Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by wojtek (administrator) on AV3 on 11-04-2015 19:30:09 Running from C:\pcfixit Loaded Profiles: wojtek (Available profiles: wojtek) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Atheros Communications) C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\wojtek\Desktop\pcfixit\FRST64.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010800 2013-01-17] (Synaptics Incorporated) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7138816 2014-04-29] (Broadcom Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-04-01] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297624 2015-02-03] (COMODO) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2015-02-21] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387224 2015-02-21] (Realtek Semiconductor) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2015-02-21] (Intel Corporation) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2015-02-21] (Dolby Laboratories Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe [133760 2015-02-21] ( (Atheros Communications)) HKU\S-1-5-21-2773007221-4202116597-1637250590-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-2773007221-4202116597-1637250590-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-23] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-03-23] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 194.204.159.1 194.204.152.34 FireFox: ======== FF ProfilePath: C:\Users\wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\06gqjo9a.default-1424454826453 FF Homepage: https://google.pl/ FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) Chrome: ======= CHR HomePage: Default -> https://www.google.pl/ CHR StartupUrls: Default -> "https://www.google.pl/" CHR Profile: C:\Users\wojtek\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-17] CHR Extension: (Google Docs) - C:\Users\wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-17] CHR Extension: (Google Drive) - C:\Users\wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-17] CHR Extension: (YouTube) - C:\Users\wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-17] CHR Extension: (Adblock Plus) - C:\Users\wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-17] CHR Extension: (Google Search) - C:\Users\wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-17] CHR Extension: (Google Sheets) - C:\Users\wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-17] CHR Extension: (Disconnect) - C:\Users\wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2015-03-22] CHR Extension: (Ghostery) - C:\Users\wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-02-18] CHR Extension: (Google Wallet) - C:\Users\wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-17] CHR Extension: (Gmail) - C:\Users\wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-17] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [318592 2015-02-21] (Windows (R) Win 7 DDK provider) [File not signed] R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2015-02-03] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2015-02-03] (COMODO) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-04-01] (NVIDIA Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2000-01-01] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-04-01] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-04-01] (NVIDIA Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5824512 2014-04-29] (Broadcom Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2015-02-21] (Qualcomm Atheros) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2015-01-30] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2015-01-30] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2015-01-30] (COMODO) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-01] (Disc Soft Ltd) R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2015-01-30] (COMODO) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2000-01-01] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-12-23] (NVIDIA Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-11 19:27 - 2015-04-11 19:30 - 00000000 ____D () C:\FRST 2015-04-01 22:41 - 2015-04-11 19:30 - 00000000 ____D () C:\pcfixit 2015-03-27 20:22 - 2015-03-27 20:22 - 00000810 _____ () C:\Users\Public\Desktop\Pillars of Eternity.lnk 2015-03-26 22:57 - 2015-03-26 22:57 - 00000000 ____D () C:\Users\wojtek\AppData\Roaming\NVIDIA 2015-03-23 21:52 - 2015-03-23 22:01 - 00000000 ____D () C:\Windows\SysWOW64\NV 2015-03-23 21:52 - 2015-03-23 22:01 - 00000000 ____D () C:\Windows\system32\NV 2015-03-23 21:52 - 2015-03-23 21:52 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-03-23 21:51 - 2015-03-23 21:51 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-03-23 21:51 - 2015-03-13 18:16 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-03-23 21:51 - 2015-03-13 18:16 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-03-23 21:51 - 2015-03-13 18:16 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-03-23 21:51 - 2015-03-13 18:16 - 01099408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2015-03-23 21:51 - 2015-03-13 18:16 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-03-23 21:51 - 2015-03-13 18:16 - 00075976 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2015-03-23 21:51 - 2015-03-13 18:16 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-03-23 21:51 - 2015-03-11 15:10 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin 2015-03-23 21:45 - 2015-03-23 21:50 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-03-23 21:45 - 2015-03-23 21:50 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-03-23 21:45 - 2015-03-23 21:50 - 00032456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys 2015-03-23 21:45 - 2015-03-13 21:41 - 00027441 _____ () C:\Windows\system32\nvinfo.pb 2015-03-23 20:51 - 2015-03-23 20:51 - 00000000 ____D () C:\Users\wojtek\Documents\Colossal Order 2015-03-23 20:51 - 2015-03-23 20:51 - 00000000 ____D () C:\Users\wojtek\AppData\Roaming\Colossal Order 2015-03-23 20:51 - 2015-03-23 20:51 - 00000000 ____D () C:\Users\wojtek\AppData\Roaming\.mono 2015-03-23 20:51 - 2015-03-23 20:51 - 00000000 ____D () C:\Users\wojtek\AppData\Local\Colossal Order 2015-03-23 20:51 - 2015-03-23 20:51 - 00000000 ____D () C:\ProgramData\.mono 2015-03-23 20:50 - 2015-03-23 20:50 - 00000653 _____ () C:\Users\wojtek\Desktop\Cities Skylines.lnk 2015-03-23 20:50 - 2015-03-23 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines 2015-03-21 17:03 - 2015-03-23 20:47 - 00000000 ____D () C:\Program Files (x86)\edeklaracje 2015-03-21 17:03 - 2015-03-21 17:03 - 00000000 ____D () C:\Users\wojtek\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 2015-03-21 17:03 - 2015-03-21 17:03 - 00000000 ____D () C:\Users\wojtek\AppData\Roaming\e-Deklaracje 2015-03-14 16:17 - 2015-03-14 16:22 - 00000000 ____D () C:\Users\wojtek\Documents\Eador 2015-03-14 16:16 - 2015-03-14 16:16 - 00000761 _____ () C:\Users\wojtek\Desktop\Eador - Masters of the Broken World.lnk 2015-03-14 16:16 - 2015-03-14 16:16 - 00000000 ____D () C:\Users\wojtek\AppData\Roaming\Eador - Masters of the Broken World 2015-03-14 16:16 - 2015-03-14 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2015-03-12 19:18 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-03-12 19:18 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-11 19:28 - 2014-04-29 22:59 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat 2015-04-11 19:26 - 2009-07-14 06:45 - 00021504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-11 19:26 - 2009-07-14 06:45 - 00021504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-11 19:23 - 2015-02-17 20:18 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-11 19:23 - 2015-02-17 20:18 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-11 19:23 - 2014-04-29 21:27 - 01185036 _____ () C:\Windows\WindowsUpdate.log 2015-04-11 19:19 - 2009-07-14 06:51 - 00118900 _____ () C:\Windows\setupact.log 2015-04-11 19:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-10 21:15 - 2014-04-30 20:16 - 00000000 ____D () C:\Users\wojtek\AppData\Roaming\uTorrent 2015-04-07 19:20 - 2014-05-17 13:54 - 00000000 ____D () C:\Users\wojtek\AppData\Roaming\foobar2000 2015-04-05 11:28 - 2011-02-04 19:38 - 00847002 _____ () C:\Windows\system32\perfh015.dat 2015-04-05 11:28 - 2011-02-04 19:38 - 00216736 _____ () C:\Windows\system32\perfc015.dat 2015-04-05 11:28 - 2009-07-14 07:13 - 01839840 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-01 23:10 - 2014-12-12 20:39 - 00757176 _____ () C:\Windows\system32\Drivers\fvstore.dat 2015-04-01 22:35 - 2015-02-16 22:50 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-31 22:02 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-03-28 05:44 - 2014-06-03 20:49 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-03-28 05:44 - 2014-04-29 22:51 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-03-28 05:43 - 2014-06-03 20:49 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-03-28 05:43 - 2014-04-29 22:51 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-03-27 20:22 - 2014-10-18 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-03-27 20:22 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-03-25 21:50 - 2014-05-28 21:30 - 00000000 ____D () C:\Users\wojtek\Documents\My Games 2015-03-25 21:48 - 2014-07-05 16:37 - 00000000 ____D () C:\Users\wojtek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-03-25 21:48 - 2014-06-25 19:11 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-03-25 21:47 - 2014-04-30 20:15 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-03-25 21:46 - 2014-04-29 21:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-03-23 21:51 - 2014-04-29 22:50 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2015-03-23 21:51 - 2014-04-29 22:50 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-03-23 21:51 - 2014-04-29 22:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-03-23 21:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2015-03-21 17:01 - 2014-10-16 21:31 - 00000000 ____D () C:\Users\wojtek\AppData\Local\Adobe 2015-03-21 17:01 - 2014-04-30 20:14 - 00000000 ____D () C:\ProgramData\Adobe 2015-03-21 17:01 - 2014-04-30 20:04 - 00000000 ____D () C:\Users\wojtek\AppData\Roaming\Adobe 2015-03-15 15:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-03-14 16:22 - 2014-07-13 19:14 - 00000000 ____D () C:\Users\wojtek\AppData\Local\SKIDROW 2015-03-14 01:27 - 2015-03-02 23:50 - 00000000 ____D () C:\Users\wojtek\Documents\BloodBowlChaos 2015-03-12 19:21 - 2010-11-21 05:47 - 00069386 _____ () C:\Windows\PFRO.log 2015-03-12 19:21 - 2009-07-14 06:45 - 00409032 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-12 19:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-12 19:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-12 19:18 - 2014-04-30 21:25 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-12 19:18 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini 2015-03-12 19:09 - 2014-04-30 18:27 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-12 19:01 - 2014-04-30 18:26 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Files in the root of some directories ======= 2014-04-29 22:29 - 2014-04-29 22:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-01-04 22:44 - 2015-01-04 22:44 - 0003584 _____ () C:\ProgramData\wtwLicensing.db ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-07 20:34 ==================== End Of Log ============================