015-06-03 16:12 - 00002617 _____ C:\Users\urban\Desktop\Windows 7 USB DVD Download Tool.lnk 2015-06-03 16:12 - 2015-06-03 16:12 - 00000000 ____D C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool 2015-06-03 16:12 - 2015-06-03 16:12 - 00000000 ____D C:\Users\urban\AppData\Local\Apps\Windows 7 USB DVD Download Tool 2015-06-03 16:11 - 2015-06-03 16:11 - 02721168 _____ (Microsoft Corporation) C:\Users\urban\Downloads\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe 2015-05-31 15:57 - 2015-05-31 16:02 - 46707744 _____ C:\Users\urban\Downloads\sweetpussyyprv (1).zip 2015-05-31 13:36 - 2015-05-31 13:36 - 02473384 _____ C:\Users\urban\Downloads\priv.zip 2015-05-31 13:36 - 2015-05-31 13:36 - 01520041 _____ C:\Users\urban\Downloads\polak.zip 2015-05-31 13:36 - 2015-05-31 13:36 - 01489123 _____ C:\Users\urban\Downloads\wibro.zip 2015-05-27 19:34 - 2015-05-27 19:34 - 00000000 ____D C:\Users\urban\Desktop\v 2015-05-27 19:16 - 2015-05-27 19:16 - 00000000 ____D C:\Users\urban\Tracing 2015-05-26 23:00 - 2015-05-26 23:01 - 05972118 _____ C:\Users\urban\Downloads\_Vika_.rar ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-25 00:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-06-24 23:58 - 2014-09-20 18:14 - 04350464 ___SH C:\Users\urban\Downloads\Thumbs.db 2015-06-24 23:33 - 2014-12-03 23:28 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3014667882-616951395-1994978174-1001UA.job 2015-06-24 23:33 - 2014-11-16 21:43 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-06-24 23:28 - 2014-08-28 22:49 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3014667882-616951395-1994978174-1001 2015-06-24 23:14 - 2014-08-31 10:07 - 00000000 ____D C:\Users\urban\.VirtualBox 2015-06-24 23:09 - 2014-09-20 16:03 - 01187840 ___SH C:\Users\urban\Desktop\Thumbs.db 2015-06-24 23:07 - 2014-10-10 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age Początek 2015-06-24 23:07 - 2014-09-07 14:09 - 00000000 ____D C:\Program Files (x86)\Steam 2015-06-24 22:53 - 2015-02-18 22:56 - 00000000 ____D C:\Users\urban\AppData\Roaming\FileZilla 2015-06-24 22:53 - 2014-12-27 17:03 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2015-06-24 22:53 - 2014-12-24 13:26 - 00000000 ____D C:\Users\urban\AppData\Local\CrashDumps 2015-06-24 22:53 - 2014-11-17 20:52 - 00000000 ____D C:\Users\urban\AppData\Roaming\TeamViewer 2015-06-24 22:49 - 2014-11-16 20:26 - 00000000 __SHD C:\Users\urban\AppData\Local\EmieBrowserModeList 2015-06-24 22:49 - 2014-09-20 00:39 - 00000000 __SHD C:\Users\urban\AppData\Local\EmieUserList 2015-06-24 22:49 - 2014-09-20 00:39 - 00000000 __SHD C:\Users\urban\AppData\Local\EmieSiteList 2015-06-24 22:33 - 2014-12-03 23:28 - 00001034 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3014667882-616951395-1994978174-1001Core.job 2015-06-24 22:28 - 2014-12-27 17:10 - 00004046 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-06-24 22:28 - 2014-12-27 17:10 - 00003810 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-06-24 20:07 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-06-24 19:33 - 2014-11-16 21:43 - 00003818 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-06-24 18:39 - 2014-09-20 00:39 - 00004004 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4838AB4B-FDAD-4AEB-9B95-1ADC7E816BD5} 2015-06-23 23:31 - 2014-09-09 00:56 - 00000000 ___RD C:\Users\urban\Dropbox 2015-06-23 23:31 - 2014-09-09 00:52 - 00000000 ____D C:\Users\urban\AppData\Roaming\Dropbox 2015-06-23 10:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-06-22 22:27 - 2014-09-19 23:54 - 00000000 ____D C:\Program Files (x86)\Opera 2015-06-22 22:27 - 2014-03-18 11:56 - 01941448 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-06-22 22:27 - 2014-03-18 11:28 - 00848420 _____ C:\WINDOWS\system32\perfh015.dat 2015-06-22 22:27 - 2014-03-18 11:28 - 00183386 _____ C:\WINDOWS\system32\perfc015.dat 2015-06-22 22:22 - 2014-09-04 18:01 - 00000000 ____D C:\ProgramData\VMware 2015-06-22 22:22 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-06-18 21:56 - 2014-08-29 20:13 - 00000000 ____D C:\Users\urban 2015-06-17 20:23 - 2014-09-19 22:23 - 00000000 ____D C:\Users\urban\AppData\Roaming\Skype 2015-06-17 15:55 - 2015-02-12 18:44 - 00000000 ____D C:\Users\urban\AppData\Roaming\vlc 2015-06-17 15:10 - 2015-04-24 15:02 - 00222482 _____ C:\Users\urban\Desktop\inzynierka wersja 15kw.odt 2015-06-17 14:26 - 2015-02-10 20:56 - 00000188 _____ C:\Users\urban\.packettracer 2015-06-11 11:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2015-06-11 10:45 - 2013-08-22 16:44 - 00392880 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-06-11 06:01 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-06-11 06:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-06-10 09:49 - 2014-08-28 23:31 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-06-10 09:47 - 2014-08-28 23:31 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-06-07 11:27 - 2014-12-11 01:49 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-06-07 11:27 - 2014-08-31 16:01 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2015-06-07 11:27 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-06-03 17:13 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2015-06-03 17:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2015-06-03 16:15 - 2014-08-29 20:13 - 00001908 _____ C:\WINDOWS\diagwrn.xml 2015-06-03 16:15 - 2014-08-29 20:13 - 00001908 _____ C:\WINDOWS\diagerr.xml 2015-05-27 19:16 - 2014-09-19 22:23 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-05-27 19:16 - 2014-09-19 22:23 - 00000000 ____D C:\ProgramData\Skype ==================== Files in the root of some directories ======= 2014-08-31 11:47 - 2014-10-28 20:29 - 0004987 _____ () C:\Users\urban\AppData\Roaming\gns3.ini 2014-11-28 00:53 - 2014-11-28 00:53 - 0000036 _____ () C:\Users\urban\AppData\Local\housecall.guid.cache 2015-02-12 21:58 - 2015-02-14 02:04 - 0000600 _____ () C:\Users\urban\AppData\Local\PUTTY.RND 2014-08-29 20:49 - 2014-08-29 20:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\urban\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjbcqpg.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-17 12:19 ==================== End of log ============================