Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015 Ran by Dominik (administrator) on THOMAS-PC (10-08-2015 23:44:50) Running from C:\Users\Dominik\Downloads Loaded Profiles: Dominik (Available Profiles: Dominik & .NET v4.5 & .NET v4.5 Classic) Platform: Windows 8 Pro (X64) Language: Polski (Polska) Internet Explorer Version 10 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (HP) C:\Windows\System32\HPSIsvc.exe () C:\Windows\SysWOW64\srvany.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe () C:\Windows\KMService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (TermCoach) C:\Program Files (x86)\TermCoach_1.10.0.21\Service\tcsvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Program Files (x86)\Thermaltake Ttesports Saphira Gaming\SaphiraSystray.exe (Chicony) C:\Program Files (x86)\Thermaltake Ttesports Saphira Gaming\tTOSD201101.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\SB5.1 VX\Surround Mixer\CTSysVol.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13370472 2011-11-18] (Realtek Semiconductor) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-10] (AVAST Software) HKLM-x32\...\Run: [SaphiraGamingMSU1106] => C:\Program Files (x86)\Thermaltake Ttesports Saphira Gaming\SaphiraSystray.exe [1232384 2011-12-21] () HKLM-x32\...\Run: [SaphiraGamingOSD] => C:\Program Files (x86)\Thermaltake Ttesports Saphira Gaming\tTOSD201101.exe [638976 2012-01-19] (Chicony) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [CTSysVol] => C:\Program Files (x86)\Creative\SB5.1 VX\Surround Mixer\CTSysVol.exe [57344 2005-10-31] (Creative Technology Ltd) HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry HKLM-x32\...\Run: [mbot_pl_014010028] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-07-12] (SteelSeries ApS) HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [uTorrent] => C:\Users\Dominik\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-25] (BitTorrent Inc.) HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [Spotify Web Helper] => C:\Users\Dominik\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-27] (Spotify Ltd) HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [Unified Remote v2] => C:\Program Files (x86)\Unified Remote\RemoteServer.exe [333008 2014-07-17] (Unified Intents AB) HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [LightShot] => C:\Users\Dominik\AppData\Local\Skillbrains\lightshot\Lightshot.exe HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-02-01] (Electronic Arts) HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG) HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [456576 2015-06-10] (Sony) HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd) HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [BitTorrent] => C:\Users\Dominik\AppData\Roaming\BitTorrent\BitTorrent.exe [1695080 2015-07-23] (BitTorrent Inc.) HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [f.lux] => C:\Users\Dominik\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-3694247235-714563267-2262226866-1001\...\Run: [Spotify] => C:\Users\Dominik\AppData\Roaming\Spotify\spotify.exe [7574584 2015-07-27] (Spotify Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2014-03-11] ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-10] (AVAST Software) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-3694247235-714563267-2262226866-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3694247235-714563267-2262226866-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll No File BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-06] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-10] (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-06] (Oracle Corporation) BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll No File BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-06] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-10] (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-06] (Oracle Corporation) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - "C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll" No File Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.) Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll No File Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.) DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{6F167B6B-29E1-4BEB-98F4-031A66EBA6FA}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{B3B0E631-4F76-49C5-A4B9-0B5D6A6AE917}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{BC108BE2-6B8A-4F90-B7C0-72390509D72D}: [DhcpNameServer] 7.254.254.254 FireFox: ======== FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\7w7w9xgx.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] () FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-06] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-06] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] () FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-06] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-06] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File] FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File] FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin HKU\S-1-5-21-3694247235-714563267-2262226866-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-3694247235-714563267-2262226866-1001: @talk.google.com/O1DPlugin -> C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-3694247235-714563267-2262226866-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Dominik\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin HKU\S-1-5-21-3694247235-714563267-2262226866-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Dominik\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin HKU\S-1-5-21-3694247235-714563267-2262226866-1001: ubisoft.com/uplaypc -> A:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll No File FF Plugin HKU\S-1-5-21-3694247235-714563267-2262226866-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin ProgramFiles/Appdata: C:\Users\Dominik\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Dominik\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Dominik\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Extension: Adblock Plus - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\7w7w9xgx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-07] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-27] Chrome: ======= CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-06] CHR Extension: (Simple red theme) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ealcinkolodcnkokioepdoheohkffejc [2015-07-14] CHR Extension: (Avast SafePrice) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-04-09] CHR Extension: (Chrome Web Store Payments) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-03] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-20] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-10] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-20] (Avast Software) R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation) R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-12-10] () [File not signed] R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-21] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-02-13] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2015-02-13] () R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-03-28] (Stardock Software, Inc) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 tcsvc_1.10.0.21; C:\Program Files (x86)\TermCoach_1.10.0.21\Service\tcsvc.exe [300120 2015-07-28] (TermCoach) S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation) R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.) S2 Stereo Service; "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-10] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-10] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-10] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-10] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-08-10] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-10] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-10] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-10] (AVAST Software) S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-09-19] (Disc Soft Ltd) S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-08-29] (Sony Mobile Communications) R3 mlkumidi; C:\Windows\system32\drivers\mlkumidi.sys [57408 2012-08-29] (MusicLab, Inc.) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.) R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-10] (AVAST Software) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation) S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-11-21] (Razer, Inc.) S0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-11-21] (Razer, Inc.) R3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-06-25] (SteelSeries Corporation) R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) R1 tcfd_vw_1_10_0_21; C:\Windows\System32\drivers\tcfd_vw_1_10_0_21.sys [57728 2015-07-28] (TermCoach) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-20] (Avast Software) S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-10 23:44 - 2015-08-10 23:46 - 00025714 _____ C:\Users\Dominik\Downloads\FRST.txt 2015-08-10 23:43 - 2015-08-10 23:45 - 00000000 ____D C:\FRST 2015-08-10 23:42 - 2015-08-10 23:42 - 02171392 _____ (Farbar) C:\Users\Dominik\Downloads\FRST64.exe 2015-08-10 23:41 - 2015-08-10 23:41 - 02171392 _____ (Farbar) C:\Users\Dominik\Downloads\FRST64.exe.part 2015-08-10 22:42 - 2015-08-10 22:42 - 00380416 _____ C:\Users\Dominik\Downloads\v4gx5idq.exe 2015-08-10 22:38 - 2015-08-10 22:41 - 00602112 _____ (OldTimer Tools) C:\Users\Dominik\Downloads\OTL.exe 2015-08-10 22:26 - 2015-08-10 22:26 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-08-10 22:26 - 2015-08-10 22:26 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-08-10 20:14 - 2015-08-10 20:18 - 00000000 ___HD C:\$Windows.~BT 2015-08-10 19:18 - 2015-08-10 20:28 - 38594258 _____ C:\Users\Dominik\Desktop\fajnaokladeczka.psd 2015-08-10 19:00 - 2015-08-10 19:00 - 00000000 ___HD C:\$Windows.~WS 2015-08-10 18:17 - 2015-08-10 19:52 - 00000000 __SHD C:\Recovery 2015-08-10 16:41 - 2015-08-10 17:03 - 16933124 _____ C:\Users\Dominik\Desktop\324234n4n.psd 2015-08-10 15:44 - 2015-08-10 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock 2015-08-10 15:44 - 2015-08-10 15:44 - 00000000 ____D C:\Users\Public\Documents\Stardock 2015-08-10 15:44 - 2015-08-10 15:44 - 00000000 ____D C:\Program Files (x86)\Stardock 2015-08-10 15:34 - 2015-08-10 15:34 - 10924920 _____ C:\Users\Dominik\Downloads\Start8_setup_sd.exe 2015-08-10 15:34 - 2015-08-10 15:34 - 00000000 ____D C:\Users\Dominik\Downloads\Stardock 2015-08-10 15:34 - 2015-08-10 15:34 - 00000000 ____D C:\Users\Dominik\AppData\Local\Stardock 2015-08-10 15:22 - 2015-08-10 15:23 - 03686324 _____ C:\Users\Dominik\Downloads\Start8-setup-painter.rar 2015-08-10 15:16 - 2015-08-10 15:16 - 03679514 _____ C:\Users\Dominik\Downloads\Stardock Start8 1.40.1 (FULL Precracked).zip 2015-08-07 21:28 - 2015-08-07 21:59 - 00000000 ____D C:\ComboFix 2015-08-07 21:27 - 2015-08-07 21:28 - 00000000 ____D C:\Qoobox 2015-08-07 21:21 - 2015-08-07 21:24 - 05634244 ____R (Swearware) C:\Users\Dominik\Downloads\ComboFix.exe 2015-08-07 20:42 - 2015-08-10 19:11 - 00000000 ____D C:\Users\Dominik\Desktop\Dre 2015-08-07 20:39 - 2015-08-07 20:42 - 132168892 _____ C:\Users\Dominik\Downloads\kFFs-9+Z}`+FbT^X.rar 2015-08-07 19:05 - 2015-08-07 19:05 - 00000029 _____ C:\Users\Dominik\Desktop\Nowy dokument tekstowy.txt 2015-08-06 21:47 - 2015-08-06 21:47 - 06859730 _____ C:\Users\Dominik\Downloads\taskfree_setup.zip 2015-08-06 21:19 - 2015-08-06 21:19 - 19648448 _____ (Microsoft Corporation) C:\Users\Dominik\Downloads\MediaCreationToolx64 (1).exe 2015-08-06 21:13 - 2015-08-10 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune 2015-08-06 21:13 - 2015-08-06 21:13 - 00000000 ____D C:\Program Files (x86)\HD Tune 2015-08-06 21:10 - 2015-08-06 21:10 - 00000117 _____ C:\Windows\system32\netcfg-113500.txt 2015-08-06 21:10 - 2015-08-06 21:10 - 00000117 _____ C:\Windows\system32\netcfg-113437.txt 2015-08-06 21:10 - 2015-08-06 21:10 - 00000117 _____ C:\Windows\system32\netcfg-112296.txt 2015-08-06 21:06 - 2015-08-06 21:06 - 00000000 ____D C:\Program Files (x86)\TermCoach_1.10.0.21 2015-08-06 21:05 - 2015-08-06 21:06 - 00000000 ____D C:\ProgramData\rWinManPror 2015-08-06 21:03 - 2015-08-06 21:02 - 00642632 _____ (EFD Software ) C:\Users\Dominik\Downloads\hdtune_255.exe 2015-08-06 21:00 - 2015-08-10 16:15 - 00000000 ____D C:\AdwCleaner 2015-08-06 21:00 - 2015-08-06 21:00 - 00842424 _____ (Application ) C:\Users\Dominik\Downloads\HD-Tune-12177-dp.exe 2015-08-06 20:57 - 2015-08-06 20:58 - 02248704 _____ C:\Users\Dominik\Downloads\AdwCleaner.exe 2015-08-06 20:18 - 2015-08-06 20:18 - 00000117 _____ C:\Windows\system32\netcfg-261068359.txt 2015-08-06 20:18 - 2015-08-06 20:18 - 00000117 _____ C:\Windows\system32\netcfg-261067578.txt 2015-08-05 00:22 - 2015-08-05 00:22 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\NVIDIA 2015-08-03 18:00 - 2015-08-03 18:02 - 00000000 _____ C:\Recovery.txt 2015-08-01 01:19 - 2015-08-01 01:19 - 00000117 _____ C:\Windows\system32\netcfg-1215703.txt 2015-08-01 01:19 - 2015-08-01 01:19 - 00000117 _____ C:\Windows\system32\netcfg-1214765.txt 2015-08-01 01:15 - 2015-07-24 06:21 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-08-01 01:15 - 2015-07-24 06:21 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-08-01 01:15 - 2015-07-24 06:21 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-08-01 01:15 - 2015-07-24 06:21 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-08-01 01:12 - 2015-07-25 01:28 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2015-08-01 01:12 - 2015-07-25 01:28 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 42730128 _____ C:\Windows\system32\nvcompiler.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 30487880 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 22950544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 16151688 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 14503880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 13268712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 11836680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 11055248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-08-01 01:12 - 2015-07-23 06:06 - 02933576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 02600592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 01101856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 01061008 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 01053000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 00983368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 00976528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 00940104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-08-01 01:12 - 2015-07-23 06:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-08-01 01:12 - 2015-07-03 06:28 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-08-01 01:12 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-08-01 01:12 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-08-01 01:08 - 2015-08-01 01:08 - 00000000 ____D C:\NVIDIA 2015-08-01 01:03 - 2015-08-01 01:05 - 292456168 _____ (NVIDIA Corporation) C:\Users\Dominik\Downloads\353.62-desktop-win8-win7-winvista-64bit-international-whql.exe 2015-08-01 00:58 - 2015-08-01 02:22 - 00000000 ____D C:\ProgramData\NVIDIA 2015-08-01 00:56 - 2015-08-01 02:40 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-08-01 00:56 - 2015-08-01 02:40 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-08-01 00:56 - 2015-07-23 03:31 - 06873744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-08-01 00:56 - 2015-07-23 03:31 - 03493008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-08-01 00:56 - 2015-07-23 03:31 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-08-01 00:56 - 2015-07-23 03:31 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-08-01 00:56 - 2015-07-23 03:31 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-08-01 00:56 - 2015-07-23 03:31 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-08-01 00:56 - 2015-07-20 16:16 - 05121613 _____ C:\Windows\system32\nvcoproc.bin 2015-08-01 00:52 - 2015-08-01 00:52 - 00000117 _____ C:\Windows\system32\netcfg-100734.txt 2015-07-31 22:52 - 2015-07-31 22:52 - 00000117 _____ C:\Windows\system32\netcfg-884703.txt 2015-07-31 22:52 - 2015-07-31 22:52 - 00000117 _____ C:\Windows\system32\netcfg-877625.txt 2015-07-31 22:36 - 2015-08-01 01:23 - 00000000 ____D C:\Users\Dominik\AppData\Local\NVIDIA 2015-07-31 22:31 - 2015-08-10 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-07-31 22:26 - 2015-07-31 22:26 - 00000117 _____ C:\Windows\system32\netcfg-405968.txt 2015-07-31 22:26 - 2015-07-31 22:26 - 00000117 _____ C:\Windows\system32\netcfg-363218.txt 2015-07-31 22:22 - 2015-07-31 22:22 - 00000117 _____ C:\Windows\system32\netcfg-150468.txt 2015-07-31 22:17 - 2015-07-31 22:17 - 348807331 _____ C:\Windows\MEMORY.DMP 2015-07-31 22:17 - 2015-07-31 22:17 - 00285128 _____ C:\Windows\Minidump\073115-22875-01.dmp 2015-07-31 21:00 - 2015-07-31 21:03 - 294933088 _____ (NVIDIA Corporation) C:\Users\Dominik\Downloads\353.62-desktop-win10-64bit-international-whql.exe 2015-07-31 19:56 - 2015-07-31 19:56 - 00000000 ____D C:\Intel 2015-07-31 14:33 - 2015-07-31 14:33 - 00008192 _____ C:\Windows\system32\config\userdiff 2015-07-31 13:19 - 2015-08-10 17:24 - 00002848 _____ C:\Windows\DtcInstall.log 2015-07-31 13:17 - 2015-08-10 18:15 - 00026499 _____ C:\Windows\comsetup.log 2015-07-31 12:05 - 2015-07-31 12:05 - 02721168 _____ (Microsoft Corporation) C:\Users\Dominik\Downloads\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe 2015-07-31 12:03 - 2015-07-31 12:04 - 37293041 _____ C:\Users\Dominik\Downloads\Novicorp WinToFlash Lite [The Bootable USB Creator] 1.0.0000 Portable.zip 2015-07-31 11:57 - 2015-07-31 11:57 - 00000117 _____ C:\Windows\system32\netcfg-393182687.txt 2015-07-31 11:57 - 2015-07-31 11:57 - 00000117 _____ C:\Windows\system32\netcfg-393181687.txt 2015-07-31 02:50 - 2015-08-10 20:18 - 00001908 _____ C:\Windows\diagwrn.xml 2015-07-31 02:50 - 2015-08-10 20:18 - 00001908 _____ C:\Windows\diagerr.xml 2015-07-31 02:41 - 2015-07-31 02:48 - 3263954944 _____ C:\Users\Dominik\Documents\Windows.iso 2015-07-31 01:28 - 2015-07-31 01:28 - 19646888 _____ (Microsoft Corporation) C:\Users\Dominik\Downloads\MediaCreationToolx64.exe 2015-07-31 01:16 - 2015-07-31 01:16 - 00015174 _____ C:\Users\Dominik\Downloads\[agusiq-torrents.pl] - Agentka - Spy -2015- [BLURRED] [HDRip] [XViD-J25] [Napisy PL] [AgusiQ].torrent 2015-07-31 01:15 - 2015-07-31 01:15 - 00015695 _____ C:\Users\Dominik\Downloads\F9F523EF6FE4DA94C1D8F20A39243FF43445A1C3.torrent 2015-07-31 01:06 - 2015-07-31 01:06 - 00033000 _____ C:\Users\Dominik\Downloads\Self less 2015 (2).torrent 2015-07-31 01:06 - 2015-07-31 01:06 - 00033000 _____ C:\Users\Dominik\Downloads\Self less 2015 (1).torrent 2015-07-31 01:05 - 2015-07-31 01:05 - 00033000 _____ C:\Users\Dominik\Downloads\Self less 2015.torrent 2015-07-30 16:25 - 2015-07-30 16:27 - 63426916 _____ C:\Users\Dominik\Downloads\PALM TREES ヤシの木 EP.rar 2015-07-30 16:14 - 2014-05-20 04:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-07-30 16:14 - 2014-05-20 01:45 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-07-30 16:14 - 2014-05-20 01:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-07-30 16:14 - 2014-05-20 01:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-07-30 16:14 - 2014-05-20 01:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-07-30 16:14 - 2014-05-20 01:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-07-30 16:14 - 2014-05-20 01:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-07-30 16:14 - 2014-05-20 01:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2015-07-30 16:14 - 2014-05-20 01:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-07-30 16:14 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-07-30 16:14 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-07-30 16:14 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-07-30 16:14 - 2012-11-06 06:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll 2015-07-30 16:14 - 2012-11-06 06:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wushareduxresources.dll 2015-07-30 16:13 - 2014-05-15 00:43 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-07-30 16:13 - 2014-05-15 00:43 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-07-30 16:13 - 2014-05-15 00:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-07-30 16:13 - 2014-05-15 00:42 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-07-30 16:12 - 2015-07-30 16:12 - 00000117 _____ C:\Windows\system32\netcfg-322092921.txt 2015-07-30 16:12 - 2015-07-30 16:12 - 00000117 _____ C:\Windows\system32\netcfg-322091812.txt 2015-07-28 23:43 - 2015-07-28 23:43 - 00061312 _____ (TermCoach) C:\Windows\system32\Drivers\tcfd_vt_1_10_0_21.sys 2015-07-28 23:43 - 2015-07-28 23:43 - 00057728 _____ (TermCoach) C:\Windows\system32\Drivers\tcfd_vw_1_10_0_21.sys 2015-07-28 22:14 - 2015-07-28 22:14 - 00000117 _____ C:\Windows\system32\netcfg-171009328.txt 2015-07-28 22:14 - 2015-07-28 22:14 - 00000117 _____ C:\Windows\system32\netcfg-171007468.txt 2015-07-28 14:20 - 2015-07-28 14:20 - 00000117 _____ C:\Windows\system32\netcfg-142583609.txt 2015-07-28 14:20 - 2015-07-28 14:20 - 00000117 _____ C:\Windows\system32\netcfg-142582484.txt 2015-07-27 11:03 - 2015-07-27 11:03 - 00000117 _____ C:\Windows\system32\netcfg-44329281.txt 2015-07-27 11:03 - 2015-07-27 11:03 - 00000117 _____ C:\Windows\system32\netcfg-44328421.txt 2015-07-26 22:11 - 2015-07-26 22:11 - 00000117 _____ C:\Windows\system32\netcfg-111816187.txt 2015-07-26 22:10 - 2015-07-26 22:11 - 00000117 _____ C:\Windows\system32\netcfg-111814453.txt 2015-07-25 14:32 - 2015-07-25 14:32 - 00000117 _____ C:\Windows\system32\netcfg-401664390.txt 2015-07-25 14:32 - 2015-07-25 14:32 - 00000117 _____ C:\Windows\system32\netcfg-401662703.txt 2015-07-24 23:00 - 2015-07-24 23:00 - 00000117 _____ C:\Windows\system32\netcfg-345775328.txt 2015-07-24 23:00 - 2015-07-24 23:00 - 00000117 _____ C:\Windows\system32\netcfg-345774625.txt 2015-07-24 11:50 - 2015-07-24 11:50 - 00000117 _____ C:\Windows\system32\netcfg-305550875.txt 2015-07-24 11:50 - 2015-07-24 11:50 - 00000117 _____ C:\Windows\system32\netcfg-305549968.txt 2015-07-24 02:23 - 2015-07-24 02:23 - 00087117 _____ C:\Users\Dominik\Downloads\112_super_awesome_icons-free_icons.zip 2015-07-24 02:18 - 2015-07-24 02:18 - 00000117 _____ C:\Windows\system32\netcfg-271272046.txt 2015-07-24 02:17 - 2015-07-24 02:17 - 00000117 _____ C:\Windows\system32\netcfg-271222421.txt 2015-07-24 01:10 - 2015-07-24 01:10 - 00000000 ____D C:\Users\Dominik\Downloads\yt 2015-07-23 23:43 - 2015-07-24 00:07 - 142884909 _____ C:\Users\Dominik\Downloads\Kuban-Co_Za_Mixtape-Bootleg-PL-2014.rar 2015-07-23 15:23 - 2015-07-23 15:23 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Shooter 2015-07-23 13:54 - 2015-07-23 13:55 - 00018549 _____ C:\Windows\DirectX.log 2015-07-23 12:45 - 2015-07-23 12:45 - 00000000 ____D C:\Users\Dominik\AppData\Local\CEF 2015-07-23 12:04 - 2015-07-23 12:04 - 00000117 _____ C:\Windows\system32\netcfg-220046203.txt 2015-07-23 12:04 - 2015-07-23 12:04 - 00000117 _____ C:\Windows\system32\netcfg-220045062.txt 2015-07-22 23:57 - 2015-07-22 23:57 - 00540563 _____ C:\Users\Dominik\Downloads\Blood-stains-vector--graphics.zip 2015-07-22 23:23 - 2015-07-22 23:23 - 00006580 _____ C:\Users\Dominik\Downloads\blacklisted.zip 2015-07-22 18:34 - 2015-07-22 18:34 - 00000117 _____ C:\Windows\system32\netcfg-157043500.txt 2015-07-22 18:34 - 2015-07-22 18:34 - 00000117 _____ C:\Windows\system32\netcfg-157042812.txt 2015-07-21 20:09 - 2015-07-21 20:09 - 00000117 _____ C:\Windows\system32\netcfg-76327453.txt 2015-07-21 20:09 - 2015-07-21 20:09 - 00000117 _____ C:\Windows\system32\netcfg-76326015.txt 2015-07-21 10:22 - 2015-07-21 10:22 - 00000117 _____ C:\Windows\system32\netcfg-41098984.txt 2015-07-21 10:22 - 2015-07-21 10:22 - 00000117 _____ C:\Windows\system32\netcfg-41097562.txt 2015-07-21 01:00 - 2015-07-21 01:00 - 36238952 _____ C:\Users\Dominik\Downloads\torbrowser-install-4.5.3_pl.exe 2015-07-20 22:43 - 2015-08-10 22:26 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys 2015-07-20 22:33 - 2015-07-20 22:33 - 00000117 _____ C:\Windows\system32\netcfg-385893609.txt 2015-07-20 22:33 - 2015-07-20 22:33 - 00000117 _____ C:\Windows\system32\netcfg-385891203.txt 2015-07-20 22:31 - 2015-07-20 22:31 - 00000117 _____ C:\Windows\system32\netcfg-385782640.txt 2015-07-20 22:31 - 2015-07-20 22:31 - 00000117 _____ C:\Windows\system32\netcfg-385780156.txt 2015-07-20 11:19 - 2015-07-20 11:19 - 00000117 _____ C:\Windows\system32\netcfg-345469531.txt 2015-07-20 11:19 - 2015-07-20 11:19 - 00000117 _____ C:\Windows\system32\netcfg-345467875.txt 2015-07-19 18:55 - 2015-07-19 18:55 - 00000117 _____ C:\Windows\system32\netcfg-286452765.txt 2015-07-19 18:55 - 2015-07-19 18:55 - 00000117 _____ C:\Windows\system32\netcfg-286450828.txt 2015-07-17 23:31 - 2015-07-17 23:31 - 00000117 _____ C:\Windows\system32\netcfg-130224609.txt 2015-07-17 23:31 - 2015-07-17 23:31 - 00000117 _____ C:\Windows\system32\netcfg-130222890.txt 2015-07-17 19:24 - 2015-07-17 19:53 - 89419267 _____ C:\Users\Dominik\Downloads\-abson - NieKumam (2015).rar 2015-07-17 16:06 - 2015-07-17 16:06 - 00000000 ____D C:\Users\Dominik\Documents\Tunngle 2015-07-16 12:55 - 2015-07-16 12:55 - 00126190 _____ C:\Users\Dominik\Downloads\alhambra.zip 2015-07-16 12:54 - 2015-07-16 12:54 - 00017278 _____ C:\Users\Dominik\Downloads\bebas.zip 2015-07-16 11:25 - 2015-07-16 11:25 - 00000197 _____ C:\Windows\system32\2015-07-16-09-25-27.035-AvastVBoxSVC.exe-3948.log 2015-07-16 00:44 - 2015-08-10 19:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom 2015-07-16 00:42 - 2015-07-16 00:42 - 40103880 _____ C:\Users\Dominik\Downloads\pentablet_5.3.5-3.exe 2015-07-15 22:51 - 2015-07-15 22:51 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\MK10 2015-07-15 22:47 - 2015-07-15 22:47 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Mortal Kombat X 2015-07-15 22:47 - 2015-07-15 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2015-07-15 21:43 - 2015-07-15 21:43 - 00000000 ____D C:\Users\Dominik\AppData\Local\Kholat 2015-07-15 21:11 - 2015-08-10 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kholat 2015-07-15 16:54 - 2015-07-15 16:54 - 00000280 _____ C:\Windows\system32\2015-07-15-14-54-24.089-aswFe.exe-3840.log 2015-07-15 16:30 - 2015-07-15 16:30 - 00000197 _____ C:\Windows\system32\2015-07-15-14-30-15.087-AvastVBoxSVC.exe-6284.log 2015-07-15 16:14 - 2015-07-15 16:14 - 00000117 _____ C:\Windows\system32\netcfg-96798656.txt 2015-07-15 16:14 - 2015-07-15 16:14 - 00000117 _____ C:\Windows\system32\netcfg-96794406.txt 2015-07-14 17:49 - 2015-07-14 17:49 - 00000000 ____D C:\Users\Dominik\AppData\Local\WMTools Downloaded Files 2015-07-14 15:35 - 2015-07-14 15:35 - 00000283 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kosz.lnk 2015-07-14 13:26 - 2015-07-14 13:27 - 00000197 _____ C:\Windows\system32\2015-07-14-11-26-04.088-AvastVBoxSVC.exe-4340.log 2015-07-14 12:52 - 2015-07-14 12:52 - 00000117 _____ C:\Windows\system32\netcfg-166569156.txt 2015-07-14 12:52 - 2015-07-14 12:52 - 00000117 _____ C:\Windows\system32\netcfg-166566906.txt 2015-07-13 16:13 - 2015-07-13 16:13 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\MMFApplications 2015-07-13 11:13 - 2015-07-13 11:13 - 00000117 _____ C:\Windows\system32\netcfg-74266875.txt 2015-07-13 11:13 - 2015-07-13 11:13 - 00000117 _____ C:\Windows\system32\netcfg-74266765.txt 2015-07-12 14:55 - 2015-08-10 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antares Audio Technologies 2015-07-12 14:55 - 2015-07-12 14:55 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Antares 2015-07-12 14:55 - 2015-07-12 14:55 - 00000000 ____D C:\Program Files (x86)\Antares Audio Technologies 2015-07-12 14:55 - 2003-03-18 20:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2015-07-12 14:37 - 2015-07-12 14:37 - 00000197 _____ C:\Windows\system32\2015-07-12-12-37-15.027-AvastVBoxSVC.exe-3820.log 2015-07-12 14:35 - 2015-07-12 14:35 - 00000000 ____D C:\Program Files (x86)\InterLok 2015-07-12 14:25 - 2015-07-15 16:52 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Opera Software 2015-07-12 14:25 - 2015-07-15 16:52 - 00000000 ____D C:\Users\Dominik\AppData\Local\Opera Software 2015-07-12 14:24 - 2015-07-15 16:52 - 00000000 ____D C:\Program Files (x86)\Opera 2015-07-12 14:20 - 2015-07-12 14:20 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\PACE Anti-Piracy 2015-07-12 14:20 - 2015-07-12 14:20 - 00000000 ____D C:\Users\Dominik\AppData\Local\PACE Anti-Piracy 2015-07-12 14:20 - 2015-07-12 14:20 - 00000000 ____D C:\ProgramData\PACE Anti-Piracy 2015-07-12 14:18 - 2015-07-12 14:18 - 00000197 _____ C:\Windows\system32\2015-07-12-12-18-33.028-AvastVBoxSVC.exe-5908.log 2015-07-12 14:06 - 2015-07-12 14:06 - 00000000 ____D C:\ProgramData\PACE 2015-07-12 13:09 - 2015-07-12 13:09 - 00000197 _____ C:\Windows\system32\2015-07-12-11-09-19.082-AvastVBoxSVC.exe-4708.log 2015-07-11 22:35 - 2015-07-11 22:35 - 00000117 _____ C:\Windows\system32\netcfg-1040728843.txt 2015-07-11 22:35 - 2015-07-11 22:35 - 00000117 _____ C:\Windows\system32\netcfg-1040727328.txt 2015-07-11 11:34 - 2015-07-11 11:34 - 00000117 _____ C:\Windows\system32\netcfg-1001073687.txt 2015-07-11 11:34 - 2015-07-11 11:34 - 00000117 _____ C:\Windows\system32\netcfg-1001071171.txt 2015-07-11 11:34 - 2015-07-11 11:34 - 00000117 _____ C:\Windows\system32\netcfg-1001057968.txt 2015-07-11 11:34 - 2015-07-11 11:34 - 00000117 _____ C:\Windows\system32\netcfg-1001055046.txt ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-11 00:24 - 2013-09-19 18:56 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-11 00:04 - 2013-09-21 12:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-08-10 23:58 - 2015-05-25 19:45 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3694247235-714563267-2262226866-1001UA.job 2015-08-10 23:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru 2015-08-10 22:33 - 2015-05-07 23:21 - 01783580 _____ C:\Windows\WindowsUpdate.log 2015-08-10 22:30 - 2013-09-20 20:45 - 15881728 ___SH C:\Users\Dominik\Desktop\Thumbs.db 2015-08-10 22:29 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-10 22:28 - 2015-06-22 22:13 - 00040478 _____ C:\Windows\PFRO.log 2015-08-10 22:28 - 2014-03-03 21:37 - 00008652 _____ C:\Windows\mlkumidi.log 2015-08-10 22:26 - 2014-11-27 21:08 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2015-08-10 22:26 - 2014-11-27 21:08 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2015-08-10 22:26 - 2014-11-27 21:08 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-08-10 22:26 - 2014-11-27 21:08 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-08-10 22:26 - 2014-11-27 21:08 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2015-08-10 22:26 - 2014-01-11 22:30 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-08-10 22:26 - 2013-11-21 22:31 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2015-08-10 22:26 - 2013-11-21 22:31 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2015-08-10 22:13 - 2015-05-25 19:45 - 00001034 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3694247235-714563267-2262226866-1001Core.job 2015-08-10 22:11 - 2015-05-25 19:45 - 00003328 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3694247235-714563267-2262226866-1001UA 2015-08-10 22:11 - 2015-05-25 19:45 - 00002948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3694247235-714563267-2262226866-1001Core 2015-08-10 22:11 - 2014-09-10 20:34 - 00001886 _____ C:\Windows\System32\Tasks\{D453030B-EC6A-481A-A878-7929D0C635B9} 2015-08-10 22:11 - 2014-09-10 20:34 - 00001886 _____ C:\Windows\System32\Tasks\{088F5450-BF95-4282-A48C-A6144BBF32FE} 2015-08-10 22:11 - 2014-01-15 18:06 - 00001620 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-08-10 22:11 - 2013-10-13 13:56 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps 2015-08-10 22:11 - 2013-10-07 15:51 - 00001762 _____ C:\Windows\System32\Tasks\{01BB3D65-38FF-4609-A6D6-9B88DB6D6DB4} 2015-08-10 22:11 - 2013-09-19 18:56 - 00002734 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-08-10 22:11 - 2013-09-19 18:23 - 00002832 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3694247235-714563267-2262226866-1001 2015-08-10 21:04 - 2014-01-12 17:11 - 00047104 ___SH C:\Users\Dominik\Documents\Thumbs.db 2015-08-10 20:22 - 2015-05-06 11:52 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\BitTorrent 2015-08-10 20:18 - 2015-05-19 19:40 - 00000364 _____ C:\Windows\setupact.log 2015-08-10 20:14 - 2015-05-19 19:40 - 00000000 _____ C:\Windows\setuperr.log 2015-08-10 20:14 - 2013-09-19 19:10 - 00000000 ____D C:\Windows\Panther 2015-08-10 19:55 - 2012-07-26 11:51 - 00864960 _____ C:\Windows\system32\perfh015.dat 2015-08-10 19:55 - 2012-07-26 11:51 - 00194526 _____ C:\Windows\system32\perfc015.dat 2015-08-10 19:55 - 2012-07-26 09:28 - 01994424 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-10 19:45 - 2013-09-19 18:17 - 00000000 ____D C:\Users\Dominik 2015-08-10 19:44 - 2015-06-27 20:01 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux 2015-08-10 19:44 - 2015-05-07 23:23 - 00000000 ____D C:\Users\.NET v4.5 Classic 2015-08-10 19:44 - 2015-05-07 23:23 - 00000000 ____D C:\Users\.NET v4.5 2015-08-10 19:44 - 2015-05-07 23:21 - 00000000 ____D C:\inetpub 2015-08-10 19:44 - 2015-05-06 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle 2015-08-10 19:44 - 2015-04-22 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot 2015-08-10 19:44 - 2015-04-08 17:31 - 00000000 ____D C:\ProgramData\Creative 2015-08-10 19:44 - 2015-04-08 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative 2015-08-10 19:44 - 2015-03-01 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO 2015-08-10 19:44 - 2015-03-01 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-08-10 19:44 - 2015-02-11 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms Clan Wars 2015-08-10 19:44 - 2015-01-24 11:57 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Binding of Isaac Rebirth 1.0 2015-08-10 19:44 - 2014-11-27 21:09 - 00000000 ____D C:\Windows\SysWOW64\vbox 2015-08-10 19:44 - 2014-11-27 21:09 - 00000000 ____D C:\Windows\system32\vbox 2015-08-10 19:44 - 2014-11-27 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-08-10 19:44 - 2014-10-19 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-08-10 19:44 - 2014-09-10 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-10 19:44 - 2014-08-01 14:31 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote 2015-08-10 19:44 - 2014-06-06 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goofball 2015-08-10 19:44 - 2014-06-04 18:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock 2015-08-10 19:44 - 2014-04-17 16:16 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software 2015-08-10 19:44 - 2014-04-11 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition 2015-08-10 19:44 - 2014-03-11 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-08-10 19:44 - 2014-03-11 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-10 19:44 - 2014-02-18 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSViewer 2015-08-10 19:44 - 2014-02-15 21:32 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool 2015-08-10 19:44 - 2014-01-18 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO 2015-08-10 19:44 - 2014-01-16 19:53 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool 2015-08-10 19:44 - 2014-01-15 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-08-10 19:44 - 2013-12-28 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Partition Manager™ 2014 Free 2015-08-10 19:44 - 2013-12-28 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\exiso-GUI 2015-08-10 19:44 - 2013-12-10 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2015-08-10 19:44 - 2013-12-10 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-08-10 19:44 - 2013-12-10 19:25 - 00000000 ____D C:\Windows\system32\appmgmt 2015-08-10 19:44 - 2013-12-07 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2015-08-10 19:44 - 2013-10-18 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments Traktor DJ Studio 2 2015-08-10 19:44 - 2013-10-17 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-08-10 19:44 - 2013-10-16 13:32 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin 2015-08-10 19:44 - 2013-10-13 13:49 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2015-08-10 19:44 - 2013-10-12 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2015-08-10 19:44 - 2013-10-12 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-08-10 19:44 - 2013-10-10 19:59 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith 2015-08-10 19:44 - 2013-10-10 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith 2015-08-10 19:44 - 2013-10-07 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverPack Solution Lite 2015-08-10 19:44 - 2013-10-06 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1 2015-08-10 19:44 - 2013-10-03 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam 2015-08-10 19:44 - 2013-09-21 16:03 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 2015-08-10 19:44 - 2013-09-21 16:01 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2015-08-10 19:44 - 2013-09-21 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line 2015-08-10 19:44 - 2013-09-20 21:40 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer 2015-08-10 19:44 - 2013-09-20 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt 2015-08-10 19:44 - 2013-09-19 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2015-08-10 19:44 - 2013-09-19 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories 2015-08-10 19:44 - 2013-09-19 19:02 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-08-10 19:44 - 2013-09-19 18:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-08-10 19:44 - 2013-09-19 18:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-08-10 19:44 - 2013-09-19 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-10 19:44 - 2013-09-19 18:30 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-08-10 19:44 - 2013-09-19 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-08-10 19:44 - 2013-09-19 18:17 - 00000000 ____D C:\ProgramData\PRICache 2015-08-10 19:44 - 2012-07-26 11:53 - 00000000 ____D C:\Windows\ShellNew 2015-08-10 19:44 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\spool 2015-08-10 19:44 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Recovery 2015-08-10 19:44 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF 2015-08-10 19:44 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-08-10 19:44 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\LiveKernelReports 2015-08-10 19:44 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\Help 2015-08-10 19:44 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\System 2015-08-10 19:44 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-08-10 18:15 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\Registration 2015-08-10 17:25 - 2012-07-26 07:26 - 00008192 ___SH C:\Windows\system32\config\ELAM 2015-08-10 17:24 - 2015-05-07 23:22 - 00071222 _____ C:\Windows\iis.log 2015-08-10 16:38 - 2013-09-20 21:29 - 01930240 ___SH C:\Users\Dominik\Downloads\Thumbs.db 2015-08-10 15:44 - 2013-09-19 19:11 - 00000000 ____D C:\ProgramData\Stardock 2015-08-10 15:35 - 2014-01-23 23:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-08-10 15:31 - 2013-11-11 20:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-07 21:57 - 2012-07-26 07:26 - 00000215 _____ C:\Windows\system.ini 2015-08-07 21:55 - 2014-01-15 19:53 - 00000000 ____D C:\Windows\erdnt 2015-08-07 21:51 - 2013-10-03 19:41 - 00000000 ____D C:\ProgramData\Temp 2015-08-07 21:25 - 2013-10-16 15:37 - 00000000 ____D C:\Users\Dominik\AppData\Local\Spotify 2015-08-07 20:45 - 2013-10-16 15:37 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Spotify 2015-08-07 19:52 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp 2015-08-07 19:31 - 2014-01-23 23:13 - 00001257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-08-07 19:30 - 2013-09-21 12:31 - 00000000 ____D C:\Program Files (x86)\Google 2015-08-07 18:31 - 2013-09-19 18:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-07 13:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent 2015-08-06 22:00 - 2013-09-19 18:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-08-06 21:59 - 2015-04-08 17:32 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information 2015-08-06 21:58 - 2015-04-08 17:32 - 00000000 ____D C:\Program Files\Creative 2015-08-06 21:57 - 2013-10-29 17:05 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2015-08-06 21:57 - 2013-10-29 17:05 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2015-08-06 21:57 - 2013-10-29 17:05 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2015-08-06 21:57 - 2013-10-29 17:05 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2015-08-06 21:56 - 2015-04-08 17:27 - 00000000 ____D C:\Program Files (x86)\Creative 2015-08-06 21:56 - 2014-10-18 16:11 - 00000000 ____D C:\ProgramData\Oracle 2015-08-06 21:55 - 2014-10-18 16:11 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-06 21:55 - 2014-03-11 19:47 - 00321632 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2015-08-06 21:55 - 2014-03-11 19:46 - 00206944 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2015-08-06 21:55 - 2014-03-11 19:46 - 00206432 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2015-08-06 21:55 - 2014-03-11 19:46 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2015-08-06 21:55 - 2014-03-11 19:46 - 00000000 ____D C:\Program Files\Java 2015-08-06 21:54 - 2014-10-18 16:11 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-08-05 00:24 - 2013-10-13 14:26 - 00000132 _____ C:\Users\Dominik\AppData\Roaming\Adobe PNG Format CS6 Prefs 2015-08-03 18:04 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache 2015-07-31 22:00 - 2013-10-18 16:01 - 00000000 __HDC C:\ProgramData\{4A818508-3355-4FBC-B302-D53B599DD9D5} 2015-07-31 21:14 - 2014-03-18 19:50 - 00000000 ____D C:\Users\Dominik\AppData\Local\NVIDIA Corporation 2015-07-31 14:03 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-07-31 00:52 - 2013-12-28 20:33 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\GG 2015-07-30 23:28 - 2013-09-26 17:46 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Audacity 2015-07-25 15:08 - 2012-07-26 09:19 - 19662544 _____ C:\Windows\system32\FNTCACHE.DAT 2015-07-25 01:28 - 2015-02-20 01:18 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2015-07-23 15:08 - 2013-09-21 13:08 - 00000000 ____D C:\Users\Dominik\Documents\My Games 2015-07-23 06:06 - 2015-02-20 01:18 - 03407144 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-07-23 06:06 - 2015-02-20 01:18 - 03008880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-07-23 06:06 - 2015-02-20 01:18 - 00030966 _____ C:\Windows\system32\nvinfo.pb 2015-07-23 06:06 - 2012-07-25 22:22 - 17615408 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-07-23 06:06 - 2012-07-25 22:22 - 15892200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-07-23 06:06 - 2012-07-25 22:22 - 15129192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-07-23 06:06 - 2012-06-28 04:06 - 12876336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-07-21 00:11 - 2013-10-30 22:30 - 00001456 _____ C:\Users\Dominik\AppData\Local\Adobe Save for Web 13.0 Prefs 2015-07-17 22:10 - 2013-10-17 19:17 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\TS3Client 2015-07-17 21:06 - 2014-02-08 01:06 - 00000132 _____ C:\Users\Dominik\AppData\Roaming\Adobe IllExport Filter CS6 Prefs 2015-07-17 17:17 - 2013-12-28 20:33 - 00000000 ____D C:\Users\Dominik\AppData\Local\GG 2015-07-17 16:05 - 2015-05-06 14:23 - 00000000 ____D C:\ProgramData\Tunngle 2015-07-17 12:00 - 2013-09-19 19:50 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype 2015-07-16 11:38 - 2013-09-19 18:42 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Mozilla 2015-07-16 00:44 - 2013-10-30 21:18 - 00000000 ____D C:\Program Files\TabletPlugins 2015-07-16 00:44 - 2013-10-30 21:18 - 00000000 ____D C:\Program Files\Tablet 2015-07-16 00:44 - 2013-10-30 21:18 - 00000000 ____D C:\Program Files (x86)\TabletPlugins 2015-07-15 22:47 - 2014-09-13 00:07 - 00000000 ____D C:\ProgramData\Package Cache 2015-07-15 16:57 - 2013-09-20 18:49 - 00000000 ____D C:\Program Files\WapSter 2015-07-15 16:55 - 2013-10-12 19:17 - 00000000 ____D C:\Users\Dominik\AppData\Local\Battle.net 2015-07-15 16:55 - 2013-10-12 19:17 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-07-15 16:47 - 2013-09-26 19:15 - 00000000 ____D C:\ProgramData\Origin 2015-07-15 16:39 - 2014-06-21 16:37 - 00000000 ____D C:\Users\Dominik\Documents\Camtasia Studio 2015-07-12 14:55 - 2013-09-21 16:56 - 00000000 ____D C:\Program Files\vstplugins 2015-07-12 14:34 - 2013-09-21 16:03 - 00000000 ____D C:\Program Files (x86)\VstPlugins 2015-07-12 13:20 - 2013-10-13 13:43 - 00000000 ____D C:\Users\Dominik\AppData\Local\Adobe ==================== Files in the root of some directories ======= 2013-09-26 18:33 - 2009-10-23 23:00 - 5811712 _____ (reFX) C:\Program Files (x86)\Nexus.dll 2014-02-08 01:06 - 2015-07-17 21:06 - 0000132 _____ () C:\Users\Dominik\AppData\Roaming\Adobe IllExport Filter CS6 Prefs 2013-10-13 14:26 - 2015-08-05 00:24 - 0000132 _____ () C:\Users\Dominik\AppData\Roaming\Adobe PNG Format CS6 Prefs 2013-12-03 18:36 - 2014-11-10 18:31 - 0080896 _____ () C:\Users\Dominik\AppData\Roaming\RZR_006087774ab2b7765f6a869b9061.db 2013-10-30 22:30 - 2015-07-21 00:11 - 0001456 _____ () C:\Users\Dominik\AppData\Local\Adobe Save for Web 13.0 Prefs 2013-09-21 21:26 - 2013-09-21 21:26 - 0000003 _____ () C:\Users\Dominik\AppData\Local\updater.log 2013-09-21 21:26 - 2015-04-22 21:40 - 0000424 _____ () C:\Users\Dominik\AppData\Local\UserProducts.xml 2014-08-12 12:46 - 2014-08-12 12:46 - 0000000 _____ () C:\Users\Dominik\AppData\Local\{F086AD65-7A20-489F-A232-BD3F8EECABC5} Some files in TEMP: ==================== C:\Users\Dominik\AppData\Local\temp\Quarantine.exe C:\Users\Dominik\AppData\Local\temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-21 11:27 ==================== End of log ============================