Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-07-2015 Ran by Admin (administrator) on 840G1 on 12-07-2015 22:33:38 Running from C:\Users\Admin\Downloads Loaded Profiles: Admin (Available Profiles: Admin) Platform: Windows 8.1 Pro (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [147160 2013-08-02] (Realtek Semiconductor Corp.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2817776 2015-04-10] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2015-04-10] (IDT, Inc.) HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [6734528 2015-06-17] (SoftPerfect) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2015-04-10] (Intel Corporation) HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-2421392546-3605518563-3085103320-1001\...\MountPoints2: {7df2f888-e600-11e4-8266-ecb1d794976d} - "E:\AutoRun.exe" HKU\S-1-5-21-2421392546-3605518563-3085103320-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2421392546-3605518563-3085103320-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation) BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{33592D31-CB33-4261-9550-5D3ED86BAC00}: [DhcpNameServer] 192.168.16.1 Tcpip\..\Interfaces\{B01493C6-2D80-48E4-A563-50172E2BA6EE}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{E67EE71C-076C-4C57-BCBA-62C42BE127DD}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{F24C06A6-74DE-4463-AF2C-889C5625CD17}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{FABE6190-12ED-4F40-9365-C6CF08F56F9C}: [DhcpNameServer] 192.168.8.1 192.168.8.1 FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\43trn69m.default FF Homepage: onet.pl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-12] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-12] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-10] (Intel Corporation) FF Extension: Flashblock - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\43trn69m.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-05-30] FF Extension: Eliminator Slajdów - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\43trn69m.default\Extensions\jid0-GaZOxvWNYcafEsmayJDIG3XXVi8@jetpack.xpi [2015-04-09] FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\43trn69m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-09] FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn [2015-07-06] Chrome: ======= CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-30] CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - [Not Found] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-30] CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - [Not Found] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.) S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [372920 2013-09-18] (Hewlett-Packard Development Company, L.P.) R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-05-31] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-10-14] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2015-04-10] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242256 2014-08-20] () S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] () R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation) S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe [73200 2015-02-15] (SiSoftware) [File not signed] R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2015-04-10] (IDT, Inc.) [File not signed] S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\BASHDefs\20150617.001\BHDrvx64.sys [1648880 2015-06-17] (Symantec Corporation) S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.) S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation) R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [394520 2014-09-29] (Intel Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-28] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-28] (Symantec Corporation) R3 HpqKbFiltr; C:\Windows\System32\drivers\HpqKbFiltr64.sys [28376 2014-05-15] (Hewlett-Packard Company) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-12-26] (REALiX(tm)) S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [119240 2013-10-14] (Intel Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\IPSDefs\20150623.002\IDSvia64.sys [692984 2015-06-24] (Symantec Corporation) R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-08] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2015-04-10] (Intel Corporation) R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20150623.017\ENG64.SYS [138488 2015-06-24] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20150623.017\EX64.SYS [2146040 2015-06-24] (Symantec Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3494680 2015-03-09] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2015-04-10] (Realsil Semiconductor Corporation) S3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8873688 2013-08-02] (Realtek Semiconductor Corp.) S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2015-04-10] (Synaptics Incorporated) R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2014-08-26] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-04-30] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.) U3 pxldqpod; \??\C:\Users\Admin\AppData\Local\Temp\pxldqpod.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-12 22:33 - 2015-07-12 22:33 - 02133504 _____ (Farbar) C:\Users\Admin\Downloads\frst64.exe 2015-07-12 22:33 - 2015-07-12 22:33 - 00019246 _____ C:\Users\Admin\Downloads\FRST.txt 2015-07-12 22:27 - 2015-07-12 22:28 - 00000814 _____ C:\Users\Admin\Desktop\Nowy dokument tekstowy.txt 2015-07-12 22:21 - 2015-07-12 22:22 - 00380416 _____ C:\Users\Admin\Downloads\7owpb4i4.exe 2015-07-12 22:18 - 2015-07-12 22:33 - 00000000 ____D C:\FRST 2015-07-12 12:24 - 2015-07-12 22:25 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-12 12:24 - 2015-07-12 12:24 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-12 08:15 - 2015-07-12 08:15 - 00000000 ____D C:\Users\Admin\Documents\CyberLink 2015-07-12 08:15 - 2015-07-12 08:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\CyberLink 2015-07-12 08:15 - 2015-07-12 08:15 - 00000000 ____D C:\Users\Admin\AppData\Local\MediaShow 2015-07-08 20:26 - 2015-07-10 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-25 15:17 - 2015-07-08 19:30 - 00001920 _____ C:\Windows\setupact.log 2015-06-25 15:17 - 2015-06-25 15:17 - 00000000 _____ C:\Windows\setuperr.log 2015-06-24 10:32 - 2015-06-24 10:32 - 00000000 ____D C:\Program Files (x86)\ESET 2015-06-24 09:05 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-24 09:05 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-24 09:05 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-24 09:05 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-24 09:05 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-24 09:05 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-24 09:05 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-24 09:05 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-06-24 09:05 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll 2015-06-24 09:05 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-24 09:04 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-24 09:04 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-24 09:04 - 2015-05-16 00:01 - 00133288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-06-24 09:04 - 2015-05-15 23:05 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-06-24 09:04 - 2015-05-15 22:47 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-06-24 09:04 - 2015-05-15 22:23 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-06-24 09:04 - 2015-05-15 21:42 - 03682304 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-06-24 09:04 - 2015-05-15 21:32 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-06-24 09:04 - 2015-05-15 21:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-06-24 09:04 - 2015-05-15 21:28 - 02223104 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-06-24 09:04 - 2015-05-15 21:28 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-06-24 09:04 - 2015-05-15 21:28 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-06-24 09:04 - 2015-05-15 21:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-06-24 09:04 - 2015-05-15 21:21 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-06-24 09:04 - 2015-05-15 21:21 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-06-24 09:04 - 2015-05-15 21:19 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-06-24 09:04 - 2015-05-15 21:19 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-06-24 09:04 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll 2015-06-24 09:04 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-06-24 09:04 - 2015-05-11 20:17 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2015-06-24 09:04 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll 2015-06-24 09:04 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-06-24 09:04 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2015-06-24 09:04 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-06-24 09:04 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-06-24 09:04 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2015-06-24 09:04 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll 2015-06-24 09:04 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll 2015-06-24 09:04 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-06-24 09:04 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2015-06-24 09:04 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-06-24 09:04 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2015-06-24 09:04 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2015-06-24 09:04 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2015-06-24 09:04 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml 2015-06-24 09:04 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2015-06-24 09:04 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2015-06-24 09:04 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2015-06-24 09:04 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls 2015-06-24 09:04 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls 2015-06-24 09:04 - 2015-04-25 04:25 - 00020992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys 2015-06-24 09:04 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2015-06-24 09:04 - 2015-04-23 19:01 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\rndismpx.sys 2015-06-24 09:04 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2015-06-24 09:04 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2015-06-24 08:29 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-24 08:29 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-06-24 08:29 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-06-24 08:29 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-06-24 08:29 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-06-24 08:29 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-06-24 08:29 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-06-24 08:29 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-06-24 08:29 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-06-24 08:29 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-06-24 08:29 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-06-24 08:29 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-06-24 08:29 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-06-24 08:29 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-06-24 08:29 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-06-24 08:29 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-06-24 08:29 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-06-24 08:29 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-06-24 08:29 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-06-24 08:29 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-06-24 08:29 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-24 08:29 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-24 08:29 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-24 08:29 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-24 08:29 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-24 08:29 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-24 08:29 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-24 08:29 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-24 08:29 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-06-24 08:29 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-24 08:29 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-06-24 08:29 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-06-24 08:29 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-24 08:29 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-24 08:29 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-24 08:29 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-24 08:29 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-24 08:29 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-06-24 08:29 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-24 08:29 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-24 08:28 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-24 08:28 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-24 08:28 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2015-06-21 19:20 - 2015-06-21 19:20 - 00000000 ____D C:\Users\Admin\AppData\Local\Foxit Reader 2015-06-20 03:31 - 2015-06-24 09:14 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-20 03:31 - 2015-06-20 03:31 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-06-20 03:31 - 2015-06-20 03:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-06-20 03:31 - 2015-06-20 03:31 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-06-20 03:31 - 2015-06-20 03:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-06-20 03:31 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-06-20 03:31 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-06-20 03:31 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-06-19 18:23 - 2015-07-05 11:06 - 00000000 ____D C:\ProgramData\MobileBrServ 2015-06-19 17:04 - 2015-06-19 17:04 - 00000000 ____D C:\Users\Admin\AppData\Local\GWX 2015-06-17 22:11 - 2015-06-24 10:59 - 00000000 ____D C:\Program Files\NetWorx 2015-06-17 22:11 - 2015-06-17 22:11 - 00000000 ____D C:\ProgramData\SoftPerfect 2015-06-17 22:11 - 2015-06-17 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWorx 2015-06-15 16:30 - 2015-06-15 16:30 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Locktime 2015-06-15 16:29 - 2015-06-17 21:53 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin 2015-06-15 16:29 - 2015-06-15 16:29 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Locktime Software 2015-06-15 16:29 - 2015-06-15 16:29 - 00000000 ____D C:\ProgramData\Locktime 2015-06-13 18:06 - 2015-06-13 18:06 - 00085952 _____ C:\Users\Admin\Documents\cc_20150613_180622.reg ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-12 22:29 - 2015-05-24 23:04 - 01390260 _____ C:\Windows\WindowsUpdate.log 2015-07-12 22:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-07-12 21:37 - 2015-04-09 17:34 - 00000000 ____D C:\Users\Admin\AppData\Roaming\foobar2000 2015-07-12 20:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-07-12 20:08 - 2014-12-26 15:54 - 01971452 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-12 20:08 - 2013-09-17 00:43 - 00840878 _____ C:\Windows\system32\perfh015.dat 2015-07-12 20:08 - 2013-09-17 00:43 - 00180518 _____ C:\Windows\system32\perfc015.dat 2015-07-12 18:33 - 2015-04-08 16:01 - 00003972 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{67A0A3B1-2297-4F6F-8CC7-821AEE400C9D} 2015-07-12 12:24 - 2015-04-08 16:38 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe 2015-07-12 08:15 - 2014-12-26 16:33 - 00000000 ____D C:\ProgramData\CyberLink 2015-07-12 08:15 - 2014-12-26 16:32 - 00000000 ____D C:\Users\Public\CyberLink 2015-07-10 19:55 - 2015-04-16 10:37 - 00000000 __RDO C:\Users\Admin\OneDrive 2015-07-10 19:55 - 2015-04-08 16:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-07-06 11:37 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-06 11:37 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-07-06 10:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2015-07-06 10:18 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2015-07-05 11:10 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2015-06-25 13:23 - 2014-12-26 16:00 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2421392546-3605518563-3085103320-1001 2015-06-24 11:00 - 2015-05-05 23:31 - 00000000 ____D C:\Users\Admin\Downloads\setup 2015-06-24 09:07 - 2015-05-31 13:25 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-24 09:07 - 2015-05-17 17:33 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-24 09:07 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData 2015-06-24 09:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore 2015-06-24 09:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-06-24 09:06 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-06-24 08:38 - 2015-01-05 08:34 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log 2015-06-24 08:33 - 2013-08-22 16:44 - 00412016 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-24 08:32 - 2015-04-08 17:37 - 00000000 ____D C:\Windows\system32\MRT 2015-06-24 08:29 - 2015-04-09 14:52 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-06-22 06:02 - 2015-04-16 09:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent 2015-06-22 06:02 - 2015-04-11 08:47 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps 2015-06-21 20:15 - 2015-04-08 16:46 - 00000000 ____D C:\Program Files (x86)\SpeedFan 2015-06-21 20:14 - 2015-04-12 08:47 - 00007622 _____ C:\Users\Admin\AppData\Local\Resmon.ResmonCfg 2015-06-20 05:02 - 2015-04-16 12:27 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-06-20 05:02 - 2015-04-16 12:27 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-20 03:43 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Vss ==================== Files in the root of some directories ======= 2015-04-08 16:33 - 2015-06-04 20:16 - 14848000 _____ () C:\Users\Admin\AppData\Roaming\Sandra.mdb 2015-04-12 08:47 - 2015-06-21 20:14 - 0007622 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-05 11:04 ==================== End of log ============================