Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 Ran by Paweł (administrator) on THE_RAIN (18-03-2016 08:05:35) Running from C:\Users\Paweł\Downloads Loaded Profiles: Paweł (Available Profiles: Paweł) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angielski (Stany Zjednoczone) Internet Explorer Version 10 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\Program Files (x86)\NetTime\NetTimeService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\NetTime\NetTime.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (BitTorrent Inc.) C:\Users\Paweł\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) C:\Users\Paweł\AppData\Roaming\uTorrent\updates\3.4.6_41845\utorrentie.exe (BitTorrent Inc.) C:\Users\Paweł\AppData\Roaming\uTorrent\updates\3.4.6_41845\utorrentie.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-13] (Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-30] (Oracle Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-10] (Adobe Systems Incorporated) HKLM-x32\...\Run: [NetTime] => C:\Program Files (x86)\NetTime\NetTime.exe [772096 2012-05-12] () HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-06-18] (Malwarebytes Corporation) HKU\S-1-5-21-1971605308-2172589426-802125545-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4990808 2015-09-15] (Disc Soft Ltd) HKU\S-1-5-21-1971605308-2172589426-802125545-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1971605308-2172589426-802125545-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) AutoConfigURL: [S-1-5-21-1971605308-2172589426-802125545-1000] => hxxp://un-stop.net/wpad.dat?c3293843cfc43322564cfab592d93d867589262 Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62 Tcpip\..\Interfaces\{C1A8EE31-6CAB-43F4-BE85-CC1FD6750076}: [DhcpNameServer] 62.179.1.63 62.179.1.62 ManualProxies: Internet Explorer: ================== SearchScopes: HKLM-x32 -> DefaultScope value is missing BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-13] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-13] (Oracle Corporation) DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab FireFox: ======== FF ProfilePath: C:\Users\Paweł\AppData\Roaming\Mozilla\Firefox\Profiles\b9sc9j8g.default-1458283533956 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @videolan.org/vlc,version=2.2.2 -> D:\Programy\VLC\npvlc.dll [2016-01-20] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] () FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-13] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-13] (Oracle Corporation) FF Plugin-x32: @live.heroesandgenerals.com/npretox -> G:\GRY\Private\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2016-02-09] (Reto-Moto ApS) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [1259864 2015-09-15] (Disc Soft Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NetTimeSvc; C:\Program Files (x86)\NetTime\NetTimeService.exe [473088 2012-05-12] () [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation) S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation) R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [327064 2010-05-19] (Enigma Software Group USA, LLC.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 dtproscsibus; C:\Windows\System32\DRIVERS\dtproscsibus.sys [30352 2016-02-13] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [5248 2010-01-28] () [File not signed] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2016-03-18] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation) U0 xhofm; C:\Windows\System32\drivers\neousf.sys [79064 2016-03-18] (Malwarebytes Corporation) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-03-18 07:53 - 2016-03-18 07:53 - 00026408 _____ C:\Users\Paweł\Downloads\Addition.txt 2016-03-18 07:52 - 2016-03-18 08:05 - 00010539 _____ C:\Users\Paweł\Downloads\FRST.txt 2016-03-18 07:52 - 2016-03-18 08:05 - 00000000 ____D C:\FRST 2016-03-18 07:52 - 2016-03-18 07:52 - 02374144 _____ (Farbar) C:\Users\Paweł\Downloads\FRST64.exe 2016-03-18 07:50 - 2016-03-18 07:50 - 00002146 _____ C:\Users\Paweł\Desktop\fixlist.txt.txt 2016-03-18 07:43 - 2016-03-18 07:43 - 00000000 ____D C:\Users\Paweł\AppData\LocalLow\uTorrent 2016-03-18 07:41 - 2016-03-18 07:41 - 02114560 _____ (BitTorrent Inc.) C:\Users\Paweł\Desktop\uTorrent.exe 2016-03-18 07:40 - 2016-03-18 07:40 - 00001136 _____ C:\Users\Paweł\Desktop\skan malware 18,03,2016.txt 2016-03-18 07:39 - 2016-03-18 07:39 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\neousf.sys 2016-03-18 07:39 - 2016-03-18 07:39 - 00000080 _____ C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk 2016-03-18 07:24 - 2016-03-18 07:40 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-03-18 07:24 - 2016-03-18 07:24 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-03-18 07:24 - 2016-03-18 07:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-03-18 07:24 - 2016-03-18 07:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-03-18 07:24 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-03-18 07:24 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-03-18 07:24 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2016-03-18 07:14 - 2016-03-18 07:14 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-18 07:13 - 2016-03-18 07:13 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Paweł\Downloads\mbam-setup-2.0.4.1028.exe 2016-03-17 20:34 - 2016-03-17 20:34 - 00000018 _____ C:\Users\Pawe 2016-03-17 20:31 - 2016-03-17 20:31 - 03311744 _____ C:\Users\Paweł\Downloads\HeroesAndGenerals-setup-114855.exe 2016-03-17 09:32 - 2016-03-17 09:32 - 00017203 _____ C:\Users\Paweł\Downloads\podanie.pdf 2016-03-17 09:31 - 2016-03-17 09:31 - 00012568 _____ C:\Users\Paweł\Desktop\podanie.odt 2016-03-15 06:54 - 2016-03-18 07:45 - 00000000 ____D C:\Users\Paweł\Desktop\Stare dane programu Firefox 2016-03-14 19:53 - 2016-03-14 19:53 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\NVIDIA 2016-03-13 19:10 - 2016-03-13 19:10 - 00621568 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Paweł\Downloads\libeay32.dll 2016-03-13 19:10 - 2016-03-13 19:10 - 00162304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Paweł\Downloads\ssleay32.dll 2016-03-13 19:10 - 2016-03-13 19:10 - 00000000 ____D C:\Users\Paweł\Downloads\Torrentex 2016-03-13 19:09 - 2016-03-13 19:09 - 03864312 _____ () C:\Users\Paweł\Downloads\Download RemoveWat 2.2.exe 2016-03-13 18:52 - 2016-03-14 20:57 - 00000000 ____D C:\Program Files (x86)\AdwCleaner 2016-03-13 18:52 - 2016-03-13 18:52 - 01527296 _____ C:\Users\Paweł\Downloads\adwcleaner_5.102.exe 2016-03-13 18:49 - 2016-03-18 07:40 - 00001957 _____ C:\Users\Public\Desktop\SimpleDownloads.lnk 2016-03-13 18:48 - 2016-03-13 18:48 - 00000000 ____D C:\Users\Paweł\AppData\Local\Chromium 2016-03-13 18:47 - 2016-03-13 18:47 - 03643712 _____ (Last Chance Inc) C:\Users\Paweł\Downloads\RemoveWAT_2.2.8_Windows_7_Working_Activator_Download_downloader.exe 2016-03-13 18:37 - 2016-03-13 18:37 - 06771590 _____ C:\Users\Paweł\Downloads\Removewat 2.2.7.exe.zip 2016-03-13 16:29 - 2016-03-08 07:15 - 00110016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2016-03-13 16:27 - 2016-03-18 07:01 - 00000000 ____D C:\ProgramData\NVIDIA 2016-03-13 16:27 - 2016-03-13 16:27 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-03-13 16:27 - 2016-03-08 11:07 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2016-03-13 16:27 - 2016-03-08 11:07 - 00201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2016-03-13 16:27 - 2016-03-08 07:27 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2016-03-13 16:27 - 2016-03-08 07:27 - 02994232 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2016-03-13 16:27 - 2016-03-08 07:27 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2016-03-13 16:27 - 2016-03-08 07:27 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2016-03-13 16:27 - 2016-03-08 07:27 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2016-03-13 16:27 - 2016-03-08 07:27 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2016-03-13 16:27 - 2016-03-08 07:27 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2016-03-13 16:27 - 2016-03-08 07:27 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2016-03-13 16:27 - 2016-03-07 05:23 - 06203411 _____ C:\Windows\system32\nvcoproc.bin 2016-03-13 16:25 - 2016-03-08 11:07 - 42968120 _____ C:\Windows\system32\nvcompiler.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 37609528 _____ C:\Windows\SysWOW64\nvcompiler.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 22932928 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 21313024 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 20854680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 18990976 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 18879544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 17725040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 17318184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 17246680 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 16439328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 14128496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 12564024 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-03-13 16:25 - 2016-03-08 11:07 - 10546944 _____ C:\Windows\system32\nvptxJitCompiler.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 08658120 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 03711024 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 03283896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 03233336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 02808768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436451.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436451.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00956984 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00886840 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00749504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00693816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00473056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00391632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2016-03-13 16:25 - 2016-03-08 11:07 - 00175552 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2016-03-13 16:25 - 2016-03-08 11:07 - 00036743 _____ C:\Windows\system32\nvinfo.pb 2016-03-13 16:25 - 2016-03-08 11:07 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json 2016-03-13 16:25 - 2016-03-08 11:07 - 00000139 _____ C:\Windows\system32\nv-vk64.json 2016-03-13 01:22 - 2016-03-13 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetTime 2016-03-13 01:22 - 2016-03-13 01:22 - 00000000 ____D C:\Program Files (x86)\NetTime 2016-03-13 01:21 - 2016-03-13 01:21 - 00775206 _____ (Mark Griffiths ) C:\Users\Paweł\Downloads\NetTimeSetup-314.exe 2016-03-11 06:27 - 2016-03-11 06:27 - 00598497 _____ C:\Users\Paweł\Downloads\upo paweł g.pdf 2016-03-11 05:53 - 2016-03-11 05:53 - 00006006 _____ C:\Users\Paweł\Downloads\Pit37_PAWEŁ_GRYNKA.edec 2016-03-11 05:19 - 2016-03-11 05:52 - 00014528 _____ C:\Users\Paweł\Downloads\PIT-37-PAWEŁ-GRYNKA.xml 2016-03-06 17:43 - 2016-03-06 17:43 - 00000000 _____ C:\Users\Paweł\Desktop\101sPzAbt.txt 2016-03-02 16:36 - 2016-03-02 16:36 - 00083421 _____ C:\Users\Paweł\Downloads\umowa-kupna-sprzedazy.pdf 2016-03-01 00:45 - 2016-03-01 00:45 - 00000000 ____D C:\Users\Paweł\AppData\Local\CEF 2016-02-29 06:44 - 2016-03-18 07:39 - 00000779 _____ C:\Users\Paweł\Desktop\SubEdit-Player.lnk 2016-02-29 06:44 - 2016-02-29 06:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SubEdit-Player 2016-02-29 03:26 - 2016-02-29 03:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-02-29 03:24 - 2016-03-18 07:40 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-02-29 03:24 - 2016-03-18 07:40 - 00002041 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-02-27 01:46 - 2016-02-27 01:46 - 00000000 ____D C:\Program Files\Realtek 2016-02-27 01:46 - 2015-06-19 03:45 - 04496600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2016-02-27 01:46 - 2015-06-19 02:59 - 02862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2016-02-27 01:46 - 2015-06-18 04:47 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2016-02-27 01:46 - 2015-06-18 04:47 - 02585816 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll 2016-02-27 01:46 - 2015-06-17 23:45 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2016-02-27 01:46 - 2015-06-16 02:39 - 01748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2016-02-27 01:46 - 2015-06-12 04:40 - 03157796 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat 2016-02-27 01:46 - 2015-06-09 20:17 - 05708736 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll 2016-02-27 01:46 - 2015-05-26 20:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2016-02-27 01:46 - 2015-05-18 23:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2016-02-27 01:46 - 2015-05-16 04:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2016-02-27 01:46 - 2015-05-16 01:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2016-02-27 01:46 - 2015-04-24 14:42 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll 2016-02-27 01:46 - 2015-04-24 14:42 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll 2016-02-27 01:46 - 2015-04-24 14:42 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll 2016-02-27 01:46 - 2015-04-24 14:41 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL 2016-02-27 01:46 - 2015-04-14 01:25 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll 2016-02-27 01:46 - 2015-02-06 02:48 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll 2016-02-27 01:46 - 2015-02-04 09:38 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll 2016-02-27 01:46 - 2015-02-04 09:38 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll 2016-02-27 01:46 - 2015-02-04 09:38 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll 2016-02-27 01:46 - 2015-02-04 09:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll 2016-02-27 01:46 - 2015-02-04 09:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll 2016-02-27 01:46 - 2015-01-24 03:16 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll 2016-02-27 01:46 - 2015-01-20 03:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2016-02-27 01:46 - 2014-12-11 17:10 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2016-02-27 01:46 - 2014-12-11 17:10 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2016-02-27 01:46 - 2014-12-11 17:10 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2016-02-27 01:46 - 2014-12-11 17:10 - 00250536 _____ (TODO: ) C:\Windows\system32\slprp64.dll 2016-02-27 01:46 - 2014-11-11 22:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2016-02-27 01:46 - 2014-10-24 19:12 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2016-02-27 01:46 - 2014-10-24 19:12 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll 2016-02-27 01:46 - 2014-08-15 04:16 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat 2016-02-27 01:46 - 2014-06-18 04:17 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2016-02-27 01:46 - 2014-04-10 21:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2016-02-27 01:46 - 2014-02-28 05:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2016-02-27 01:46 - 2013-10-11 20:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2016-02-27 01:46 - 2013-08-15 00:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2016-02-27 01:46 - 2013-06-25 21:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2016-02-27 01:46 - 2013-06-25 21:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2016-02-27 01:46 - 2013-06-25 21:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2016-02-27 01:46 - 2013-04-03 23:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2016-02-27 01:46 - 2012-09-01 04:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2016-02-27 01:46 - 2012-09-01 04:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2016-02-27 01:46 - 2012-09-01 04:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2016-02-27 01:46 - 2012-09-01 04:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2016-02-27 01:46 - 2012-09-01 04:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2016-02-27 01:46 - 2012-01-10 19:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2016-02-27 01:46 - 2011-12-21 00:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2016-02-27 01:46 - 2011-11-23 01:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2016-02-27 01:46 - 2011-09-02 23:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2016-02-27 01:46 - 2011-09-02 23:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2016-02-27 01:46 - 2011-09-02 23:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2016-02-27 01:46 - 2011-03-17 21:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2016-02-27 01:46 - 2011-03-08 02:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2016-02-27 01:46 - 2010-11-08 16:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2016-02-27 01:46 - 2010-11-08 16:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2016-02-27 01:46 - 2010-11-08 16:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2016-02-27 01:46 - 2010-11-08 16:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2016-02-27 01:46 - 2010-11-08 16:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2016-02-27 01:46 - 2010-11-08 16:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2016-02-27 01:46 - 2010-07-23 01:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2016-02-27 01:46 - 2009-11-24 18:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2016-02-27 01:46 - 2009-11-24 18:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2016-02-27 01:46 - 2009-11-24 18:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2016-02-27 01:46 - 2009-11-24 18:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2016-02-27 01:45 - 2015-06-10 22:20 - 03129672 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll 2016-02-27 01:45 - 2015-06-10 22:20 - 00728392 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll 2016-02-27 01:45 - 2015-06-03 04:25 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll 2016-02-27 01:45 - 2015-05-28 03:51 - 02461016 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll 2016-02-27 01:45 - 2015-05-28 03:51 - 02393432 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll 2016-02-27 01:45 - 2015-05-28 03:51 - 00944984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll 2016-02-27 01:45 - 2015-05-28 03:51 - 00349528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll 2016-02-27 01:45 - 2015-05-26 00:18 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2016-02-27 01:45 - 2015-05-12 03:53 - 12996528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2016-02-27 01:45 - 2015-05-11 22:08 - 01374640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2016-02-27 01:45 - 2015-05-11 22:08 - 01192368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2016-02-27 01:45 - 2015-05-11 22:08 - 01145264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2016-02-27 01:45 - 2015-05-11 22:08 - 00980400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2016-02-27 01:45 - 2015-04-28 01:09 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2016-02-27 01:45 - 2015-02-06 02:48 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll 2016-02-27 01:45 - 2014-11-04 22:42 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll 2016-02-27 01:45 - 2014-11-04 22:42 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll 2016-02-27 01:45 - 2014-11-04 22:42 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll 2016-02-27 01:45 - 2014-11-04 22:42 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll 2016-02-27 01:45 - 2014-09-24 20:31 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2016-02-27 01:45 - 2014-09-24 20:31 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2016-02-27 01:45 - 2014-09-24 20:31 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2016-02-27 01:45 - 2014-09-24 20:31 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2016-02-27 01:45 - 2014-06-09 19:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2016-02-27 01:45 - 2014-05-23 01:24 - 00096568 _____ C:\Windows\system32\audioLibVc.dll 2016-02-27 01:45 - 2014-04-10 21:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2016-02-27 01:45 - 2014-02-01 02:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2016-02-27 01:45 - 2013-10-11 21:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2016-02-27 01:45 - 2013-10-07 09:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2016-02-27 01:45 - 2013-10-07 09:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2016-02-27 01:45 - 2013-10-07 09:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2016-02-27 01:45 - 2013-08-15 00:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2016-02-27 01:45 - 2013-07-24 00:39 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2016-02-27 01:45 - 2013-07-24 00:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2016-02-27 01:45 - 2013-06-21 20:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll 2016-02-27 01:45 - 2012-03-08 20:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2016-02-27 01:45 - 2011-08-24 02:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2016-02-27 01:45 - 2011-05-31 18:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2016-02-27 01:45 - 2011-05-31 18:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2016-02-27 01:45 - 2011-05-31 18:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2016-02-27 01:45 - 2011-05-31 18:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2016-02-27 01:45 - 2011-05-31 18:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2016-02-27 01:45 - 2011-05-31 18:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2016-02-27 01:45 - 2011-05-31 18:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2016-02-27 01:45 - 2011-05-31 18:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2016-02-27 01:45 - 2011-05-31 18:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2016-02-27 01:45 - 2011-05-31 18:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2016-02-27 01:45 - 2011-05-31 18:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2016-02-27 01:45 - 2011-05-31 18:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2016-02-27 01:45 - 2010-09-27 18:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2016-02-27 01:35 - 2016-02-27 01:35 - 00000000 ____D C:\Users\Paweł\AppData\Local\ElevatedDiagnostics 2016-02-26 03:25 - 2016-03-18 07:39 - 00000000 ____D C:\Users\Paweł\AppData\Local\AwakenersCard 2016-02-26 03:25 - 2016-02-26 03:25 - 00018432 _____ C:\Users\Paweł\AppData\Roaming\Main.dat 2016-02-26 03:25 - 2016-02-26 03:25 - 00000294 _____ C:\Users\Paweł\Desktop\allegro.pl.URL 2016-02-26 03:25 - 2016-02-26 03:25 - 00000285 _____ C:\Users\Paweł\Desktop\Booking.URL 2016-02-26 03:25 - 2016-02-26 03:25 - 00000048 _____ C:\Windows\system32\mslspd.cer 2016-02-26 03:25 - 2016-02-26 03:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Instagram Downloader 2016-02-26 03:25 - 2016-02-26 03:25 - 00000000 ____D C:\Program Files (x86)\Instagram Downloader 2016-02-26 03:24 - 2016-02-26 03:25 - 08003072 _____ C:\Users\Paweł\AppData\Roaming\agent.dat 2016-02-26 03:24 - 2016-02-26 03:24 - 01895038 _____ C:\Users\Paweł\AppData\Roaming\Truetop.tst 2016-02-26 03:24 - 2016-02-26 03:24 - 00127488 _____ C:\Users\Paweł\AppData\Roaming\Installer.dat 2016-02-26 01:04 - 2016-02-26 01:04 - 00145683 _____ C:\Users\Paweł\Downloads\mazda6.xps 2016-02-26 01:04 - 2016-02-26 01:04 - 00000000 ____D C:\Users\Paweł\AppData\LocalLow\Temp 2016-02-26 01:02 - 2016-02-26 01:02 - 07089695 _____ C:\Users\Paweł\Downloads\dokuji_mazda.pdf 2016-02-23 20:46 - 2016-02-23 20:46 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\OpenOffice 2016-02-21 03:57 - 2016-02-21 03:57 - 12321435 _____ C:\Users\Paweł\Downloads\12719314_931595216895855_1518988818215257389_o.psd 2016-02-21 03:57 - 2016-02-21 03:57 - 12190407 _____ C:\Users\Paweł\Downloads\12719286_931594950229215_7468799241002736073_o.psd 2016-02-20 04:01 - 2016-03-18 07:39 - 00002284 _____ C:\Users\Paweł\Desktop\SpyHunter.lnk 2016-02-20 04:01 - 2016-02-20 04:01 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2016-02-20 04:01 - 2016-02-20 04:01 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group 2016-02-20 04:00 - 2016-02-20 04:01 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP 2016-02-18 06:34 - 2016-03-09 15:43 - 00000000 ____D C:\Users\Paweł\AppData\Local\Nvidia Corporation 2016-02-18 02:55 - 2016-03-18 07:40 - 00000709 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2016-02-18 02:55 - 2016-03-17 21:24 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\TS3Client 2016-02-18 02:55 - 2016-02-18 02:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2016-02-17 04:58 - 2016-02-17 04:58 - 04898629 _____ C:\Users\Paweł\Downloads\Chakra_Healing_Report.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-03-18 08:03 - 2016-02-13 04:39 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\uTorrent 2016-03-18 07:40 - 2016-02-13 06:42 - 00000382 _____ C:\Users\Public\Desktop\Zagraj w Heroes & Generals.lnk 2016-03-18 07:40 - 2016-02-13 06:41 - 00000764 _____ C:\Users\Public\Desktop\WarThunder.lnk 2016-03-18 07:40 - 2016-02-13 06:40 - 00001371 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-03-18 07:40 - 2016-02-13 05:25 - 00000895 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk 2016-03-18 07:40 - 2016-02-13 05:24 - 00000869 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk 2016-03-18 07:40 - 2016-02-13 05:24 - 00000850 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk 2016-03-18 07:40 - 2016-02-13 05:23 - 00000824 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk 2016-03-18 07:40 - 2016-02-13 05:17 - 00001507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk 2016-03-18 07:40 - 2016-02-13 05:17 - 00000944 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk 2016-03-18 07:40 - 2016-02-13 04:54 - 00000853 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk 2016-03-18 07:40 - 2016-02-13 04:38 - 00001763 _____ C:\Users\Public\Desktop\DAEMON Tools Pro.lnk 2016-03-18 07:40 - 2016-02-13 04:02 - 00000622 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-03-18 07:40 - 2016-02-13 03:45 - 00000662 _____ C:\Users\Public\Desktop\AnyBurn.lnk 2016-03-18 07:40 - 2016-02-13 03:35 - 00001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-03-18 07:40 - 2016-02-13 03:01 - 00001009 _____ C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-03-18 07:40 - 2016-02-12 17:41 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2016-03-18 07:40 - 2016-02-12 17:41 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2016-03-18 07:40 - 2009-07-14 05:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-03-18 07:40 - 2009-07-14 05:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk 2016-03-18 07:40 - 2009-07-14 05:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk 2016-03-18 07:40 - 2009-07-14 05:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk 2016-03-18 07:39 - 2016-02-13 04:42 - 00000975 _____ C:\Users\Paweł\Desktop\WinRAR.lnk 2016-03-18 07:39 - 2016-02-13 03:47 - 00000833 _____ C:\Users\Paweł\Desktop\NapiProjekt.lnk 2016-03-18 07:39 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk 2016-03-18 07:39 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk 2016-03-18 07:13 - 2016-02-13 06:45 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-03-18 07:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-03-17 20:49 - 2016-02-13 20:34 - 00000000 ____D C:\Users\Paweł\AppData\LocalLow\Heroes and Generals 2016-03-17 12:22 - 2016-02-13 06:19 - 00737242 _____ C:\Windows\system32\perfh015.dat 2016-03-17 12:22 - 2016-02-13 06:19 - 00153930 _____ C:\Windows\system32\perfc015.dat 2016-03-17 12:22 - 2009-07-14 06:13 - 01661232 _____ C:\Windows\system32\PerfStringBackup.INI 2016-03-17 12:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-03-16 13:14 - 2009-07-14 06:08 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-03-15 10:06 - 2016-02-13 07:09 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\vlc 2016-03-14 20:57 - 2016-02-13 06:41 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2016-03-13 19:15 - 2010-11-21 04:24 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2016-03-13 19:15 - 2010-11-21 04:24 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2016-03-13 19:15 - 2010-11-21 04:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll 2016-03-13 19:15 - 2010-11-21 04:24 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll 2016-03-13 19:15 - 2010-11-21 04:23 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll 2016-03-13 19:15 - 2009-07-14 05:45 - 00025936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-03-13 19:15 - 2009-07-14 05:45 - 00025936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-03-13 19:10 - 2016-02-13 06:38 - 00000000 ____D C:\Users\Paweł\AppData\Local\CrashDumps 2016-03-13 18:51 - 2015-12-27 00:25 - 00000000 ____D C:\AdwCleaner 2016-03-13 18:48 - 2016-02-13 06:45 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-03-13 18:48 - 2016-02-13 06:45 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-03-13 18:48 - 2016-02-13 06:45 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-03-13 16:29 - 2016-02-13 03:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-03-13 16:29 - 2016-02-13 03:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-03-13 16:29 - 2015-12-27 00:44 - 00000000 ___HD C:\temp 2016-03-13 16:28 - 2016-02-13 03:43 - 00000000 ____D C:\ProgramData\Package Cache 2016-03-13 16:27 - 2016-02-13 03:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-03-13 16:27 - 2016-02-13 03:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-03-13 16:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help 2016-03-09 15:44 - 2016-02-13 03:46 - 00000000 ____D C:\Users\Paweł\AppData\Local\NVIDIA 2016-03-05 20:48 - 2016-02-13 03:28 - 00000000 ____D C:\Users\Paweł\Desktop\plili z pulpitu 2016-03-04 17:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2016-03-02 03:55 - 2016-02-13 03:01 - 00000000 ____D C:\Users\Paweł\AppData\Roaming\Adobe 2016-03-01 00:45 - 2016-02-13 05:05 - 00000000 ____D C:\Users\Paweł\AppData\Local\Adobe 2016-02-29 03:24 - 2016-02-13 03:33 - 00000000 ____D C:\ProgramData\Adobe 2016-02-29 03:24 - 2016-02-13 03:33 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-02-27 01:47 - 2016-02-13 03:08 - 00000000 ___HD C:\Program Files (x86)\Temp 2016-02-27 01:46 - 2016-02-13 04:32 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2016-02-27 01:46 - 2016-02-13 04:32 - 00000000 ____D C:\Windows\system32\DAX2 2016-02-27 01:45 - 2016-02-13 03:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-02-19 22:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\LiveKernelReports 2016-02-19 07:26 - 2011-04-12 09:28 - 00000000 ___RD C:\Users\Public\Recorded TV 2016-02-17 07:40 - 2016-02-13 06:39 - 01903344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2016-02-17 07:40 - 2016-02-13 06:39 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2016-02-17 07:40 - 2016-02-13 06:39 - 01571624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2016-02-17 07:40 - 2016-02-13 06:39 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2016-02-17 07:40 - 2016-02-13 06:39 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2016-02-17 04:54 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries ==================== Files in the root of some directories ======= 2016-02-26 03:24 - 2016-02-26 03:25 - 8003072 _____ () C:\Users\Paweł\AppData\Roaming\agent.dat 2016-02-26 03:24 - 2016-02-26 03:24 - 0127488 _____ () C:\Users\Paweł\AppData\Roaming\Installer.dat 2016-02-26 03:25 - 2016-02-26 03:25 - 0018432 _____ () C:\Users\Paweł\AppData\Roaming\Main.dat 2016-02-26 03:24 - 2016-02-26 03:24 - 1895038 _____ () C:\Users\Paweł\AppData\Roaming\Truetop.tst 2016-02-13 04:32 - 2016-02-13 04:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Paweł\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Paweł\AppData\Local\Temp\nvStInst.exe C:\Users\Paweł\AppData\Local\Temp\Quarantine.exe C:\Users\Paweł\AppData\Local\Temp\sqlite3.dll C:\Users\Paweł\AppData\Local\Temp\tmp3BB8.tmp.exe C:\Users\Paweł\AppData\Local\Temp\vcredist_x86.exe C:\Users\Paweł\AppData\Local\Temp\VP3fflRttZ.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll [2010-11-21 04:24] - [2016-03-13 19:15] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79 C:\Windows\SysWOW64\User32.dll [2010-11-21 04:24] - [2016-03-13 19:15] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-03-02 01:49 ==================== End of FRST.txt ============================