Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-10-2016 Ran by Adrian (administrator) on N0TAKU (15-10-2016 20:14:27) Running from C:\Users\Adrian\Desktop\frst Loaded Profiles: Adrian (Available Profiles: Adrian) Platform: Windows 8.1 Pro (Update) (X64) Language: Angielski (Stany Zjednoczone) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe (Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Learnpulse) C:\Program Files\Learnpulse\Screenpresso\Screenpresso.exe (Valve Corporation) C:\Gry\Steam\Steam.exe (Punigram Co. Ltd.) C:\Program Files (x86)\Punigram\FLAAS\FLAAS.exe (Oracle Corporation) C:\Program Files\Java\jre1.8.0_101\bin\javaw.exe (Mega Limited) C:\Users\Adrian\AppData\Local\MEGAsync\MEGAsync.exe (K2T.eu, Kaworu) C:\Program Files\K2T\WTW\wtw.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Valve Corporation) C:\Gry\Steam\bin\cef\cef.winxp\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Pushbullet Inc) C:\Users\Adrian\AppData\Local\Pushbullet\bin\pushbullet_client.exe (Learnpulse) C:\Program Files\Learnpulse\Screenpresso\ScreenpressoRpc.exe () C:\Users\Adrian\Downloads\0h7bwhic.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2015-09-20] (Microsoft Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1842744 2016-09-02] (NVIDIA Corporation) HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3454632 2015-06-11] (Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] () HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [797648 2015-05-27] (MSI) HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2015-09-20] (Microsoft Corporation) HKLM-x32\...\Run: [Ad Muncher] => C:\Program Files (x86)\Ad Muncher\AdMunch.exe [560760 2015-12-20] (Murray Hurps Software Pty Ltd) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-09-29] (Oracle Corporation) HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [6499328 2015-08-25] (Sand Studio) HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe [4691384 2016-09-01] (Akamai Technologies, Inc.) HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc) HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Run: [NetBalancer] => C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1901944 2015-11-23] (SeriousBit) HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Run: [Screenpresso] => C:\Program Files\Learnpulse\Screenpresso\Screenpresso.exe [12368104 2016-06-22] (Learnpulse) HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-10-15] (Piriform Ltd) HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Run: [FreeCT] => C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe [4126624 2016-06-26] (Comfort Software Group) HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Run: [MiPhoneManager] => C:\Users\Adrian\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [157624 2016-08-07] () HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.) HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Run: [Steam] => C:\Gry\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation) HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\MountPoints2: {27fee68a-c2c8-11e5-8313-d8cb8a390b6e} - "E:\setup.exe" HKU\S-1-5-21-2425397994-473716014-1509793327-1001\...\MountPoints2: {c8e3515b-8234-11e5-82ec-d8cb8a390b6e} - "D:\setup.exe" HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0 ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Adrian\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-21] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Adrian\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-21] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Adrian\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-21] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Adrian\AppData\Local\MEGAsync\ShellExtX32.dll [2016-07-21] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Adrian\AppData\Local\MEGAsync\ShellExtX32.dll [2016-07-21] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Adrian\AppData\Local\MEGAsync\ShellExtX32.dll [2016-07-21] () Startup: C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-05-29] ShortcutTarget: MEGAsync.lnk -> C:\Users\Adrian\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) Startup: C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WTW.lnk [2016-06-19] ShortcutTarget: WTW.lnk -> C:\Program Files\K2T\WTW\wtw.exe (K2T.eu, Kaworu) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FLAAS.lnk [2016-10-12] ShortcutTarget: FLAAS.lnk -> C:\Program Files (x86)\Punigram\FLAAS\FLAAS.exe (Punigram Co. Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Remote Launcher Server.lnk [2016-04-08] ShortcutTarget: Remote Launcher Server.lnk -> C:\Program Files (x86)\Remote Launcher Server\Remote Launcher.jar () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2016-03-05] ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server) GroupPolicy: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{182DF3C5-BCF1-45C9-AF24-25997D73A88C}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1F156E57-9EA5-41AE-A1C5-711F30ABD53A}: [NameServer] 8.8.8.8,8.8.6.6 Tcpip\..\Interfaces\{1F156E57-9EA5-41AE-A1C5-711F30ABD53A}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2425397994-473716014-1509793327-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-29] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-29] (Oracle Corporation) FireFox: ======== FF DefaultProfile: qhrxejcq.default FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default [2016-10-15] FF Homepage: Mozilla\Firefox\Profiles\qhrxejcq.default -> hxxps://www.google.pl/ FF Extension: (ADB Helper) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\adbhelper@mozilla.org [2016-03-14] FF Extension: (Auto Refresh) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\autorefresh@plugin.xpi [2016-04-27] FF Extension: (Copy Plain Text 2) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\copyplaintext@teo.pl.xpi [2016-08-22] FF Extension: (Blur) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\donottrackplus@abine.com.xpi [2016-10-12] FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\elemhidehelper@adblockplus.org.xpi [2016-09-17] FF Extension: (United States English Spellchecker) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\en-US@dictionaries.addons.mozilla.org [2016-06-20] FF Extension: (Firebug) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\firebug@software.joehewitt.com.xpi [2016-10-12] FF Extension: (BetterTTV) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\firefox@betterttv.net.xpi [2015-10-25] FF Extension: (Ghostery) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\firefox@ghostery.com.xpi [2016-09-21] FF Extension: (MEGA) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\firefox@mega.co.nz.xpi [2016-10-12] FF Extension: (FoxyProxy Standard) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\foxyproxy@eric.h.jung [2016-09-01] FF Extension: (Valence) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\fxdevtools-adapters@mozilla.org [2016-03-14] FF Extension: (Imgur Uploader) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\giorgio@gilestro.tk.xpi [2015-06-15] FF Extension: (HTTP UserAgent cleaner) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\HTTPUserAgentcleaner@addons.8vs.ru.xpi [2015-06-15] FF Extension: (Desktop Notifications for Android) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\jid0-105eGBfutA8RahNXKJRXP7CPNs0@jetpack.xpi [2016-09-27] FF Extension: (AdF.ly Skipper ★WORKING★) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\jid0-hyjN250ZzTOOX3evFwwAQBxE4ik@jetpack.xpi [2016-04-27] FF Extension: (APK Downloader) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\jid1-6MGm94JnyY2VkA@jetpack.xpi [2016-08-27] FF Extension: (Pushbullet) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\jid1-BYcQOfYfmBMd9A@jetpack.xpi [2015-12-30] FF Extension: (Google™ Translator) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2016-08-28] FF Extension: (FrankerFaceZ) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\jid1-snHdAu6px3p0jA@jetpack.xpi [2016-03-09] FF Extension: (Open Livestreamer) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\jid1-Y6BhyMM8GoZ3eA@jetpack.xpi [2016-03-20] FF Extension: (JSONView) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\jsonview@brh.numbera.com.xpi [2016-09-13] FF Extension: (PopVideo) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\lmnPopVideo@lshai.com.xpi [2016-04-27] FF Extension: (Multifox) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\multifox@hultmann.xpi [2016-07-15] FF Extension: (New Tab Tools) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\newtabtools@darktrojan.net.xpi [2016-09-15] FF Extension: (Polski słownik poprawnej pisowni) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\pl@dictionaries.addons.mozilla.org [2016-02-29] FF Extension: (Regex Find) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\regexfind@findbar.org.xpi [2016-05-26] FF Extension: (Reload Plus) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\reloadplus@blackwind.xpi [2016-04-09] FF Extension: (SkipScreen) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\SkipScreen@SkipScreen.xpi [2016-04-27] FF Extension: (SQLite Manager) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2016-04-27] FF Extension: (Google Translator for Firefox) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\translator@zoli.bod.xpi [2016-04-27] FF Extension: (uBlock Origin) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\uBlock0@raymondhill.net.xpi [2016-10-02] FF Extension: (Lyrics Here by Rob W) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\youtube-lyrics-by-rob-w@jetpack.xpi [2016-01-03] FF Extension: (Flagfox) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-10-12] FF Extension: (FlashGot) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-03-16] FF Extension: (uBlock) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2015-12-05] FF Extension: (Stylish) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2016-08-11] FF Extension: (Grab and Drag) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{477c4c36-24eb-11da-94d4-00e08161165f}.xpi [2016-04-27] FF Extension: (ColorZilla) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2015-12-13] FF Extension: (ReloadEvery) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2016-03-13] FF Extension: (Tamper Data) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2016-04-29] FF Extension: (Video DownloadHelper) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-12] FF Extension: (Cookies Manager+) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2016-09-14] FF Extension: (Adblock Plus) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-22] FF Extension: (Block site) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2016-04-27] FF Extension: (Greasemonkey) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-08-21] FF Extension: (User Agent Switcher) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2016-04-27] FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\searchplugins\tumacz-google.xml [2015-08-23] FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\qhrxejcq.default\searchplugins\youtube-video-search.xml [2015-07-02] FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nurmykky.ola [2016-10-15] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-15] () FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-29] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-29] (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-15] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2016-06-01] (Nexon) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-09-16] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-09-16] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin HKU\S-1-5-21-2425397994-473716014-1509793327-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) StartMenuInternet: FIREFOX.EXE - C:\Program Files\Nightly\firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\WidevineCdm\1.4.8.903\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.166\pepflashplayer.dll => No File CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default [2016-10-15] CHR Extension: (Google Slides) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-21] CHR Extension: (BetterTTV) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-06-09] CHR Extension: (Google Docs) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-21] CHR Extension: (Google Drive) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03] CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03] CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2015-12-11] CHR Extension: (Adblock Plus) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-27] CHR Extension: (APK Downloader) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgihflhdpokeobcfimliamffejfnmfii [2015-11-19] CHR Extension: (Google Search) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03] CHR Extension: (Tampermonkey) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-09-11] CHR Extension: (FrankerFaceZ) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2016-03-16] CHR Extension: (Google Sheets) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-21] CHR Extension: (Google Docs Offline) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (AllCast Receiver) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbljnpdahefgnopeohlaeohgkiidnoe [2016-09-16] CHR Extension: (Chrome Web Store Payments) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19] CHR Extension: (Twitch Buffering Fix) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnahmgokconolakhpdmgnmgaokhjcncb [2016-05-18] CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-21] CHR Extension: (Chrome Media Router) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-03] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-07-24] (BitRaider, LLC) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817256 2016-09-29] (COMODO) S4 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-09-29] (COMODO) S3 GalaxyClientService; C:\Gry\GalaxyClient\GalaxyClientService.exe [281152 2016-09-22] (GOG.com) S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6411840 2016-09-22] (GOG.com) S4 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [23504 2014-12-25] (Micro-Star Int'l Co., Ltd.) S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] () S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation) S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2016-02-27] (Motorola Mobility LLC) S4 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2099712 2014-12-31] (MSI) [File not signed] S4 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4028928 2015-05-27] (MSI) [File not signed] S4 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2117632 2014-12-31] () [File not signed] S4 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4157952 2015-04-20] () [File not signed] S4 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1992704 2015-01-29] () [File not signed] S4 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2249168 2015-03-10] () S4 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-12-31] () [File not signed] S4 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [575488 2015-03-27] () [File not signed] R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI) S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1736872 2015-06-08] (Micro-Star INT'L CO., LTD.) S4 NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [145272 2015-11-23] (SeriousBit) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3916368 2016-01-19] (INCA Internet Co., Ltd.) S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458808 2016-09-16] (NVIDIA Corporation) S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458808 2016-09-16] (NVIDIA Corporation) S4 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-09-16] (NVIDIA Corporation) S4 OverwolfUpdater; C:\Gry\Overwolf\OverwolfUpdater.exe [1309936 2016-07-21] (Overwolf LTD) S4 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-05-10] (PostgreSQL Global Development Group) [File not signed] S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2016-02-27] (Motorola) [File not signed] S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2016-06-15] (Riverbed Technology, Inc.) S4 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [29648 2015-02-09] (Micro-Star INT'L CO., LTD.) S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2016-04-04] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [17720 2015-04-02] (Intel(R) Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation) S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-12-11] (BitRaider) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [32224 2016-08-31] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [853904 2016-08-31] (COMODO) R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [45592 2016-08-31] (COMODO) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-04] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] () S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] () R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [138560 2016-08-31] (COMODO) R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation) R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] () S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2016-07-04] (Visicom Media Inc.) S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2016-07-04] (Visicom Media Inc.) S3 mcdevice; C:\Windows\system32\DRIVERS\mcdevice.sys [334400 2016-07-03] (ShiningMorning Inc.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R1 nbdrv; C:\Windows\system32\DRIVERS\nbdrv.sys [42128 2015-08-04] (SeriousBit) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI) R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI) S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI) S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI) S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI) S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI) S3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-09-02] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-09-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47672 2016-09-16] (NVIDIA Corporation) S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [242688 2016-08-07] (QUALCOMM Incorporated) S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] () S3 scvad_simple; C:\Windows\system32\drivers\SplitCamAudio.sys [23552 2016-07-04] (Windows (R) Win 7 DDK provider) S3 splitcam_hd_driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [37600 2016-07-04] (Windows (R) Win 7 DDK provider) S3 TesSafe; C:\Windows\system32\TesSafe.sys [1101024 2016-06-03] (TENCENT) R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-14] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-09-14] (Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) R1 XQHDrv; C:\Windows\system32\DRIVERS\XQHDrv.sys [253384 2016-09-09] (BigNox Corporation) R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2016-09-09] (BigNox Corporation) S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] U3 ufldqpow; \??\C:\Users\Adrian\AppData\Local\Temp\ufldqpow.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-10-15 19:26 - 2016-10-15 19:26 - 00380928 _____ C:\Users\Adrian\Downloads\0h7bwhic.exe 2016-10-15 19:10 - 2016-10-15 19:10 - 1023801022 _____ C:\Windows\MEMORY.DMP 2016-10-15 19:10 - 2016-10-15 19:10 - 00413512 _____ C:\Windows\Minidump\101516-19781-01.dmp 2016-10-15 18:28 - 2016-10-15 18:28 - 00003256 _____ C:\Users\Adrian\Documents\cc_20161015_182842.reg 2016-10-15 18:24 - 2016-10-15 18:24 - 00100308 _____ C:\Users\Adrian\Documents\cc_20161015_182432.reg 2016-10-14 22:31 - 2016-10-14 22:31 - 00003058 _____ C:\Users\Adrian\AppData\Local\recently-used.xbel 2016-10-13 15:25 - 2016-10-15 18:27 - 00000000 ____D C:\Users\Adrian\AppData\Local\FluxSoftware 2016-10-12 15:49 - 2016-10-12 15:55 - 00006152 _____ C:\TDSSKiller.3.1.0.11_12.10.2016_15.49.02_log.txt 2016-10-12 15:01 - 2016-10-12 15:01 - 00000000 ____D C:\TDSSKiller_Quarantine 2016-10-12 14:55 - 2016-10-12 15:01 - 00777938 _____ C:\TDSSKiller.3.1.0.11_12.10.2016_14.55.46_log.txt 2016-10-12 14:53 - 2016-10-12 14:54 - 00254384 _____ C:\TDSSKiller.3.1.0.11_12.10.2016_14.53.01_log.txt 2016-10-12 14:42 - 2016-10-12 15:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-10-12 14:42 - 2016-10-12 14:42 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-10-12 14:42 - 2016-10-12 14:42 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-10-12 14:42 - 2016-10-12 14:42 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-10-12 14:42 - 2016-10-12 14:42 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-10-12 14:42 - 2016-10-12 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-10-12 14:42 - 2016-10-12 14:42 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-10-12 14:42 - 2016-10-12 14:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-10-12 14:17 - 2016-10-12 14:20 - 00000000 ____D C:\AdwCleaner 2016-10-12 14:13 - 2016-10-15 20:11 - 00000000 ____D C:\Users\Adrian\Desktop\frst 2016-10-12 14:02 - 2016-10-15 20:14 - 00000000 ____D C:\FRST 2016-10-12 08:50 - 2016-10-12 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Punigram 2016-10-12 08:50 - 2016-10-12 08:50 - 00000000 ____D C:\Program Files (x86)\Punigram 2016-10-11 15:42 - 2016-10-11 15:42 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi 2016-10-11 12:32 - 2016-10-11 12:32 - 00000136 _____ C:\Users\Adrian\Desktop\playlist(1).m3u8 2016-10-10 13:31 - 2016-10-14 19:53 - 00000000 ____D C:\Users\Adrian\Desktop\bit heroes 2016-10-09 04:28 - 2016-10-09 04:28 - 00001505 _____ C:\Users\Adrian\Desktop\run.bat — skrót.lnk 2016-10-09 04:19 - 2016-10-09 04:30 - 00000054 _____ C:\Windows\system32\Drivers\etc\run.bat 2016-10-09 04:02 - 2016-10-10 03:51 - 00000241 _____ C:\Windows\system32\Drivers\etc\switch.py 2016-10-09 01:27 - 2016-10-09 01:27 - 00001238 _____ C:\Users\Adrian\Desktop\win 10 mini.lnk 2016-10-07 23:15 - 2016-10-07 23:15 - 00000000 ____D C:\Users\Adrian\Downloads\inne 2016-10-07 08:08 - 2016-10-07 21:08 - 00001903 _____ C:\Users\Public\Desktop\MKVToolNix GUI.lnk 2016-10-07 08:08 - 2016-10-07 08:08 - 00000000 ____D C:\Users\Adrian\AppData\Local\bunkus.org 2016-10-07 08:07 - 2016-10-07 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix 2016-10-07 08:07 - 2016-10-07 08:08 - 00000000 ____D C:\Program Files\MKVToolNix 2016-10-07 00:28 - 2016-10-08 09:24 - 00001405 _____ C:\Users\Adrian\Desktop\cda.py 2016-09-30 22:59 - 2016-09-30 23:54 - 00042134 _____ C:\Users\Adrian\Desktop\UWCutils.py 2016-09-30 02:50 - 2016-09-30 02:50 - 00001355 _____ C:\Users\Adrian\Desktop\uTorrent.exe — skrót.lnk 2016-09-26 23:00 - 2016-09-27 00:23 - 01310720 _____ C:\Users\Adrian\Desktop\Persona Q DLC Undub v2TEST (US).7z 2016-09-26 22:11 - 2016-09-26 22:13 - 00000000 ____D C:\Users\Adrian\Desktop\Universal-Inject-Generator-master 2016-09-23 19:30 - 2016-09-23 19:30 - 00000000 ____D C:\Users\Adrian\AppData\LocalLow\CDProjektRED 2016-09-23 19:30 - 2016-09-23 19:30 - 00000000 ____D C:\ProgramData\CDProjekt RED 2016-09-22 22:53 - 2016-09-22 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin® 3 - Dziki Gon [GOG.com] 2016-09-22 21:29 - 2016-09-22 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwent [GOG.com] 2016-09-19 09:41 - 2016-09-19 09:41 - 00000000 ____D C:\Users\Adrian\AppData\Local\RealVNC 2016-09-19 07:52 - 2016-09-19 07:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP 2016-09-19 07:51 - 2016-09-19 07:52 - 00562688 _____ (Microsoft Corporation) C:\install.exe 2016-09-19 07:48 - 2016-09-23 23:16 - 00000000 ____D C:\xampp 2016-09-19 07:28 - 2016-09-19 07:28 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2016-09-19 07:27 - 2016-09-19 07:27 - 00001266 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\filezilla.lnk 2016-09-18 16:42 - 2016-09-18 16:57 - 00000000 ____D C:\Users\Adrian\Desktop\dist 2016-09-18 16:42 - 2016-09-18 16:42 - 00000000 ____D C:\Users\Adrian\Desktop\build 2016-09-18 16:41 - 2016-09-18 16:42 - 00000092 _____ C:\Users\Adrian\Desktop\setup.py 2016-09-18 08:59 - 2016-09-18 08:59 - 00000869 _____ C:\Users\Adrian\Desktop\The Elder Scrolls Online.lnk 2016-09-18 08:59 - 2016-09-18 08:59 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online 2016-09-18 08:06 - 2016-09-18 08:06 - 00144454 _____ C:\Users\Adrian\Desktop\cython.c 2016-09-18 07:51 - 2016-09-18 07:51 - 00000726 _____ C:\Users\Adrian\Desktop\sniffer.pyo 2016-09-17 17:17 - 2016-09-17 17:27 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Zero Escape 2016-09-17 06:13 - 2016-09-17 06:13 - 00000915 _____ C:\Users\Adrian\Documents\key3.key 2016-09-17 06:06 - 2016-09-17 06:06 - 00001009 _____ C:\Users\Adrian\Documents\key.key 2016-09-17 06:06 - 2016-09-17 06:06 - 00000915 _____ C:\Users\Adrian\Documents\key2.key 2016-09-17 05:03 - 2016-09-17 05:03 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\NVIDIA 2016-09-16 03:21 - 2016-09-16 03:21 - 00133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2016-09-16 03:21 - 2016-09-16 03:21 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe 2016-09-16 03:21 - 2016-09-16 03:21 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2016-09-16 03:21 - 2016-09-16 03:21 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-09-16 03:21 - 2016-05-04 04:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll 2016-09-16 03:21 - 2016-05-04 04:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll 2016-09-16 03:20 - 2016-09-16 03:20 - 01362368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2016-09-16 03:20 - 2016-09-16 03:19 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2016-09-16 03:20 - 2016-09-16 03:19 - 00203320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2016-09-16 03:20 - 2016-08-25 23:10 - 06385720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2016-09-16 03:20 - 2016-08-25 23:10 - 02475064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2016-09-16 03:20 - 2016-08-25 23:10 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2016-09-16 03:20 - 2016-08-25 23:10 - 00548408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2016-09-16 03:20 - 2016-08-25 23:10 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2016-09-16 03:20 - 2016-08-25 23:10 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2016-09-16 03:20 - 2016-08-25 23:10 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2016-09-16 03:20 - 2016-08-22 17:18 - 07320235 _____ C:\Windows\system32\nvcoproc.bin 2016-09-16 03:18 - 2016-09-16 03:21 - 01588688 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2016-09-16 03:18 - 2016-09-16 03:21 - 00223304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2016-09-16 03:18 - 2016-09-16 03:21 - 00054728 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 40070200 _____ C:\Windows\system32\nvcompiler.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 35182648 _____ C:\Windows\SysWOW64\nvcompiler.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 34801088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 28207672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 19848080 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 17463088 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 17263792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 14352816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 14093368 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-09-16 03:18 - 2016-09-16 03:19 - 10865704 _____ C:\Windows\system32\nvptxJitCompiler.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 10737632 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 10278080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 09086856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 08875408 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 08680696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 03917512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 03594808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 03456888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 03160512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 01920960 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437270.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437270.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 01019960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00956352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00941504 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00893712 _____ C:\Windows\system32\nvmcumd.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00892864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00686896 _____ C:\Windows\system32\nvfatbinaryLoader.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00575984 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00520912 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00493608 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00437696 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00436088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00408784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00181488 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00159352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00124352 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll 2016-09-16 03:18 - 2016-09-16 03:19 - 00047672 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys 2016-09-16 03:18 - 2016-08-26 01:28 - 00039731 _____ C:\Windows\system32\nvinfo.pb 2016-09-16 03:18 - 2016-08-26 01:28 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2016-09-16 03:18 - 2016-08-26 01:28 - 00000669 _____ C:\Windows\system32\nv-vk64.json 2016-09-16 03:09 - 2016-09-16 03:09 - 00001428 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-09-16 03:08 - 2016-09-16 03:08 - 00106040 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2016-09-16 03:08 - 2016-09-16 03:08 - 00095800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2016-09-16 03:08 - 2016-09-16 03:08 - 00047672 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2016-09-16 03:08 - 2016-09-16 03:07 - 00001951 _____ C:\Windows\NvContainerRecovery.bat 2016-09-16 03:05 - 2016-09-18 09:35 - 00000000 ____D C:\Users\Adrian\Documents\ProfileCache 2016-09-16 03:05 - 2016-09-18 09:25 - 00000000 ____D C:\Users\Adrian\Documents\The Crew 2016-09-16 03:04 - 2016-09-16 03:04 - 00000000 ____D C:\Users\Adrian\AppData\Local\Ubisoft ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-10-15 20:09 - 2015-12-05 02:54 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat 2016-10-15 19:35 - 2015-06-15 22:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2425397994-473716014-1509793327-1001 2016-10-15 19:25 - 2015-06-15 16:55 - 00000000 ____D C:\Gry 2016-10-15 19:19 - 2015-06-21 00:14 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-10-15 19:18 - 2016-02-09 23:24 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\MPC-HC 2016-10-15 19:16 - 2016-01-21 00:49 - 00000000 ____D C:\Users\Adrian\Downloads\anime 2016-10-15 19:13 - 2016-04-08 17:07 - 00000623 _____ C:\Users\Adrian\remotelauncherserverlog 2016-10-15 19:12 - 2015-11-29 20:12 - 00000000 ____D C:\Users\Adrian\AppData\Local\Pushbullet 2016-10-15 19:11 - 2015-06-21 00:14 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-10-15 19:10 - 2016-06-03 02:09 - 00000000 ____D C:\Windows\Minidump 2016-10-15 19:10 - 2015-06-15 22:11 - 00000000 ____D C:\Users\Adrian 2016-10-15 19:10 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-10-15 18:30 - 2015-11-21 00:45 - 00000000 ____D C:\Users\Adrian\AppData\Local\CrashDumps 2016-10-15 18:30 - 2015-11-04 05:41 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\DAEMON Tools Lite 2016-10-15 18:30 - 2015-11-03 23:35 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\uTorrent 2016-10-15 18:30 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2016-10-15 18:04 - 2016-01-15 12:30 - 00007620 _____ C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg 2016-10-15 17:59 - 2016-02-09 17:29 - 00000000 ____D C:\Users\Adrian\AppData\Local\JDownloader v2.0 2016-10-15 15:15 - 2016-03-13 20:04 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Kodi 2016-10-15 12:25 - 2015-06-15 18:53 - 00000000 ____D C:\Users\Adrian\AppData\Local\NVIDIA Corporation 2016-10-14 22:43 - 2016-04-08 18:02 - 00000000 ____D C:\Users\Adrian\.gimp-2.8 2016-10-14 22:31 - 2016-04-08 18:03 - 00000000 ____D C:\Users\Adrian\AppData\Local\gtk-2.0 2016-10-14 19:23 - 2016-05-08 02:00 - 00000000 ____D C:\ProgramData\NVIDIA 2016-10-14 19:06 - 2015-06-20 12:22 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Skype 2016-10-14 18:58 - 2016-07-04 00:20 - 00000000 ____D C:\Program Files (x86)\ManyCam 2016-10-14 18:57 - 2016-01-13 09:22 - 00000000 ____D C:\Users\Adrian\AppData\Local\Genymobile 2016-10-14 10:58 - 2016-05-29 13:15 - 00000000 ___RD C:\MEGA 2016-10-14 10:37 - 2015-08-12 00:07 - 00000000 ____D C:\rtmpdump 2016-10-12 15:48 - 2015-11-09 02:38 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\PT 2016-10-12 15:48 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\ADFS 2016-10-12 14:54 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\Offline Web Pages 2016-10-12 14:52 - 2015-06-15 22:08 - 00000000 ____D C:\Program Files\KMSpico 2016-10-12 14:20 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-10-11 15:44 - 2015-06-15 17:37 - 00000000 ____D C:\ProgramData\Package Cache 2016-10-11 15:42 - 2016-03-13 20:03 - 00000000 ____D C:\Program Files (x86)\Kodi 2016-10-11 13:14 - 2016-06-11 02:48 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\vlc 2016-10-11 12:34 - 2016-03-13 20:04 - 00027567 _____ C:\Users\Adrian\Desktop\cookies.dat 2016-10-11 11:34 - 2015-08-12 00:13 - 00005387 _____ C:\Users\Adrian\.swfinfo 2016-10-10 15:27 - 2016-01-13 09:22 - 00000000 ____D C:\Users\Adrian\.VirtualBox 2016-10-10 08:43 - 2015-11-28 22:12 - 00000000 ____D C:\Users\Adrian\Downloads\podcasts 2016-10-10 04:06 - 2016-03-16 19:43 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\FileZilla 2016-10-09 09:56 - 2016-04-12 02:55 - 00000000 ____D C:\Users\Adrian\AppData\LocalLow\uTorrent 2016-10-09 09:56 - 2015-11-03 23:56 - 00000000 ____D C:\Users\Adrian\Downloads\movies 2016-10-07 23:07 - 2016-07-24 02:15 - 00000000 ____D C:\Users\Adrian\Downloads\cb 2016-10-07 21:24 - 2015-06-15 22:16 - 01825256 _____ C:\Windows\system32\PerfStringBackup.INI 2016-10-07 21:24 - 2015-06-15 18:35 - 00805892 _____ C:\Windows\system32\perfh015.dat 2016-10-07 21:24 - 2015-06-15 18:35 - 00163272 _____ C:\Windows\system32\perfc015.dat 2016-10-07 16:57 - 2016-05-03 16:31 - 00004112 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1462285875 2016-10-07 08:16 - 2016-09-01 19:45 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames 2016-10-07 08:02 - 2015-06-15 21:19 - 00000000 ____D C:\Users\Adrian\AppData\Local\Battle.net 2016-10-04 03:26 - 2016-02-19 03:36 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Audacity 2016-09-30 21:19 - 2015-06-21 00:16 - 00002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-09-30 20:42 - 2016-09-09 19:28 - 00000000 ____D C:\Users\Adrian\AppData\Local\Nox 2016-09-30 19:42 - 2016-09-09 19:31 - 00000000 ____D C:\Users\Adrian\vmlogs 2016-09-30 19:42 - 2016-09-09 19:31 - 00000000 ____D C:\Users\Adrian\.BigNox 2016-09-30 19:42 - 2016-04-28 19:39 - 00000000 ____D C:\Users\Adrian\.android 2016-09-29 19:43 - 2016-09-11 18:02 - 00000000 ____D C:\Users\Adrian\Desktop\liveme downloader 2016-09-29 04:22 - 2016-04-07 14:59 - 00004914 _____ C:\Windows\system32\Drivers\fvstore.dat 2016-09-29 01:03 - 2015-07-20 16:59 - 00000000 ____D C:\ProgramData\Oracle 2016-09-29 01:02 - 2015-06-22 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-09-29 01:02 - 2015-06-22 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2016-09-29 01:01 - 2016-05-08 05:36 - 00000000 ____D C:\Users\Adrian\.oracle_jre_usage 2016-09-29 01:01 - 2015-06-22 16:59 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2016-09-29 01:01 - 2015-06-22 16:58 - 00000000 ____D C:\Program Files\Java 2016-09-25 13:02 - 2015-06-15 16:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-09-24 20:01 - 2015-06-15 16:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-09-22 21:48 - 2015-08-04 01:24 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\livestreamer 2016-09-21 20:00 - 2016-04-05 00:03 - 00000000 ____D C:\Users\Adrian\Desktop\scripts 2016-09-19 07:28 - 2016-03-16 19:43 - 00000000 ____D C:\Program Files\FileZilla FTP Client 2016-09-18 16:40 - 2016-05-16 22:01 - 00000000 ____D C:\Python27 2016-09-18 09:40 - 2015-06-18 20:01 - 00000000 ____D C:\Program Files\Rockstar Games 2016-09-18 09:40 - 2015-06-18 20:01 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2016-09-18 09:38 - 2016-09-14 17:30 - 00000000 ____D C:\Users\Adrian\AppData\Local\Ubisoft Game Launcher 2016-09-17 17:17 - 2015-06-15 21:41 - 00000000 ____D C:\Users\Adrian\Documents\My Games 2016-09-17 13:21 - 2016-09-04 21:43 - 00000103 _____ C:\Users\Adrian\Desktop\02.09.2016IPTV_ssip_smartTV.m3u 2016-09-16 03:21 - 2016-05-04 04:22 - 00045344 _____ C:\Windows\system32\vulkaninfo-1-1-0-11-1.exe 2016-09-16 03:21 - 2016-05-04 04:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo-1-1-0-11-1.exe 2016-09-16 03:21 - 2016-02-27 06:17 - 00000000 ____D C:\Temp 2016-09-16 03:21 - 2015-06-15 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-09-16 03:21 - 2015-06-15 17:54 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-09-16 03:21 - 2015-06-15 17:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-09-16 03:20 - 2015-06-15 17:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-09-16 03:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Help 2016-09-16 03:08 - 2016-07-02 01:53 - 00003830 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-16 03:08 - 2016-07-02 01:53 - 00003830 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-16 03:08 - 2016-07-02 01:53 - 00003780 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-16 03:08 - 2016-07-02 01:53 - 00003768 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-16 03:08 - 2016-07-02 01:53 - 00003532 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-16 03:08 - 2016-05-27 13:07 - 00000000 ____D C:\Windows\LastGood.Tmp 2016-09-15 14:34 - 2015-06-15 17:12 - 00000000 ____D C:\Users\Adrian\AppData\Local\Adobe 2016-09-15 14:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-09-15 14:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed 2016-09-15 01:07 - 2015-09-03 12:52 - 00813824 _____ (COMODO) C:\Windows\system32\guard64.dll 2016-09-15 01:07 - 2015-09-03 12:52 - 00642976 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll 2016-09-15 01:07 - 2015-08-05 01:29 - 00051800 _____ (COMODO) C:\Windows\system32\cmdcsr.dll 2016-09-15 01:05 - 2015-08-05 01:28 - 00365752 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll 2016-09-15 01:04 - 2015-08-05 01:28 - 00051896 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll 2016-09-15 01:02 - 2015-08-05 01:27 - 00296120 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll 2016-09-15 01:01 - 2015-08-05 01:26 - 00046776 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll ==================== Files in the root of some directories ======= 2016-01-17 00:33 - 2016-01-17 00:46 - 0002684 _____ () C:\Users\Adrian\AppData\Roaming\droid4xinstaller.log 2016-07-21 09:29 - 2016-07-21 09:29 - 26640264 _____ () C:\Users\Adrian\AppData\Roaming\gameboxsetup.exe 2016-02-10 01:42 - 2016-02-10 02:06 - 0099384 _____ () C:\Users\Adrian\AppData\Roaming\inst.exe 2015-12-13 21:00 - 2015-12-13 21:00 - 0000055 _____ () C:\Users\Adrian\AppData\Roaming\MouseServer.ini 2016-02-10 01:42 - 2016-02-10 02:06 - 0007859 _____ () C:\Users\Adrian\AppData\Roaming\pcouffin.cat 2016-02-10 01:42 - 2016-02-10 02:06 - 0001167 _____ () C:\Users\Adrian\AppData\Roaming\pcouffin.inf 2016-02-10 01:42 - 2016-02-10 02:06 - 0000055 _____ () C:\Users\Adrian\AppData\Roaming\pcouffin.log 2016-02-10 01:42 - 2016-02-10 02:06 - 0082816 _____ (VSO Software) C:\Users\Adrian\AppData\Roaming\pcouffin.sys 2016-08-19 12:07 - 2016-08-19 12:13 - 0010752 _____ () C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-10-14 22:31 - 2016-10-14 22:31 - 0003058 _____ () C:\Users\Adrian\AppData\Local\recently-used.xbel 2016-01-15 12:30 - 2016-10-15 18:04 - 0007620 _____ () C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg 2015-06-15 17:39 - 2015-06-15 17:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-05-01 01:40 - 2016-05-01 01:40 - 0019535 _____ () C:\ProgramData\empty.ico Some files in TEMP: ==================== C:\Users\Adrian\AppData\Local\Temp\proxy_vole2458944535058488217.dll C:\Users\Adrian\AppData\Local\Temp\proxy_vole2466513760601779053.dll C:\Users\Adrian\AppData\Local\Temp\proxy_vole842039210515366023.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-10-12 05:29 ==================== End of FRST.txt ============================