Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01 Ran by mariusz (administrator) on MARIUSZ-HP on 07-12-2014 17:52:18 Running from C:\Users\mariusz\Downloads\Log Loaded Profile: mariusz (Available profiles: mariusz & Matura) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe () C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Akamai Technologies, Inc.) C:\Users\mariusz\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\mariusz\AppData\Local\Akamai\netsession_win.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-2992926045-3456513150-244244987-1000\...\Run: [Akamai NetSession Interface] => C:\Users\mariusz\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.) HKU\S-1-5-21-2992926045-3456513150-244244987-1000\...\Run: [uTorrent] => C:\Users\mariusz\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-22] (BitTorrent Inc.) HKU\S-1-5-21-2992926045-3456513150-244244987-1000\...\Policies\Explorer: [] HKU\S-1-5-21-2992926045-3456513150-244244987-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2992926045-3456513150-244244987-1000\...\MountPoints2: F - F:\setup.exe HKU\S-1-5-21-2992926045-3456513150-244244987-1000\...\MountPoints2: {1180bc4f-2071-11e4-b07f-806e6f6e6963} - E:\cda_menu.exe HKU\S-1-5-21-2992926045-3456513150-244244987-1000\...\MountPoints2: {4385c33b-5b78-11e4-9d50-101f740a433c} - I:\Startme.exe HKU\S-1-5-21-2992926045-3456513150-244244987-1000\...\MountPoints2: {8dd77dc0-1d95-11e4-9354-806e6f6e6963} - H:\autorun.exe HKU\S-1-5-21-2992926045-3456513150-244244987-1000\...\MountPoints2: {96b91a8c-44dd-11e1-91ba-bc7737de3e64} - F:\autorun.exe HKU\S-1-5-21-2992926045-3456513150-244244987-1000\...\MountPoints2: {f9299193-f637-11e0-a62b-bc7737de3e60} - G:\AutoRunCardDetector.exe HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2992926045-3456513150-244244987-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM -> {FF9858AD-FFBA-4360-B551-CB47AB646635} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 -> {FF9858AD-FFBA-4360-B551-CB47AB646635} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-2992926045-3456513150-244244987-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2992926045-3456513150-244244987-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2992926045-3456513150-244244987-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKU\S-1-5-21-2992926045-3456513150-244244987-1000 -> {5ECA38EE-8D54-4D05-9BC5-CA458B2D2808} URL = http://start.funmoods.com/results.php?f=4&a=kno&q={searchTerms} SearchScopes: HKU\S-1-5-21-2992926045-3456513150-244244987-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={810A5234-685A-49C5-98CB-97BCB14888E3}&mid=b18f6a8acfc947d381706d3e713ad797-6b36e4854bb48b6bd417e259fbb07a426a2bb1fb&lang=en&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-05 16:21:19&v=18.0.5.292&pid=safeguard&sg=0&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-2992926045-3456513150-244244987-1000 -> {C3BB87A5-663B-4E2A-9AE3-C6790E9B6EF9} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=796488B1-E30D-4B10-B34F-D3604AAFD3EB&apn_sauid=CDD02F75-5B8F-468C-A1C2-4D813B709F81 SearchScopes: HKU\S-1-5-21-2992926045-3456513150-244244987-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-2992926045-3456513150-244244987-1000 -> {FF9858AD-FFBA-4360-B551-CB47AB646635} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File BHO-x32: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: No Name -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> No File BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File BHO-x32: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File BHO-x32: No Name -> {F156768E-81EF-470C-9057-481BA8380DBA} -> No File BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: No Name -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> No File Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\xwu6x121.default-1377074941143 FF Homepage: hxxp://mysearch.avg.com?cid={810A5234-685A-49C5-98CB-97BCB14888E3}&mid=b18f6a8acfc947d381706d3e713ad797-6b36e4854bb48b6bd417e259fbb07a426a2bb1fb&lang=en&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-05 16:21:19&v=18.0.5.292&pid=safeguard&sg=0&sap=hp FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll () FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll (BYOND) FF Plugin HKU\S-1-5-21-2992926045-3456513150-244244987-1000: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll (BYOND) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll (BYOND) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Extension: HP Detect - C:\Users\mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\xwu6x121.default-1377074941143\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013-09-07] FF Extension: MEGA - C:\Users\mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\xwu6x121.default-1377074941143\Extensions\firefox@mega.co.nz.xpi [2014-10-12] FF Extension: Adblock Plus - C:\Users\mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\xwu6x121.default-1377074941143\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-30] FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-11-10] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-04-05] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-12] FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.7.598 FF Extension: No Name - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.7.598 [2014-06-02] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKU\S-1-5-21-2992926045-3456513150-244244987-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR HomePage: Default -> https://www.google.pl/ CHR StartupUrls: Default -> "hxxp://www.google.pl/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\mariusz\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-04] CHR Extension: (Adblock Plus) - C:\Users\mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-17] CHR Extension: (Szukaj w Google) - C:\Users\mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-04] CHR Extension: (Google Wallet) - C:\Users\mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01] CHR Extension: (Gmail) - C:\Users\mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-04] CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11] CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - No Path CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2011-11-29] (Adobe Systems) [File not signed] S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) S4 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2011-01-24] (Intel Corporation) [File not signed] S4 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2011-01-24] (Intel Corporation) [File not signed] S4 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [991296 2011-01-24] (Intel Corporation) [File not signed] S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed] S4 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-01-25] (CyberLink) R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] S2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed] R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed] S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation) S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-10-18] (LogMeIn, Inc.) R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [67400 2011-04-01] (Microsoft Corporation) R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [61913952 2010-04-03] (Microsoft Corporation) R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\my.ini [8916 2012-03-06] () [File not signed] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-04] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-10-14] () S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed] S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [428384 2010-04-03] (Microsoft Corporation) R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed] R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1808408 2014-06-02] (AVG Secure Search) S4 Autodesk Content Service; "C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-02-28] () S3 AVerAF35; C:\Windows\System32\Drivers\HPAF35.sys [511104 2009-10-19] (Hewlett-Packard) R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-02] (AVG Technologies) S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-31] (DT Soft Ltd) S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [119680 2009-08-10] (Gemalto) S3 HPIR; C:\Windows\System32\DRIVERS\HPIR.sys [93184 2009-11-16] (Hewlett-Packard) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-09-27] (Intel Corporation) S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [119680 2010-07-23] (TCT International Mobile Ltd) [File not signed] R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-02-28] () S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation) S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation) S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation) S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation) S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation) S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation) S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-08-06] (Duplex Secure Ltd.) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-09-20] () R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex) U3 abl9b939; C:\Windows\System32\Drivers\abl9b939.sys [0 ] (Elaborate Bytes AG) S3 dgderdrv; System32\drivers\dgderdrv.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] S3 X6va006; \??\C:\Users\mariusz\AppData\Local\Temp\006898B.tmp [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-07 17:48 - 2014-12-07 17:48 - 00000000 ____D () C:\Users\Default\AppData\Local\Hewlett-Packard 2014-12-07 17:48 - 2014-12-07 17:48 - 00000000 ____D () C:\Users\Default User\AppData\Local\Hewlett-Packard 2014-12-07 17:26 - 2014-12-07 17:26 - 00380416 _____ () C:\Users\mariusz\Downloads\jziff1p2.exe 2014-12-07 17:21 - 2014-12-07 17:21 - 00025947 _____ () C:\Users\mariusz\Downloads\Shortcut.txt 2014-12-07 17:18 - 2014-12-07 17:18 - 00016422 _____ () C:\Users\mariusz\Desktop\attach.txt 2014-12-07 17:18 - 2014-12-07 17:17 - 00028446 _____ () C:\Users\mariusz\Desktop\dds.txt 2014-12-07 17:13 - 2014-12-07 17:13 - 00688992 _____ (Swearware) C:\Users\mariusz\Downloads\dds.com 2014-12-07 17:13 - 2014-12-07 17:13 - 00602112 _____ (OldTimer Tools) C:\Users\mariusz\Downloads\OTL.exe 2014-12-07 17:12 - 2014-12-07 17:52 - 00000000 ____D () C:\Users\mariusz\Downloads\Log 2014-12-07 17:12 - 2014-12-07 17:52 - 00000000 ____D () C:\FRST 2014-12-07 17:11 - 2014-12-07 17:12 - 02119680 _____ (Farbar) C:\Users\mariusz\Downloads\FRST64.exe 2014-12-07 16:57 - 2014-12-07 16:57 - 00689664 _____ () C:\Users\mariusz\Downloads\MicrosoftFixit50202.msi 2014-12-07 15:15 - 2014-12-07 15:15 - 00000000 ____D () C:\ProgramData\iolo 2014-12-07 15:14 - 2014-12-07 15:14 - 00459696 _____ () C:\Users\mariusz\Downloads\smpro_dm.exe 2014-12-07 15:14 - 2014-12-07 15:14 - 00459696 _____ () C:\Users\mariusz\Downloads\smpro_dm (1).exe 2014-12-07 15:14 - 2014-12-07 15:14 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\iolo 2014-12-07 14:56 - 2014-12-07 14:56 - 00000000 ____D () C:\Windows\048298C9A4D3490B9FF9AB023A9238F3.TMP 2014-12-07 14:34 - 2014-12-07 14:35 - 4205696685 _____ () C:\Users\mariusz\Downloads\[PC GAME MULTI] - Gran Theft Auto San Andreas + Crack NoCD - (Perfect DVD Version) - (Eng-Ita-Deu-Fra-Esp) - (By G-ADLVR_R7.rar 2014-12-06 02:52 - 2014-12-06 02:52 - 00000000 ____D () C:\Users\mariusz\AppData\Local\{22C14F21-D683-4F48-8EA8-DB1AA07865DA} 2014-12-05 06:59 - 2014-12-05 08:43 - 00000000 ____D () C:\Users\mariusz\Downloads\Drawn Together Seasons 1-3 Uncensored XviD DVDRip 2014-12-04 21:34 - 2014-12-04 21:34 - 00001476 _____ () C:\Users\Public\Desktop\LibreOffice 4.3.lnk 2014-12-04 21:34 - 2014-12-04 21:34 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3 2014-12-04 09:51 - 2014-12-04 09:51 - 00002000 _____ () C:\Users\Public\Desktop\Freespace.lnk 2014-12-03 16:08 - 2014-12-03 16:08 - 00001086 _____ () C:\Users\mariusz\Desktop\Launcher — skrót.lnk 2014-12-03 12:20 - 2014-12-03 12:20 - 00001693 _____ () C:\Users\Public\Desktop\Jade Empire.lnk 2014-12-03 12:08 - 2014-12-03 12:08 - 00003848 _____ () C:\Windows\System32\Tasks\FileTransfer 2014-12-03 12:08 - 2014-12-03 12:08 - 00003820 _____ () C:\Windows\System32\Tasks\Accessories 2014-12-03 12:06 - 2014-12-07 12:06 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleFormariusz.job 2014-12-03 10:37 - 2014-12-03 10:37 - 00000000 ____D () C:\data 2014-12-03 01:45 - 2014-12-03 01:45 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2014-12-03 01:45 - 2014-12-03 01:45 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2014-12-03 01:45 - 2014-12-03 01:45 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2014-12-03 01:45 - 2014-12-03 01:45 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2014-12-03 01:45 - 2014-12-03 01:45 - 00000000 ____D () C:\Program Files (x86)\OpenAL 2014-12-03 01:41 - 2014-12-03 01:41 - 00001552 _____ () C:\Users\Public\Desktop\Freespace 2.lnk 2014-12-03 00:54 - 2014-12-03 04:23 - 00000000 ____D () C:\Users\mariusz\Downloads\Jade Empire [GOG] 2014-12-03 00:00 - 2014-12-03 01:26 - 00000000 ____D () C:\Users\mariusz\Downloads\Freespace 1 & 2 - Gog.com Versions 2014-12-02 23:59 - 2014-12-03 09:23 - 00000000 _____ () C:\Users\mariusz\.JarClassLoader 2014-12-02 23:59 - 2014-12-03 05:24 - 00003647 _____ () C:\Users\mariusz\fsoinstaller.properties 2014-12-02 23:58 - 2014-12-02 23:58 - 06259719 _____ () C:\Users\mariusz\Downloads\FreeSpaceOpenInstaller.jar 2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Patch Maker 2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\Program Files (x86)\Patch Maker 2014-12-02 23:46 - 2002-10-07 17:52 - 00135034 _____ () C:\Users\mariusz\Desktop\BlueShift.exe 2014-12-02 23:42 - 2014-12-02 23:42 - 00021840 _____ () C:\Windows\SysWOW64\SIntfNT.dll 2014-12-02 23:42 - 2014-12-02 23:42 - 00017212 _____ () C:\Windows\SysWOW64\SIntf32.dll 2014-12-02 23:42 - 2014-12-02 23:42 - 00012067 _____ () C:\Windows\SysWOW64\SIntf16.dll 2014-12-02 23:42 - 2014-12-02 23:42 - 00001577 _____ () C:\Users\Matura\Desktop\Blue Shift.LNK 2014-12-02 23:19 - 2014-12-02 23:19 - 00000000 ____D () C:\SAVE 2014-12-02 23:15 - 2014-12-02 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra 2014-12-02 23:15 - 2014-12-02 23:15 - 00001540 _____ () C:\Users\Matura\Desktop\Half-Life.lnk 2014-12-02 23:15 - 2014-12-02 23:15 - 00000171 _____ () C:\Windows\sierra.ini 2014-12-02 23:15 - 2014-12-02 23:15 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra 2014-12-02 23:13 - 2014-12-02 23:35 - 00000000 ____D () C:\Sierra 2014-12-02 22:52 - 2014-12-02 22:52 - 09259520 _____ () C:\Windows\system32\Drivers\SETE53F.tmp 2014-12-02 22:35 - 2011-10-21 11:30 - 12310112 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdpmd64.sys 2014-12-02 22:35 - 2011-10-21 11:30 - 12310112 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2014-12-02 22:35 - 2011-10-21 10:20 - 00017496 _____ () C:\Windows\system32\iglhxs64.vp 2014-12-02 22:35 - 2011-10-21 09:41 - 04378392 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe 2014-12-02 22:35 - 2011-10-21 09:41 - 00510232 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2014-12-02 22:35 - 2011-10-21 09:41 - 00416024 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2014-12-02 22:35 - 2011-10-21 09:41 - 00392472 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2014-12-02 22:35 - 2011-10-21 09:41 - 00239896 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2014-12-02 22:35 - 2011-10-21 09:41 - 00184600 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2014-12-02 22:35 - 2011-10-21 09:41 - 00167704 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2014-12-02 22:35 - 2011-10-21 09:30 - 08313856 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll 2014-12-02 22:35 - 2011-10-21 09:27 - 00963116 _____ () C:\Windows\SysWOW64\igkrng600.bin 2014-12-02 22:35 - 2011-10-21 09:27 - 00963116 _____ () C:\Windows\system32\igkrng600.bin 2014-12-02 22:35 - 2011-10-21 09:27 - 00217536 _____ () C:\Windows\SysWOW64\igfcg600m.bin 2014-12-02 22:35 - 2011-10-21 09:27 - 00217536 _____ () C:\Windows\system32\igfcg600m.bin 2014-12-02 22:35 - 2011-10-21 09:25 - 06323712 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll 2014-12-02 22:35 - 2011-10-21 09:21 - 00581120 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll 2014-12-02 22:35 - 2011-10-21 09:19 - 14592512 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll 2014-12-02 22:35 - 2011-10-21 09:13 - 12340224 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll 2014-12-02 22:35 - 2011-10-21 09:08 - 18651648 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll 2014-12-02 22:35 - 2011-10-21 09:03 - 13903872 _____ () C:\Windows\SysWOW64\ig4icd32.dll 2014-12-02 22:35 - 2011-10-21 08:59 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00285184 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00283648 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00283136 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2014-12-02 22:35 - 2011-10-21 08:59 - 00211303 _____ () C:\Windows\system32\Gfxres.th-TH.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00198139 _____ () C:\Windows\system32\Gfxres.el-GR.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00182706 _____ () C:\Windows\system32\Gfxres.ru-RU.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00156233 _____ () C:\Windows\system32\Gfxres.ar-SA.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00153167 _____ () C:\Windows\system32\Gfxres.ja-JP.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00149009 _____ () C:\Windows\system32\Gfxres.he-IL.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00140216 _____ () C:\Windows\system32\Gfxres.it-IT.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00138727 _____ () C:\Windows\system32\Gfxres.ko-KR.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00137846 _____ () C:\Windows\system32\Gfxres.de-DE.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00137668 _____ () C:\Windows\system32\Gfxres.es-ES.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00136603 _____ () C:\Windows\system32\Gfxres.ro-RO.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00135628 _____ () C:\Windows\system32\Gfxres.fr-FR.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00135370 _____ () C:\Windows\system32\Gfxres.tr-TR.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00134836 _____ () C:\Windows\system32\Gfxres.pt-BR.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00134412 _____ () C:\Windows\system32\Gfxres.nl-NL.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00134384 _____ () C:\Windows\system32\Gfxres.hu-HU.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00133846 _____ () C:\Windows\system32\Gfxres.sv-SE.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00133709 _____ () C:\Windows\system32\Gfxres.pt-PT.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00133404 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00133178 _____ () C:\Windows\system32\Gfxres.pl-PL.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00132889 _____ () C:\Windows\system32\Gfxres.fi-FI.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00132788 _____ () C:\Windows\system32\Gfxres.sk-SK.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00131839 _____ () C:\Windows\system32\Gfxres.hr-HR.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00128996 _____ () C:\Windows\system32\Gfxres.sl-SI.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00128831 _____ () C:\Windows\system32\Gfxres.nb-NO.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00128535 _____ () C:\Windows\system32\Gfxres.da-DK.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00117636 _____ () C:\Windows\system32\Gfxres.zh-TW.resources 2014-12-02 22:35 - 2011-10-21 08:59 - 00116348 _____ () C:\Windows\system32\Gfxres.zh-CN.resources 2014-12-02 22:35 - 2011-10-21 08:58 - 00378368 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2014-12-02 22:35 - 2011-10-21 08:58 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2014-12-02 22:35 - 2011-10-21 08:58 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2014-12-02 22:35 - 2011-10-21 08:58 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2014-12-02 22:35 - 2011-10-21 08:58 - 00285184 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2014-12-02 22:35 - 2011-10-21 08:58 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2014-12-02 22:35 - 2011-10-21 08:58 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2014-12-02 22:35 - 2011-10-21 08:58 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2014-12-02 22:35 - 2011-10-21 08:58 - 00124056 _____ () C:\Windows\system32\Gfxres.en-US.resources 2014-12-02 22:35 - 2011-10-21 08:58 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2014-12-02 22:35 - 2011-10-21 08:57 - 00390144 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2014-12-02 22:35 - 2011-10-21 08:57 - 00146432 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll 2014-12-02 22:35 - 2011-10-21 08:57 - 00110080 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll 2014-12-02 22:35 - 2011-10-21 08:57 - 00062464 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2014-12-02 22:35 - 2011-10-21 08:57 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll 2014-12-02 22:35 - 2011-10-21 08:56 - 09014784 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2014-12-02 22:35 - 2011-10-21 08:56 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2014-12-02 22:35 - 2011-10-21 08:56 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2014-12-02 22:35 - 2011-10-21 08:52 - 00294400 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll 2014-12-02 22:35 - 2011-10-21 08:52 - 00024576 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2014-12-02 22:35 - 2011-10-21 08:50 - 01981696 _____ () C:\Windows\system32\iglhxa64.cpa 2014-12-02 22:35 - 2011-10-21 08:50 - 00376832 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2014-12-02 22:35 - 2011-10-21 08:50 - 00376832 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2014-12-02 22:35 - 2011-10-21 08:50 - 00171520 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2014-12-02 22:35 - 2011-10-21 08:50 - 00148480 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2014-12-02 22:35 - 2011-10-21 08:50 - 00098304 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2014-12-02 22:35 - 2011-10-21 08:50 - 00098304 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2014-12-02 22:35 - 2011-10-21 08:50 - 00059243 _____ () C:\Windows\system32\iglhxo64.vp 2014-12-02 22:35 - 2011-10-21 08:50 - 00059174 _____ () C:\Windows\system32\iglhxg64.vp 2014-12-02 22:35 - 2011-10-21 08:50 - 00059062 _____ () C:\Windows\system32\iglhxc64.vp 2014-12-02 22:35 - 2011-10-21 08:50 - 00001074 _____ () C:\Windows\system32\iglhxa64.vp 2014-12-02 22:35 - 2011-07-28 18:19 - 00335872 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll 2014-12-02 17:29 - 2014-12-02 22:27 - 00000000 ____D () C:\32788R22FWJFW 2014-12-02 16:52 - 2014-12-02 16:52 - 00000000 _____ () C:\Users\mariusz\Desktop\dsadas.txt 2014-12-02 16:46 - 2014-12-02 23:35 - 00000000 ____D () C:\Users\mariusz\Downloads\Half-Life GOTY + Opposing Force + Blue Shift [PC-Game] 2014-12-02 11:49 - 2014-12-02 11:49 - 00000000 ____D () C:\Users\mariusz\Documents\HP Photosmart Projects 2014-12-01 18:46 - 2014-12-04 09:48 - 00000000 ____D () C:\Program Files (x86)\GOG.com 2014-12-01 17:35 - 2014-12-04 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2014-12-01 17:04 - 2014-12-01 17:04 - 00000000 ____D () C:\GOG Games 2014-11-30 14:33 - 2014-11-30 14:33 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\LibreOffice 2014-11-30 14:28 - 2014-11-30 14:32 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4 2014-11-30 13:42 - 2014-11-30 13:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2014-11-30 12:22 - 2014-11-30 12:28 - 225689600 _____ () C:\Users\mariusz\Downloads\LibreOffice_4.3.4_Win_x86.msi 2014-11-30 12:11 - 2014-11-30 14:17 - 00704348 _____ () C:\Windows\PFRO.log 2014-11-30 12:04 - 2014-11-30 12:04 - 00000000 ____D () C:\Users\mariusz\Documents\Tunngle 2014-11-30 11:33 - 2014-12-07 17:50 - 00001714 _____ () C:\Windows\setupact.log 2014-11-30 11:33 - 2014-11-30 11:33 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-29 17:26 - 2014-11-29 17:27 - 00000000 ____D () C:\Users\mariusz\Desktop\WindroId 2014-11-29 17:26 - 2014-11-29 17:27 - 00000000 ____D () C:\Users\mariusz\.android 2014-11-29 16:00 - 2012-03-09 08:04 - 06200320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll 2014-11-29 16:00 - 2012-03-09 07:39 - 19739136 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll 2014-11-29 16:00 - 2012-03-09 06:58 - 00014336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll 2014-11-29 16:00 - 2011-10-21 09:27 - 00075776 _____ () C:\Windows\system32\igdde64.dll 2014-11-29 16:00 - 2011-10-21 09:22 - 00056832 _____ () C:\Windows\SysWOW64\igdde32.dll 2014-11-29 16:00 - 2011-10-21 08:50 - 02177536 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2014-11-29 16:00 - 2011-10-21 08:50 - 01663488 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2014-11-29 15:59 - 2014-11-29 15:59 - 00000000 ____D () C:\Users\mariusz\AppData\Local\Leshcat & Co 2014-11-29 15:44 - 2014-11-29 15:44 - 00000000 ____D () C:\Users\mariusz\Downloads\Catalyst12.3UP2 2014-11-29 13:40 - 2014-11-29 13:40 - 00000000 ____D () C:\Users\mariusz\Downloads\Lindsey Stirling - Shatter Me (Bonus Tracks Edition) 2014 320kbps CBR MP3 [VX] 2014-11-28 16:33 - 2014-11-28 16:33 - 00003256 _____ () C:\Windows\System32\Tasks\{28CFA330-6D79-4324-843F-7DDF271E9205} 2014-11-28 16:32 - 2014-11-28 16:32 - 00003256 _____ () C:\Windows\System32\Tasks\{FDF807DB-3711-4DCF-89C4-9C1EA280A39C} 2014-11-28 16:32 - 2014-11-28 16:32 - 00003256 _____ () C:\Windows\System32\Tasks\{CA8C9E33-6492-478F-96C6-93050D24E6EA} 2014-11-28 11:20 - 2014-11-28 11:20 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2014-11-27 19:36 - 2014-11-27 19:36 - 00000000 ____D () C:\Users\mariusz\AppData\Local\gtk-2.0 2014-11-27 19:23 - 2014-11-27 19:48 - 00000000 ____D () C:\Users\mariusz\.gimp-2.8 2014-11-27 19:23 - 2014-11-27 19:23 - 00000000 ____D () C:\Users\mariusz\AppData\Local\gegl-0.2 2014-11-27 19:22 - 2014-11-27 19:22 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2014-11-27 19:21 - 2014-11-27 19:22 - 00000000 ____D () C:\Program Files\GIMP 2 2014-11-27 19:19 - 2014-11-27 19:20 - 00000000 ____D () C:\GW2Grafika 2014-11-26 15:33 - 2014-11-26 15:33 - 04443312 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-11-23 11:00 - 2014-11-23 11:00 - 00003728 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task 2014-11-22 11:41 - 2014-11-22 11:41 - 00000000 ____D () C:\Users\mariusz\AppData\Local\uTorrent 2014-11-22 11:29 - 2014-11-22 11:29 - 00000000 ____D () C:\Program Files (x86)\AMD APP 2014-11-22 11:24 - 2014-11-22 11:24 - 00000828 _____ () C:\Users\mariusz\Desktop\Run 12.3 UP2 UnifL Installer.lnk 2014-11-22 11:24 - 2012-03-09 09:28 - 10857984 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2014-11-22 11:24 - 2012-03-09 06:58 - 00328704 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys 2014-11-22 11:24 - 2012-02-17 18:45 - 00037533 _____ () C:\Windows\atiogl.xml 2014-11-22 11:24 - 2011-08-23 05:12 - 00317440 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys 2014-11-22 11:24 - 2011-08-23 05:12 - 00014848 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll 2014-11-22 11:23 - 2012-03-09 08:17 - 00235184 _____ () C:\Windows\SysWOW64\atiapfxx.blb 2014-11-22 11:23 - 2012-03-09 08:17 - 00235184 _____ () C:\Windows\system32\atiapfxx.blb 2014-11-22 11:23 - 2012-03-09 08:16 - 00791552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2014-11-22 11:23 - 2012-03-09 08:16 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe 2014-11-22 11:23 - 2012-03-09 08:14 - 00958464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll 2014-11-22 11:23 - 2012-03-09 08:11 - 00496128 _____ (AMD) C:\Windows\system32\atieclxx.exe 2014-11-22 11:23 - 2012-03-09 08:11 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll 2014-11-22 11:23 - 2012-03-09 08:10 - 00235520 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2014-11-22 11:23 - 2012-03-09 08:08 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll 2014-11-22 11:23 - 2012-03-09 08:08 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll 2014-11-22 11:23 - 2012-03-09 08:07 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll 2014-11-22 11:23 - 2012-03-09 08:07 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll 2014-11-22 11:23 - 2012-03-09 08:03 - 26166784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll 2014-11-22 11:23 - 2012-03-09 07:45 - 07646208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll 2014-11-22 11:23 - 2012-03-09 07:36 - 01828864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll 2014-11-22 11:23 - 2012-03-09 07:36 - 01113088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll 2014-11-22 11:23 - 2012-03-09 07:35 - 04958208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll 2014-11-22 11:23 - 2012-03-09 07:31 - 02425664 _____ () C:\Windows\system32\atiumd6a.cap 2014-11-22 11:23 - 2012-03-09 07:23 - 05954048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll 2014-11-22 11:23 - 2012-03-09 07:23 - 05062656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll 2014-11-22 11:23 - 2012-03-09 07:22 - 02427392 _____ () C:\Windows\SysWOW64\atiumdva.cap 2014-11-22 11:23 - 2012-03-09 07:18 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll 2014-11-22 11:23 - 2012-03-09 07:18 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll 2014-11-22 11:23 - 2012-03-09 07:18 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll 2014-11-22 11:23 - 2012-03-09 07:18 - 00044032 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll 2014-11-22 11:23 - 2012-03-09 07:17 - 16069632 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll 2014-11-22 11:23 - 2012-03-09 07:12 - 13715968 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll 2014-11-22 11:23 - 2012-03-09 07:11 - 07552000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll 2014-11-22 11:23 - 2012-03-09 07:05 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2014-11-22 11:23 - 2012-03-09 07:05 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2014-11-22 11:23 - 2012-03-09 07:05 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2014-11-22 11:23 - 2012-03-09 07:05 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2014-11-22 11:23 - 2012-03-09 06:58 - 00512000 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2014-11-22 11:23 - 2012-03-09 06:58 - 00356352 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2014-11-22 11:23 - 2012-03-09 06:58 - 00039936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2014-11-22 11:23 - 2012-03-09 06:58 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2014-11-22 11:23 - 2012-03-09 06:58 - 00017408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll 2014-11-22 11:23 - 2012-03-09 06:57 - 00043008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll 2014-11-22 11:23 - 2012-03-09 06:56 - 00039936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll 2014-11-22 11:23 - 2012-03-09 06:56 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll 2014-11-22 11:23 - 2012-03-09 06:56 - 00030208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll 2014-11-22 11:23 - 2012-03-09 06:55 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2014-11-22 11:23 - 2012-01-11 00:10 - 00601728 _____ () C:\Windows\system32\atiicdxx.dat 2014-11-22 11:23 - 2011-09-30 22:04 - 00423424 _____ (ATI Technologies, Inc.) C:\Windows\system32\atipdl64.dll 2014-11-22 11:23 - 2011-09-30 22:04 - 00356352 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\atipdlxx.dll 2014-11-22 11:23 - 2011-09-13 01:06 - 00003917 _____ () C:\Windows\SysWOW64\atipblag.dat 2014-11-22 11:23 - 2011-09-13 01:06 - 00003917 _____ () C:\Windows\system32\atipblag.dat 2014-11-22 11:15 - 2014-11-22 11:15 - 00000000 ____D () C:\Users\mariusz\Desktop\SterStab 2014-11-20 10:54 - 2014-11-20 10:54 - 00000000 ____D () C:\Users\mariusz\Documents\Updater 2014-11-19 15:24 - 2014-11-19 15:24 - 00000000 ____D () C:\Users\mariusz\Desktop\ASD1 2014-11-19 15:19 - 2014-11-19 15:19 - 00000000 ____D () C:\Users\mariusz\Desktop\Portal2 2014-11-19 15:11 - 2014-11-19 15:11 - 00000000 ____D () C:\JE2 2014-11-19 15:02 - 2014-11-19 15:02 - 00253654 _____ () C:\Users\mariusz\Documents\1.wav 2014-11-19 14:59 - 2014-11-19 14:59 - 00000000 ____D () C:\Parodie 2014-11-19 14:53 - 2014-11-19 14:53 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\Avnex 2014-11-19 14:49 - 2014-11-19 14:49 - 00001224 _____ () C:\Users\mariusz\Desktop\Voice Changer 7.0 Diamond.lnk 2014-11-19 14:49 - 2014-11-19 14:49 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Voice Changer Software DIAMOND 2014-11-19 14:48 - 2014-11-27 19:06 - 00000000 ____D () C:\Program Files (x86)\AV Vcs 7.0 DIAMOND 2014-11-19 14:48 - 2014-11-19 14:48 - 00000000 ____D () C:\Users\mariusz\Desktop\VCN 2014-11-19 14:48 - 2008-12-26 12:56 - 00021504 _____ (Avnex) C:\Windows\system32\Drivers\vcsvad.sys 2014-11-19 13:31 - 2014-11-19 13:31 - 00000625 _____ () C:\Users\mariusz\Documents\1111111.txt 2014-11-17 23:09 - 2014-11-17 23:09 - 00000983 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2014-11-17 20:16 - 2014-11-17 20:16 - 00000133 _____ () C:\Users\mariusz\Documents\ListNolde.txt 2014-11-16 15:17 - 2014-11-16 15:17 - 00000000 ____D () C:\Program Files\PlayReady 2014-11-16 15:12 - 2009-10-19 04:35 - 00511104 _____ (Hewlett-Packard) C:\Windows\system32\Drivers\HPAF35.sys 2014-11-16 15:11 - 2009-11-16 07:28 - 00093184 _____ (Hewlett-Packard) C:\Windows\system32\Drivers\HPIR.sys 2014-11-16 15:11 - 2009-09-09 04:33 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\CIRCoInst.dll 2014-11-13 18:34 - 2014-11-13 18:34 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services 2014-11-13 18:34 - 2014-11-13 18:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services 2014-11-13 18:33 - 2014-11-13 18:33 - 00000000 ____D () C:\Users\mariusz\Intel 2014-11-13 18:20 - 2014-11-13 18:56 - 00000000 ____D () C:\Program Files (x86)\GMABooster 2014-11-13 17:41 - 2014-11-13 18:56 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2014-11-13 17:40 - 2014-11-13 18:56 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-11-13 17:27 - 2014-11-13 18:56 - 00000000 ____D () C:\Users\mariusz\AppData\Local\Dataram_Corporation 2014-11-13 17:27 - 2014-11-13 18:56 - 00000000 ____D () C:\Program Files (x86)\Radeon RAMDisk 2014-11-13 16:11 - 2014-11-13 18:56 - 00000000 ____D () C:\Users\mariusz\Desktop\SWFX 2014-11-13 13:47 - 2014-11-13 13:47 - 00000000 ____D () C:\Users\mariusz\AppData\Local\Skype 2014-11-11 11:57 - 2014-11-11 12:02 - 00000111 _____ () C:\Users\mariusz\Desktop\hghj.txt 2014-11-10 19:44 - 2014-11-10 19:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-07 17:53 - 2009-07-14 03:34 - 00000496 _____ () C:\Windows\win.ini 2014-12-07 17:51 - 2012-03-15 18:35 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\uTorrent 2014-12-07 17:50 - 2014-08-10 10:01 - 00000412 _____ () C:\Windows\Tasks\SlimDrivers Startup.job 2014-12-07 17:50 - 2011-12-07 20:29 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-07 17:50 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-07 17:49 - 2011-07-10 13:16 - 01660940 _____ () C:\Windows\WindowsUpdate.log 2014-12-07 17:49 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-07 17:49 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-07 17:48 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-12-07 17:46 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-12-07 17:33 - 2012-04-22 15:12 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-12-07 17:28 - 2011-12-07 20:29 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-07 17:11 - 2012-12-03 17:06 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2992926045-3456513150-244244987-1007UA.job 2014-12-07 17:11 - 2012-12-03 17:06 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2992926045-3456513150-244244987-1007Core.job 2014-12-07 17:10 - 2011-04-25 02:05 - 00777688 _____ () C:\Windows\system32\perfh015.dat 2014-12-07 17:10 - 2011-04-25 02:05 - 00171402 _____ () C:\Windows\system32\perfc015.dat 2014-12-07 17:10 - 2009-07-14 06:13 - 01780506 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-07 16:27 - 2011-10-04 15:19 - 00000000 ____D () C:\Users\mariusz 2014-12-07 15:12 - 2014-10-13 12:18 - 00000000 ____D () C:\Users\mariusz\AppData\Local\LogMeIn Hamachi 2014-12-07 15:08 - 2014-08-01 23:16 - 00000000 ____D () C:\ProgramData\MTA San Andreas All 2014-12-07 15:08 - 2014-08-01 23:16 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.3 2014-12-07 14:57 - 2014-09-07 11:23 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\vlc 2014-12-07 12:06 - 2012-12-12 21:44 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleFormariusz 2014-12-07 05:06 - 2013-10-14 17:02 - 00004000 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3012B045-4484-4CE7-BAD5-985E1D900E75} 2014-12-06 22:29 - 2013-01-06 09:35 - 00000000 ____D () C:\FAKT95 2014-12-06 22:29 - 2012-12-27 21:01 - 18655252 _____ () C:\FAKT0001.zip 2014-12-06 22:29 - 2012-12-27 20:58 - 00000000 ____D () C:\ProgramData\firebird 2014-12-06 19:57 - 2011-10-06 18:34 - 00000000 ____D () C:\Users\mariusz\Desktop\SPIRA GROUP 2014-12-06 14:17 - 2014-08-02 10:58 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\foobar2000 2014-12-06 10:10 - 2011-11-13 13:22 - 00000000 ____D () C:\Users\mariusz\AppData\Local\CrashDumps 2014-12-05 08:49 - 2009-07-14 05:45 - 05025272 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-05 06:58 - 2011-10-04 15:24 - 00123816 _____ () C:\Users\mariusz\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-04 20:06 - 2014-05-08 18:03 - 00000000 ____D () C:\Users\Matura 2014-12-03 12:09 - 2011-10-04 19:08 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\SoftGrid Client 2014-12-03 10:36 - 2014-08-10 06:53 - 00000000 ____D () C:\Games 2014-12-02 23:17 - 2012-02-12 13:17 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-12-02 22:27 - 2013-08-02 11:51 - 00000000 ____D () C:\Program Files (x86)\Pro Surveillance System 2014-12-02 22:27 - 2012-02-29 19:48 - 00000000 ____D () C:\Users\mariusz\AppData\Local\Akamai 2014-12-02 22:27 - 2011-10-04 15:21 - 00000000 ____D () C:\Users\mariusz\AppData\Local\Hewlett-Packard_Company 2014-12-02 22:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2014-12-02 22:26 - 2012-03-06 16:08 - 00000000 ____D () C:\ProgramData\MySQL 2014-11-30 14:17 - 2014-07-27 23:58 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-11-30 13:43 - 2012-04-19 07:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-11-30 13:43 - 2011-11-15 21:53 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-11-30 12:40 - 2014-08-08 19:14 - 00000000 ____D () C:\Users\Matura\Desktop\Pen 2014-11-30 12:39 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-11-30 12:29 - 2012-04-22 15:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-30 12:29 - 2012-04-22 15:12 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-11-30 12:29 - 2011-10-05 11:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-30 12:29 - 2011-10-04 19:29 - 00000000 ____D () C:\Users\mariusz\AppData\Local\Adobe 2014-11-30 12:06 - 2014-10-28 00:08 - 00000000 ____D () C:\Users\mariusz\AppData\Local\Razer 2014-11-30 12:06 - 2014-10-28 00:06 - 00000000 ____D () C:\ProgramData\Razer 2014-11-30 12:05 - 2012-10-01 10:23 - 00000000 ____D () C:\Symfonia 2014-11-30 12:04 - 2014-10-27 17:44 - 00000000 ____D () C:\Nexon 2014-11-30 12:04 - 2014-10-02 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2014-11-30 12:04 - 2013-08-13 17:45 - 00000000 ____D () C:\Users\mariusz\AppData\Local\SKIDROW 2014-11-30 12:04 - 2012-03-25 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon 2014-11-30 12:03 - 2011-10-06 06:52 - 00030868 _____ () C:\ProgramData\hpzinstall.log 2014-11-30 12:00 - 2014-09-23 09:41 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-11-30 11:59 - 2014-10-26 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2014-11-30 11:57 - 2011-04-24 16:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-11-30 11:57 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-11-30 11:39 - 2012-03-31 16:03 - 00007600 _____ () C:\Users\mariusz\AppData\Local\Resmon.ResmonCfg 2014-11-30 11:21 - 2012-12-16 14:37 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\TS3Client 2014-11-30 11:03 - 2012-03-04 22:50 - 00000000 ____D () C:\Windows\pss 2014-11-29 16:07 - 2011-07-10 13:15 - 00000000 ____D () C:\Program Files\Common Files\Intel 2014-11-29 15:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-11-29 15:30 - 2011-07-10 13:12 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-11-29 15:26 - 2011-07-10 13:14 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2014-11-29 15:23 - 2011-07-10 13:12 - 00000000 ____D () C:\Intel 2014-11-29 15:20 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-28 16:53 - 2012-02-12 13:00 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\Skype 2014-11-28 16:09 - 2014-09-24 15:45 - 00001359 _____ () C:\Users\mariusz\Documents\ax_files.xml 2014-11-28 00:59 - 2012-02-01 09:38 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMARIUSZ-HP$ 2014-11-28 00:59 - 2012-02-01 09:38 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForMARIUSZ-HP$.job 2014-11-26 13:41 - 2011-10-10 17:35 - 00466527 _____ () C:\Windows\SysWOW64\TEST.log 2014-11-23 14:27 - 2014-11-03 20:21 - 00000000 ____D () C:\Users\mariusz\Documents\Guild Wars 2 2014-11-19 01:02 - 2014-11-03 20:22 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2 2014-11-16 15:12 - 2014-07-27 19:49 - 00000000 ____D () C:\Windows\Driver Cache 2014-11-14 19:23 - 2011-12-07 20:29 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-14 19:23 - 2011-12-07 20:29 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-14 10:17 - 2013-12-09 14:42 - 00000000 ____D () C:\Users\mariusz\Desktop\Prace ali 2014-11-14 10:05 - 2014-07-30 21:19 - 00000000 ____D () C:\Program Files (x86)\FlashGet 2014-11-14 10:05 - 2011-07-10 13:27 - 00000000 ____D () C:\Program Files (x86)\HP SimplePass 2011 2014-11-13 18:56 - 2013-01-24 18:11 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-11-13 18:56 - 2013-01-24 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-11-13 18:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security 2014-11-13 18:55 - 2014-08-09 17:34 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-13 18:55 - 2012-02-12 13:00 - 00000000 ____D () C:\ProgramData\Skype 2014-11-13 17:42 - 2013-08-01 20:15 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-11-13 17:42 - 2013-08-01 20:15 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-11-13 10:43 - 2014-09-06 19:16 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\NapiProjekt 2014-11-13 10:43 - 2011-07-10 13:20 - 00000000 ____D () C:\Windows\Hewlett-Packard 2014-11-13 10:42 - 2014-08-10 10:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2014-11-13 10:42 - 2014-08-01 18:01 - 00000000 ____D () C:\Program Files\uTorrent 2014-11-13 10:42 - 2011-10-05 11:48 - 00000000 ____D () C:\Windows\system32\Macromed 2014-11-13 10:40 - 2011-02-10 20:23 - 00000000 ____D () C:\SWSetup 2014-11-13 10:19 - 2011-10-04 15:21 - 00000000 ____D () C:\Users\mariusz\AppData\Roaming\Hewlett-Packard 2014-11-11 18:24 - 2012-05-15 07:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service Some content of TEMP: ==================== C:\Users\mariusz\AppData\Local\Temp\AcDeltree.exe C:\Users\mariusz\AppData\Local\Temp\NGM.exe C:\Users\mariusz\AppData\Local\Temp\NGMDll.dll C:\Users\mariusz\AppData\Local\Temp\NGMResource.dll C:\Users\mariusz\AppData\Local\Temp\sfamcc00001.dll C:\Users\Matura\AppData\Local\Temp\14-4-mobility-win7-win8-win8.1-64-dd-ccc-whql.exe C:\Users\Matura\AppData\Local\Temp\AddInsUpdater.exe C:\Users\Matura\AppData\Local\Temp\AutoRun.exe C:\Users\Matura\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Matura\AppData\Local\Temp\AxSFADownloader.exe C:\Users\Matura\AppData\Local\Temp\bitool.dll C:\Users\Matura\AppData\Local\Temp\drm_dialogs.dll C:\Users\Matura\AppData\Local\Temp\EAInstall.dll C:\Users\Matura\AppData\Local\Temp\gtapi.dll C:\Users\Matura\AppData\Local\Temp\gtapi_signed.dll C:\Users\Matura\AppData\Local\Temp\ICReinstall_VisualBoyAdvance_Setup.exe C:\Users\Matura\AppData\Local\Temp\UNINSTALL.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION! LastRegBack: 2014-12-05 06:45 ==================== End Of Log ============================