Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-08-2015 Ran by Konrad (administrator) on INWIGILATOR (06-08-2015 23:11:19) Running from C:\Users\Konrad\Desktop\frst Loaded Profiles: Konrad (Available Profiles: Konrad) Platform: Windows 8.1 Pro (X64) Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Saitek) C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Windows\SysWOW64\HsMgr.exe () C:\Windows\System\HsMgr64.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek) HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.) HKU\S-1-5-21-1079949116-4080506166-1513378825-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-1079949116-4080506166-1513378825-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2895552 2015-07-24] (Valve Corporation) HKU\S-1-5-21-1079949116-4080506166-1513378825-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1079949116-4080506166-1513378825-1001\...\Run: [EPSON Stylus Photo R285] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICKE.EXE [213504 2007-04-13] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1079949116-4080506166-1513378825-1001\...\Run: [EPSON Stylus Photo R285 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICKE.EXE [213504 2007-04-13] (SEIKO EPSON CORPORATION) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION GroupPolicyScripts: Group Policy detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-1079949116-4080506166-1513378825-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.viceice.com/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1079949116-4080506166-1513378825-1001 -> {2039DD3E-4E72-4C20-90E7-9FD959AA7D06} URL = http://www.google.com/cse?cx=partner-pub-0900663996874144:4435833467&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1 BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation) Tcpip\..\Interfaces\{898AC4C1-A254-4B3B-9FF3-9C0D8835B66A}: [DhcpNameServer] 192.168.1.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-15] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-15] () FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-09] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-01-09] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-24] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-24] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-03-24] (EasyAntiCheat Ltd) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-29] (Futuremark) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-14] (NVIDIA Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-14] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-28] (Electronic Arts) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-01-16] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-03-27] () R2 SaiDOutput; C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe [233984 2014-07-30] (Saitek) [File not signed] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc) U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2015-07-31] (Disc Soft Ltd) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-01-09] (Disc Soft Ltd) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation) R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] () S3 SaiK0762; C:\Windows\System32\drivers\SaiK0762.sys [179872 2014-08-05] (Saitek) R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce)) S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [78208 2006-08-11] (Protection Technology (StarForce)) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-07-31] (Duplex Secure Ltd.) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-07-09] (Microsoft Corporation) S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X] S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-06 23:10 - 2015-08-06 23:11 - 00000000 ____D C:\FRST 2015-08-06 23:09 - 2015-08-06 23:11 - 00000000 ____D C:\Users\Konrad\Desktop\frst 2015-08-06 20:13 - 2015-08-06 20:13 - 00003030 _____ C:\Windows\System32\Tasks\MSIAfterburner 2015-08-04 20:26 - 2015-08-04 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2015-08-04 20:26 - 2015-08-04 20:26 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys 2015-08-02 22:21 - 2015-08-02 22:21 - 00000962 _____ C:\Users\Konrad\Desktop\F1_2015.exe — skrót.lnk 2015-08-02 21:57 - 2015-08-02 21:57 - 00000600 _____ C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\F1 2015 by BuZeR.lnk 2015-08-02 21:57 - 2015-08-02 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F1 2015 by BuZeR 2015-07-31 22:08 - 2015-07-31 22:10 - 112328481 _____ C:\Users\Konrad\Downloads\Theory Of A Deadman - Savages [2014].rar 2015-07-31 20:29 - 2015-07-31 20:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Konrad\Downloads\revosetup.exe 2015-07-31 20:29 - 2015-07-31 20:29 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2015-07-31 18:18 - 2015-07-31 18:34 - 00000124 _____ C:\Users\Konrad\Documents\ax_files.xml 2015-07-31 18:16 - 2015-07-31 18:16 - 00309248 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsidrv.sys 2015-07-31 18:10 - 2015-07-31 18:10 - 00381608 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2015-07-30 16:25 - 2015-07-30 16:25 - 00001037 _____ C:\Users\Konrad\Desktop\Max Payne 2.lnk 2015-07-30 16:22 - 2015-07-30 16:22 - 00000221 _____ C:\Users\Konrad\Desktop\Total War SHOGUN 2.url 2015-07-30 16:04 - 2015-07-30 16:04 - 00000000 ____D C:\Users\Konrad\AppData\Local\CEF 2015-07-30 00:39 - 2015-07-30 18:14 - 00000000 ____D C:\Users\Konrad\Documents\Max Payne 2 Savegames 2015-07-30 00:10 - 2015-07-30 00:10 - 00304171 _____ C:\Users\Konrad\Downloads\dev-mp21.rar 2015-07-29 22:50 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2015-07-29 22:50 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-07-29 22:50 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml 2015-07-29 22:47 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-07-29 22:47 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2015-07-29 22:47 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll 2015-07-29 22:47 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-07-29 22:47 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-07-29 21:57 - 2015-07-25 15:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-07-29 21:57 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-07-29 21:57 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-07-29 21:57 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-07-29 21:57 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-07-29 20:58 - 2015-07-29 20:58 - 00000395 _____ C:\Users\Public\Desktop\Project CARS.lnk 2015-07-29 20:58 - 2015-07-29 20:58 - 00000395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project CARS.lnk 2015-07-25 23:27 - 2015-07-29 17:52 - 00000000 ____D C:\Users\Konrad\Documents\Max Payne Savegames 2015-07-25 23:25 - 2015-07-25 23:25 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll 2015-07-25 23:00 - 2015-07-25 23:00 - 00001613 _____ C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxBatch.lnk 2015-07-25 21:10 - 2015-07-25 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kolekcja Klasyki 2015-07-25 21:05 - 2015-07-25 21:05 - 00001583 _____ C:\Users\Public\Desktop\Max Payne.lnk 2015-07-21 00:17 - 2015-07-21 00:20 - 00000000 ____D C:\Users\Konrad\Downloads\anno2070 2015-07-20 23:46 - 2015-07-20 23:46 - 00000000 ____D C:\Users\Konrad\Downloads\ck2fitgirl 2015-07-20 23:16 - 2015-07-20 23:47 - 2100000000 _____ C:\Users\Konrad\Downloads\setup_anno_2070-2.bin 2015-07-20 22:57 - 2015-07-20 23:15 - 1354612834 _____ C:\Users\Konrad\Downloads\setup_anno_2070-3.bin 2015-07-20 22:10 - 2015-07-20 22:38 - 2099123968 _____ C:\Users\Konrad\Downloads\setup_anno_2070-1.bin 2015-07-20 22:10 - 2015-07-20 22:10 - 00881384 _____ ( ) C:\Users\Konrad\Downloads\setup_anno_2070.exe 2015-07-20 19:27 - 2015-07-14 21:06 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-07-20 19:27 - 2015-07-14 21:05 - 01710056 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-07-20 19:26 - 2015-07-03 06:28 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-07-20 19:26 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-07-20 19:26 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-07-20 17:03 - 2015-07-20 17:03 - 00000000 ____D C:\Users\Konrad\Downloads\the game 2015-07-19 13:57 - 2015-07-19 13:57 - 00000000 ____D C:\Users\Konrad\Downloads\the machinist 2015-07-18 23:41 - 2015-07-18 23:47 - 428110634 _____ C:\Users\Konrad\Downloads\Better Call Saul - S01E10. (wgrane napisy PL).avi 2015-07-18 19:21 - 2015-07-13 23:10 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-18 19:21 - 2015-07-13 23:10 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-18 13:26 - 2015-07-18 13:33 - 411742100 _____ C:\Users\Konrad\Downloads\Better Call Saul - S01E09. (wgrane napisy PL).avi 2015-07-17 23:36 - 2015-07-17 23:36 - 00001144 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-07-17 23:36 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-07-17 23:36 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-07-17 23:36 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-07-17 23:12 - 2015-07-17 23:12 - 00037114 _____ C:\Users\Konrad\Downloads\FRST.txt 2015-07-17 12:16 - 2015-07-17 12:16 - 00000931 _____ C:\Users\Public\Desktop\AIMP3.lnk 2015-07-17 12:16 - 2015-07-17 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 2015-07-16 23:31 - 2015-08-06 22:26 - 00000024 _____ C:\Users\Konrad\AppData\Roaming\appdataFr25.bin 2015-07-16 23:25 - 2015-07-16 23:25 - 01798288 _____ (Malwarebytes Corporation) C:\Users\Konrad\Downloads\JRT.exe 2015-07-16 21:40 - 2015-08-02 21:11 - 00000009 _____ C:\Users\Konrad\AppData\Roaming\update.dat 2015-07-16 21:40 - 2015-07-17 11:39 - 00000000 _RSHD C:\Users\Konrad\AppData\Roaming\taskmgr 2015-07-16 12:19 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-07-16 12:19 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-07-16 12:19 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-07-16 12:19 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-07-16 12:19 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-07-16 12:19 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-07-16 12:19 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-07-16 12:19 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-07-16 12:19 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-07-16 12:19 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-07-16 12:19 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-07-16 12:19 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-07-16 12:19 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-07-16 12:19 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-07-16 12:19 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-07-16 12:19 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-07-16 12:19 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-07-16 12:19 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-07-16 12:19 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-07-16 12:19 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-07-16 12:19 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-07-16 12:19 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-07-16 12:19 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-07-16 12:19 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-07-16 12:19 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-07-16 12:19 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-07-16 12:19 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-07-16 12:19 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-07-16 12:19 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-07-16 12:19 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-07-16 12:19 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-07-16 12:19 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-07-16 12:19 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2015-07-16 12:19 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-07-16 12:19 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-07-16 12:19 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-07-16 12:19 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2015-07-16 12:19 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-07-16 12:19 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-07-16 12:19 - 2014-10-29 06:03 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-07-16 12:19 - 2014-10-29 04:44 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2015-07-16 12:19 - 2014-10-29 04:22 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2015-07-16 12:19 - 2014-10-29 03:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2015-07-16 12:18 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-07-16 12:18 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-07-16 12:18 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-07-16 12:18 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-07-16 12:18 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-07-16 12:18 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-07-16 12:18 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-07-16 12:18 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-07-16 12:18 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-07-16 12:18 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-07-16 12:17 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-07-16 12:17 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-07-16 12:17 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-07-16 12:17 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-07-16 12:17 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-07-16 12:11 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-07-16 12:11 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-07-16 12:11 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-07-16 12:11 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-07-16 12:11 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-07-16 12:11 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-07-16 12:11 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2015-07-16 12:11 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-07-16 12:11 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-07-16 12:11 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-07-16 12:11 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-07-16 12:11 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-07-16 12:11 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-07-16 12:11 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-07-16 12:11 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-07-16 12:11 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-07-16 12:11 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-07-16 12:11 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-07-16 12:11 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-07-16 12:11 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-07-16 12:11 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-07-16 12:11 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-07-16 12:11 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2015-07-16 12:11 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-07-16 12:11 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-07-16 12:11 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-07-16 12:11 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-07-16 12:11 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-07-16 12:11 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-07-16 12:11 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-07-16 12:11 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-07-16 12:11 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-07-16 12:11 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-07-16 12:11 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-07-16 12:11 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-07-16 12:10 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-07-16 12:10 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2015-07-16 12:10 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-07-16 12:10 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-07-16 12:10 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys 2015-07-15 13:41 - 2015-08-06 22:46 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d03ff9d4f2713c.job 2015-07-15 13:41 - 2015-08-06 22:25 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-15 13:41 - 2015-07-15 13:41 - 00003808 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-15 13:40 - 2015-07-15 13:40 - 00931408 _____ (Google Inc.) C:\Users\Konrad\Downloads\ChromeSetup.exe 2015-07-13 22:06 - 2015-07-13 22:06 - 02248704 _____ C:\Users\Konrad\Downloads\AdwCleaner.exe 2015-07-11 21:14 - 2015-07-11 21:33 - 616324547 _____ C:\Users\Konrad\Downloads\Hatiary (FLAC) (24bit) (1).rar 2015-07-11 12:06 - 2015-07-11 12:08 - 111925434 _____ C:\Users\Konrad\Downloads\Hail_Mary_Mallon_-_Beastiary_(2014).rar 2015-07-10 23:12 - 2015-07-10 23:12 - 00365063 _____ C:\Users\Konrad\Downloads\South Park kijek prawdy spolszczenie.rar 2015-07-10 22:51 - 2015-07-11 15:16 - 00000000 ____D C:\Users\Konrad\Downloads\SOUTH PARK KIJEK PRAWDY 2015-07-10 15:10 - 2015-07-31 21:20 - 00000000 ____D C:\Users\Konrad\Downloads\mr robot 2015-07-10 11:43 - 2015-07-10 11:43 - 00000000 ____D C:\Users\Konrad\Downloads\sense8 2015-07-09 23:55 - 2015-07-09 23:55 - 00000000 ____D C:\Users\Konrad\Documents\NeocoreGames 2015-07-08 21:54 - 2015-07-08 21:54 - 00000221 _____ C:\Users\Konrad\Desktop\King Arthur - The Role-playing Wargame.url ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-06 23:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-08-06 22:51 - 2015-01-09 14:30 - 00000000 ____D C:\Users\Konrad\AppData\Roaming\ClassicShell 2015-08-06 22:47 - 2015-06-10 15:13 - 00005104 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for INWIGILATOR-Konrad Inwigilator 2015-08-06 22:35 - 2015-01-08 23:27 - 01583543 _____ C:\Windows\WindowsUpdate.log 2015-08-06 22:32 - 2015-01-10 20:28 - 00000000 ____D C:\AdwCleaner 2015-08-06 22:27 - 2015-01-09 09:19 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS 2015-08-06 20:09 - 2015-07-06 20:09 - 00000380 _____ C:\Windows\Tasks\SoundBoom.job 2015-08-06 20:01 - 2015-01-09 16:23 - 00000000 ____D C:\Users\Konrad\AppData\Roaming\AIMP3 2015-08-06 19:16 - 2015-01-09 13:37 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-06 17:04 - 2015-01-08 23:35 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1079949116-4080506166-1513378825-1001 2015-08-06 11:25 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-08-06 11:24 - 2015-01-08 23:29 - 00000000 ____D C:\Users\Konrad\AppData\Local\Packages 2015-08-06 11:17 - 2015-01-09 13:16 - 00000000 ____D C:\Users\Konrad\AppData\Local\Adobe 2015-08-05 22:06 - 2015-01-09 16:54 - 00000000 ____D C:\Program Files (x86)\Steam 2015-08-05 18:54 - 2015-01-15 16:02 - 00000000 ____D C:\ProgramData\Origin 2015-08-05 10:45 - 2015-01-08 23:37 - 00002221 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-08-04 20:25 - 2015-03-15 15:28 - 00000000 ____D C:\Users\Konrad\AppData\Local\LogMeIn Hamachi 2015-08-04 20:25 - 2015-02-28 02:04 - 00038143 _____ C:\Windows\setupact.log 2015-08-04 20:23 - 2015-01-08 23:45 - 00000000 ____D C:\ProgramData\NVIDIA 2015-08-04 20:23 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-04 20:23 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-08-04 15:39 - 2015-01-16 14:34 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner 2015-08-02 20:59 - 2015-02-25 14:13 - 00503972 _____ C:\Windows\DirectX.log 2015-08-02 12:13 - 2015-01-23 23:50 - 00373760 ___SH C:\Users\Konrad\Desktop\Thumbs.db 2015-08-01 12:43 - 2015-01-09 15:31 - 00000000 ____D C:\Users\Konrad\Desktop\Nowy folder (2) 2015-07-31 22:09 - 2015-01-09 13:36 - 00000000 ____D C:\Users\Konrad\AppData\Roaming\uTorrent 2015-07-30 16:22 - 2015-02-03 14:49 - 00000000 ____D C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-07-30 13:59 - 2015-06-23 14:14 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-30 13:50 - 2014-03-18 11:56 - 01825074 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-30 13:50 - 2014-03-18 11:28 - 00805918 _____ C:\Windows\system32\perfh015.dat 2015-07-30 13:50 - 2014-03-18 11:28 - 00163272 _____ C:\Windows\system32\perfc015.dat 2015-07-30 13:44 - 2015-02-28 02:03 - 00018256 _____ C:\Windows\PFRO.log 2015-07-30 00:32 - 2015-05-01 21:56 - 00000000 ____D C:\Games 2015-07-30 00:31 - 2015-01-31 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2015-07-30 00:11 - 2015-03-15 16:12 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-07-29 23:49 - 2015-01-09 13:17 - 00000000 ____D C:\ProgramData\Adobe 2015-07-29 22:50 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-07-29 22:18 - 2013-08-22 16:44 - 05069256 _____ C:\Windows\system32\FNTCACHE.DAT 2015-07-28 20:40 - 2015-06-20 10:46 - 00000000 ____D C:\Users\Konrad\Desktop\M14 2015-07-28 11:37 - 2015-01-15 16:02 - 00000000 ____D C:\Program Files (x86)\Origin 2015-07-26 11:27 - 2015-04-05 17:13 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-25 21:06 - 2015-01-09 11:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-07-22 22:30 - 2015-01-09 16:52 - 00000000 ____D C:\Users\Konrad\AppData\Local\Battle.net 2015-07-22 22:06 - 2015-01-09 13:54 - 00000000 __SHD C:\Users\Konrad\AppData\Local\EmieBrowserModeList 2015-07-22 22:06 - 2015-01-08 23:36 - 00000000 __SHD C:\Users\Konrad\AppData\Local\EmieUserList 2015-07-22 22:06 - 2015-01-08 23:36 - 00000000 __SHD C:\Users\Konrad\AppData\Local\EmieSiteList 2015-07-22 21:20 - 2015-01-10 16:36 - 00000000 ____D C:\Users\Konrad\AppData\Roaming\Skype 2015-07-21 00:26 - 2015-02-25 14:02 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2015-07-20 19:27 - 2015-01-08 23:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-07-19 23:00 - 2015-01-23 21:16 - 00000000 ____D C:\Users\Konrad\Documents\FIFA 15 2015-07-19 14:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2015-07-17 23:36 - 2015-06-23 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-07-17 23:36 - 2015-06-23 14:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-07-17 23:33 - 2015-01-23 20:57 - 00000000 ____D C:\Users\Konrad\AppData\Roaming\.minecraft 2015-07-17 12:16 - 2015-01-09 16:23 - 00000000 ____D C:\Program Files (x86)\AIMP3 2015-07-16 21:43 - 2015-01-16 15:22 - 00000000 ____D C:\Users\Konrad\Documents\My Games 2015-07-16 21:40 - 2015-01-16 15:22 - 00000000 ____D C:\ProgramData\Codemasters 2015-07-16 21:32 - 2015-01-15 16:50 - 00000000 ____D C:\ProgramData\Package Cache 2015-07-16 13:09 - 2015-02-23 20:07 - 00000000 ____D C:\Program Files (x86)\World of Warcraft 2015-07-16 12:45 - 2015-01-23 15:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-07-16 12:45 - 2015-01-23 15:27 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-07-16 12:42 - 2015-04-15 22:24 - 00000000 ____D C:\Windows\system32\appraiser 2015-07-16 12:42 - 2014-07-09 17:33 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-07-16 12:40 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini 2015-07-16 12:39 - 2015-01-09 09:51 - 00000000 ____D C:\Windows\system32\MRT 2015-07-16 12:29 - 2015-04-05 17:13 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-15 13:41 - 2015-02-03 23:39 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d03ff9d4f2713c 2015-07-14 21:06 - 2015-01-08 23:45 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-07-14 21:05 - 2015-01-08 23:45 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-07-14 12:14 - 2015-06-28 13:23 - 00000000 ____D C:\Users\Konrad\Documents\The Witcher 3 2015-07-12 00:57 - 2015-01-08 23:29 - 00000000 ____D C:\Users\Konrad 2015-07-09 20:03 - 2015-01-10 21:35 - 00000000 ____D C:\Users\Konrad\Downloads\South Park 2015-07-09 15:29 - 2015-01-09 16:53 - 00000000 ____D C:\Program Files (x86)\StarCraft II 2015-07-09 15:28 - 2015-01-09 16:52 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-07-08 11:41 - 2015-01-23 21:03 - 00001179 _____ C:\Users\Public\Desktop\FIFA 15.lnk 2015-07-08 11:37 - 2015-01-15 16:04 - 00000000 ____D C:\Users\Konrad\AppData\Roaming\Origin ==================== Files in the root of some directories ======= 2015-07-16 23:31 - 2015-08-06 22:26 - 0000024 _____ () C:\Users\Konrad\AppData\Roaming\appdataFr25.bin 2015-07-16 21:40 - 2015-08-02 21:11 - 0000009 _____ () C:\Users\Konrad\AppData\Roaming\update.dat 2015-01-09 11:20 - 2015-01-16 00:16 - 0007597 _____ () C:\Users\Konrad\AppData\Local\resmon.resmoncfg 2015-04-29 10:08 - 2015-04-29 11:33 - 0000080 _____ () C:\Users\Konrad\AppData\Local\X-Plane Installer.prf 2015-04-29 11:33 - 2015-04-29 17:58 - 0000073 _____ () C:\Users\Konrad\AppData\Local\X-Plane_drm.prf 2015-04-29 08:48 - 2015-04-29 08:48 - 0000016 _____ () C:\Users\Konrad\AppData\Local\x-plane_install_10.txt Some files in TEMP: ==================== C:\Users\Konrad\AppData\Local\Temp\AxSFADownloader.exe C:\Users\Konrad\AppData\Local\Temp\drm_dialogs.dll C:\Users\Konrad\AppData\Local\Temp\drm_dyndata_7330004.dll C:\Users\Konrad\AppData\Local\Temp\drm_dyndata_7370014.dll C:\Users\Konrad\AppData\Local\Temp\Installer_Windows.exe C:\Users\Konrad\AppData\Local\Temp\MSETUP4.EXE C:\Users\Konrad\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Konrad\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Konrad\AppData\Local\Temp\nvStInst.exe C:\Users\Konrad\AppData\Local\Temp\sevensetup.exe C:\Users\Konrad\AppData\Local\Temp\SkypeSetup.exe C:\Users\Konrad\AppData\Local\Temp\SRLDetectionLibrary1816777939739358325.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-29 19:56 ==================== End of log ============================