Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015 Ran by Marcin (administrator) on MARCIN-XNOTE on 24-07-2015 11:01:48 Running from C:\Users\Marcin\Downloads Loaded Profiles: Marcin (Available Profiles: Marcin) Platform: Windows 8.1 Pro (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\Program Files (x86)\Intel\HPWA\iBTAudioSrv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Hotkey\PowerBiosServer.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe () C:\Program Files (x86)\WizMouse\WizMouse.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Valve Corporation) D:\Programy\Steam\Steam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\Hotkey\Hotkey.exe (Intel Corporation) C:\Program Files (x86)\Intel\HPWA\iBTAudioMon.exe (Dropbox, Inc.) C:\Users\Marcin\AppData\Roaming\Dropbox\bin\Dropbox.exe (ShareX Developers) C:\Program Files\ShareX\ShareX.exe (GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe (Valve Corporation) D:\Programy\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Piotr Pawlowski) C:\Users\Marcin\SkyDrive\foobar2000\foobar2000.exe () C:\Users\Marcin\SkyDrive\foobar2000\user-components\foo_out_asio\ASIOhost32.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4688048 2015-04-04] (VIA) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3272968 2015-04-04] (ELAN Microelectronics Corp.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKU\S-1-5-21-532919332-968226284-4016100017-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.) HKU\S-1-5-21-532919332-968226284-4016100017-1001\...\Run: [Steam] => D:\Programy\Steam\steam.exe [2895552 2015-07-21] (Valve Corporation) HKU\S-1-5-21-532919332-968226284-4016100017-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2015-04-06] (BitTorrent, Inc.) HKU\S-1-5-21-532919332-968226284-4016100017-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team) HKU\S-1-5-21-532919332-968226284-4016100017-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7247416 2015-07-21] (GOG.com) HKU\S-1-5-21-532919332-968226284-4016100017-1001\...\Run: [Dropbox Update] => C:\Users\Marcin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk [2015-04-04] ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\Hotkey.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iBTAudioMon.lnk [2015-04-04] ShortcutTarget: iBTAudioMon.lnk -> C:\Program Files (x86)\Intel\HPWA\iBTAudioMon.exe (Intel Corporation) Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-07-02] ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-04] ShortcutTarget: Dropbox.lnk -> C:\Users\Marcin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shadowplay.lnk [2015-04-28] ShortcutTarget: Shadowplay.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA) Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2015-04-04] ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Developers) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-532919332-968226284-4016100017-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/ BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Programy\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Programy\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-04] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-04] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programy\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 208.67.220.220 208.67.220.222 Tcpip\..\Interfaces\{7D50BCBE-8CC7-405C-9F66-F4C47E72D4F9}: [DhcpNameServer] 208.67.220.220 208.67.220.222 Tcpip\..\Interfaces\{80FEE2CB-6817-4DBA-B5F6-A7FCD4B339B1}: [NameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{80FEE2CB-6817-4DBA-B5F6-A7FCD4B339B1}: [DhcpNameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{CA264A78-39B1-42F0-B78B-A9651758DFE6}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{CA264A78-39B1-42F0-B78B-A9651758DFE6}: [DhcpNameServer] 192.168.100.1 FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programy\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-04] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-04] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-04] CHR Extension: (Google Docs) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-04] CHR Extension: (Google Drive) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-04] CHR Extension: (Dark Skin for Youtube™) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2015-04-04] CHR Extension: (MEGA) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-04-04] CHR Extension: (YouTube) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-04] CHR Extension: (Advanced Font Settings) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\caclkomlalccbpcdllchkeecicepbmbm [2015-04-04] CHR Extension: (uBlock Origin) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-04-04] CHR Extension: (Webpage Screenshot) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2015-04-04] CHR Extension: (Google Search) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-04] CHR Extension: (Tampermonkey) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-04-04] CHR Extension: (Empty New Tab Page) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij [2015-07-21] CHR Extension: (Eliminator Slajdów) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eplekpmdodlgejgogbojajncdlapamff [2015-04-04] CHR Extension: (Google Sheets) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-04] CHR Extension: (Stylish) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2015-04-04] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-04-04] CHR Extension: (Image Properties Context Menu) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\khagclindddokccfbmfmckaflngbmpon [2015-04-04] CHR Extension: (imgur Uploader) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcpkicdemehhmkjolekhlglljnkggfcf [2015-04-04] CHR Extension: (Linkclump) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2015-04-04] CHR Extension: (SmoothScroll) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbokbjkabcmbfdlbddjidfmibcpneigj [2015-04-04] CHR Extension: (Chrome Web Store Payments) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-04] CHR Extension: (Gmail) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-07-02] (Adobe Systems) [File not signed] S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2015-04-04] (ELAN Microelectronics Corp.) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1718840 2015-07-21] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6871608 2015-07-21] (GOG.com) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-14] (NVIDIA Corporation) R2 iBTAudioSrv; C:\Program Files (x86)\Intel\HPWA\iBTAudioSrv.exe [560584 2014-02-26] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-14] (NVIDIA Corporation) R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [46080 2013-12-26] () [File not signed] R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed] R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-04-04] (VIA Technologies, Inc.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AirplaneModeHid; C:\Windows\system32\DRIVERS\AirplaneModeHid.sys [26888 2013-06-27] (Insyde Corporation) U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [304296 2015-04-07] (Alcohol Soft Development Team) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.) R3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [595456 2014-09-19] (C-MEDIA) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [118400 2015-04-12] (VSO Software) R3 ibtsdp; C:\Windows\system32\DRIVERS\ibtsdp.sys [40904 2014-02-26] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [199624 2015-04-04] (Intel Corporation) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-21] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3446240 2014-06-18] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation) S3 Pcatip; C:\Windows\SysWOW64\DRIVERS\PcAtip.sys [64000 2003-07-23] (VSO Software) [File not signed] S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [95552 2004-01-26] (Protection Technology) [File not signed] S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed] S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed] R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-04-07] (Duplex Secure Ltd.) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116232 2015-03-16] (Oracle Corporation) R3 VMfilt; C:\Windows\system32\drivers\VMfilt64.sys [30728 2015-04-04] (Creative Technology Ltd.) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X] S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X] S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X] S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-24 11:01 - 2015-07-24 11:02 - 00024604 _____ C:\Users\Marcin\Downloads\FRST.txt 2015-07-23 18:24 - 2015-07-23 18:24 - 00010975 _____ C:\Users\Marcin\Downloads\Run the Jewels - Meowrly - 2015 (WEB - MP3 - 320).torrent 2015-07-23 15:39 - 2015-07-23 15:39 - 00710457 _____ C:\Users\Marcin\Downloads\NAPRAWDE DOBRY TEMAT.flac 2015-07-23 10:23 - 2015-07-23 10:23 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-07-22 20:36 - 2015-07-22 20:36 - 05115041 _____ C:\Users\Marcin\Downloads\eac-1.1.exe 2015-07-22 20:23 - 2015-07-22 20:23 - 00000519 _____ C:\Users\Marcin\Downloads\paulla_-_nigdy_nie_mow_zawsze_2008_reedycja.exe.torrent 2015-07-22 20:12 - 2015-07-23 00:04 - 00000000 ____D C:\Users\Marcin\Desktop\rip 2015-07-22 11:46 - 2015-07-22 11:46 - 00011199 _____ C:\Users\Marcin\Downloads\Eminem - The Eminem Show - 2002 (CD - FLAC - Lossless).torrent 2015-07-22 10:57 - 2015-07-22 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin 3® - Dziki Gon [GOG.com] 2015-07-22 09:46 - 2015-07-22 09:46 - 00000000 ____D C:\Users\Marcin\AppData\Local\CEF 2015-07-21 23:52 - 2015-07-21 23:52 - 09731421 _____ C:\Users\Marcin\Downloads\TEDE - TULIPAN (prod. SIR MICH) - STUDIO VIDEO - ELLIMINATI 2013.mp4 2015-07-21 23:51 - 2015-07-21 23:51 - 31809611 _____ C:\Users\Marcin\Downloads\28. TEDE - TULIPAN (prod. Sir Mich) - ELLIMINATI 2013.mp4 2015-07-21 22:36 - 2015-07-21 22:36 - 02248704 _____ C:\Users\Marcin\Downloads\AdwCleaner (1).exe 2015-07-21 14:33 - 2015-07-21 14:40 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-21 14:33 - 2015-07-21 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-07-21 14:33 - 2015-07-21 14:33 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-07-21 14:33 - 2015-07-21 14:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-07-21 14:33 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-07-21 14:33 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-07-21 14:33 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-07-21 14:32 - 2015-07-21 14:32 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Marcin\Downloads\mbam-setup-2.1.8.1057.exe 2015-07-21 10:13 - 2015-07-21 10:13 - 00380416 _____ C:\Users\Marcin\Downloads\33ubw59m.exe 2015-07-21 10:08 - 2015-07-24 11:01 - 00000000 ____D C:\FRST 2015-07-21 10:08 - 2015-07-21 10:08 - 02135552 _____ (Farbar) C:\Users\Marcin\Downloads\FRST64.exe 2015-07-21 09:57 - 2015-07-21 22:38 - 00000000 ____D C:\AdwCleaner 2015-07-21 09:57 - 2015-07-21 09:57 - 02248704 _____ C:\Users\Marcin\Downloads\AdwCleaner.exe 2015-07-21 09:54 - 2015-07-21 09:54 - 00000000 ____D C:\Windows\LastGood 2015-07-21 09:54 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-07-21 09:54 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-07-21 01:05 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-07-21 01:05 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-07-21 01:05 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-07-21 01:05 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-07-20 22:09 - 2015-07-20 22:09 - 00058794 _____ C:\Users\Marcin\Downloads\Vocaroo_s1HPXLoOsV5T.flac 2015-07-20 17:15 - 2015-07-20 17:15 - 00018233 _____ C:\Users\Marcin\Downloads\BonSoul (Bonson x Soulpete) - Lepiej Nie Pytać - 2015 (CD - FLAC - Lossless) (1).torrent 2015-07-20 17:14 - 2015-07-20 17:14 - 00018233 _____ C:\Users\Marcin\Downloads\BonSoul (Bonson x Soulpete) - Lepiej Nie Pytać - 2015 (CD - FLAC - Lossless).torrent 2015-07-20 15:47 - 2015-07-20 15:47 - 05815461 _____ C:\Users\Marcin\Downloads\Another World.m4a 2015-07-19 18:56 - 2015-07-19 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster 2015-07-19 18:50 - 2015-07-19 18:51 - 00000000 ____D C:\Users\Marcin\Downloads\IsoBuster PRO 3.3 Final+Key {AmanPC} 2015-07-17 21:33 - 2015-07-17 21:34 - 144816401 _____ C:\Users\Marcin\Downloads\Quiz Goście - Materiał producencki(2009)[320kbps].rar 2015-07-17 19:38 - 2015-07-17 19:38 - 00778295 _____ C:\Users\Marcin\Downloads\XySubFilter_3.1.0.705_x64_BETA2.zip 2015-07-17 19:37 - 2015-07-17 19:37 - 00897805 _____ C:\Users\Marcin\Downloads\xy-VSFilter_3.0.0.306_x64.zip 2015-07-17 19:04 - 2015-07-17 19:04 - 01370291 _____ C:\Users\Marcin\Downloads\Mpdn.Extensions.zip 2015-07-17 19:02 - 2015-07-17 19:02 - 07915638 _____ C:\Users\Marcin\Downloads\MediaPlayerDotNet_x64_2_35_0_3181.zip 2015-07-17 11:54 - 2015-07-17 11:54 - 00318588 _____ C:\Users\Marcin\Downloads\yxGh7.zip 2015-07-16 19:14 - 2015-07-17 19:14 - 00065970 _____ C:\Users\Marcin\AppData\Local\MediaPlayerDotNet.exe.dump 2015-07-16 19:08 - 2015-07-16 19:08 - 00000000 ____D C:\Users\Marcin\.MakeMKV 2015-07-15 20:51 - 2015-07-15 20:51 - 00000945 _____ C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THUG2.lnk 2015-07-15 19:53 - 2015-07-15 19:54 - 00471059 _____ C:\Users\Marcin\Downloads\TonyHawksUnderground2_widescreen_fix.zip 2015-07-15 19:47 - 2015-07-15 19:47 - 00000277 _____ C:\Windows\thug2.ini 2015-07-15 19:47 - 2015-07-15 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision 2015-07-15 11:43 - 2015-07-15 11:43 - 00513548 _____ C:\Users\Marcin\Downloads\THUG_1_MI.7z 2015-07-15 10:15 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-07-15 10:15 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-07-15 10:15 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-07-15 10:15 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-07-15 10:15 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-07-15 10:15 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-07-15 10:15 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-07-15 10:15 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-07-15 10:15 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-07-15 10:15 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-07-15 10:15 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-07-15 10:15 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-07-15 10:15 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-07-15 10:15 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-07-15 10:15 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-07-15 10:15 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-07-15 10:15 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-07-15 10:15 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-07-15 10:15 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-07-15 10:15 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-07-15 10:15 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-07-15 10:15 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-07-15 10:15 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll 2015-07-15 10:14 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-07-15 10:14 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-07-15 10:14 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-07-15 10:14 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-07-15 10:14 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-07-15 10:14 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-07-15 10:14 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-07-15 10:14 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-07-15 10:14 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-07-15 10:14 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-07-15 10:14 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-07-15 10:14 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-07-15 10:14 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-07-15 10:14 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-07-15 10:14 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-07-15 10:14 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-07-15 10:14 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-07-15 10:14 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-07-15 10:14 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-07-15 10:14 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-07-15 10:14 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-07-15 10:14 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2015-07-15 10:14 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-07-15 10:14 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-07-15 10:14 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-07-15 10:14 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-07-15 10:14 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-07-15 10:14 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-07-15 10:14 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2015-07-15 10:14 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-07-15 10:14 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-07-15 10:14 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-07-15 10:14 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-07-15 10:14 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-07-15 10:14 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-07-15 10:14 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2015-07-15 10:14 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-07-15 10:14 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-07-15 10:14 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-07-15 10:14 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-07-15 10:14 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-07-15 10:14 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-07-15 10:14 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-07-15 10:14 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-07-15 10:14 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-07-15 10:14 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2015-07-15 10:14 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-07-15 10:14 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-07-15 10:14 - 2015-05-11 20:17 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2015-07-15 10:14 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-07-15 10:14 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2015-07-15 10:14 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-07-15 10:14 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2015-07-15 10:14 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll 2015-07-15 10:14 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll 2015-07-15 10:14 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-07-15 10:14 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-07-15 10:14 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2015-07-15 10:14 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2015-07-15 10:14 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-07-15 10:14 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2015-07-15 10:13 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-07-15 10:13 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-07-15 10:13 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-07-15 10:13 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-07-15 10:13 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-07-15 10:13 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-07-15 10:13 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-07-15 10:13 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-07-15 10:13 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-07-15 10:13 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-07-15 10:13 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-07-15 10:13 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-07-15 10:13 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll 2015-07-15 10:13 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml 2015-07-15 10:13 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls 2015-07-15 10:13 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls 2015-07-15 10:12 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-07-15 10:12 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-07-15 10:12 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-07-15 10:12 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-07-15 10:12 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-07-15 10:12 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-07-15 10:12 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-07-15 10:12 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-07-15 10:12 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-07-15 10:12 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-07-15 10:12 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-07-15 10:12 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2015-07-15 10:12 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll 2015-07-15 10:12 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-07-15 10:12 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2015-07-15 10:12 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2015-07-15 10:12 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2015-07-15 10:12 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2015-07-15 10:12 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys 2015-07-14 20:07 - 2015-07-14 20:08 - 30800908 _____ C:\Users\Marcin\Downloads\Hit & Myth (E) (M5) (Beta) (Cracked by SHiZMO).zip 2015-07-13 15:33 - 2015-07-13 15:33 - 19524290 _____ C:\Users\Marcin\Downloads\5000.mp4 2015-07-13 11:48 - 2015-07-13 11:48 - 135518955 _____ C:\Users\Marcin\Downloads\1 Mile North - Altare Della Patria [2004].rar 2015-07-12 23:17 - 2015-07-12 23:17 - 14531440 _____ C:\Users\Marcin\Downloads\Pezet _Niepublikowane_ _2008_.zip 2015-07-12 21:02 - 2015-07-12 21:03 - 104033591 _____ C:\Users\Marcin\Downloads\Hardbass Wadowice.rar 2015-07-12 19:24 - 2015-07-12 19:24 - 00000756 _____ C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dolphin.lnk 2015-07-11 21:15 - 2015-07-11 21:15 - 01809704 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Marcin\Downloads\GPU-Z.0.8.4 (1).exe 2015-07-11 21:15 - 2015-07-11 21:15 - 01809704 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Marcin\Desktop\GPU-Z.0.8.4 (1).exe 2015-07-11 20:55 - 2015-07-11 21:11 - 00000000 ____D C:\Users\Marcin\Documents\Dolphin Emulator 2015-07-11 20:53 - 2015-07-11 20:54 - 04463952 _____ (Igor Pavlov) C:\Users\Marcin\Downloads\dolphin-4.0-win64.exe 2015-07-10 19:20 - 2015-07-10 19:20 - 00000000 __HDC C:\ProgramData\{9BB9AFDF-B121-4AA5-8EE1-7025523E0E09} 2015-07-08 00:25 - 2015-07-08 01:10 - 00000000 ____D C:\Program Files\MailShare 2015-07-08 00:25 - 2009-12-12 16:15 - 00206848 _____ C:\Windows\system32\unrar.dll 2015-07-06 20:23 - 2015-07-06 20:23 - 00000776 _____ C:\Users\Public\Desktop\Doom 3 BFG Edition.lnk 2015-07-06 20:23 - 2015-07-06 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks 2015-07-05 19:27 - 2015-07-23 17:52 - 00012001 _____ C:\Windows\setupact.log 2015-07-05 19:27 - 2015-07-05 19:27 - 00000000 _____ C:\Windows\setuperr.log 2015-07-05 00:10 - 2015-07-05 00:10 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\higan 2015-07-04 22:35 - 2015-07-04 22:37 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Marble Blast Platinum 2015-07-04 22:35 - 2015-07-04 22:35 - 00000000 ____D C:\ProgramData\Sun 2015-07-04 22:35 - 2015-07-04 22:34 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-07-04 22:34 - 2015-07-04 22:34 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marble Blast Gold 2015-07-04 22:34 - 2015-07-04 22:34 - 00000000 ____D C:\ProgramData\Oracle 2015-07-04 22:34 - 2015-07-04 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marble Blast Gold 2015-07-04 22:34 - 2015-07-04 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-07-04 22:34 - 2015-07-04 22:34 - 00000000 ____D C:\Program Files (x86)\Java 2015-07-04 15:57 - 2015-07-04 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ballance 2015-07-03 00:24 - 2015-07-04 14:07 - 00005070 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MARCIN-XNOTE-Marcin Marcin-Xnote 2015-07-02 15:47 - 2015-07-02 15:56 - 00000000 ____D C:\Users\Marcin\AppData\Local\Adobe 2015-07-02 15:36 - 2015-07-02 15:36 - 00002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk 2015-07-02 15:35 - 2015-07-02 15:35 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF 2015-07-02 15:34 - 2015-07-02 15:37 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-07-02 15:34 - 2015-07-02 15:34 - 00002083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk 2015-07-02 15:34 - 2015-07-02 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2015-07-02 15:33 - 2015-07-02 15:33 - 00001681 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk 2015-07-02 15:33 - 2015-07-02 15:33 - 00001678 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk 2015-07-02 15:33 - 2015-07-02 15:33 - 00000000 ____D C:\ProgramData\Adobe 2015-07-02 11:34 - 2015-07-02 11:51 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\RenPy 2015-07-01 22:55 - 2015-07-01 18:53 - 916325376 _____ C:\Users\Marcin\Desktop\asd.ova 2015-06-30 20:17 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-06-30 20:17 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-06-30 20:17 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-06-29 16:05 - 2015-06-29 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace 2015-06-29 16:05 - 2015-06-29 16:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2015-06-29 15:58 - 2015-06-29 20:54 - 00000000 ____D C:\Users\Marcin\AppData\Local\Fallout3 2015-06-29 15:44 - 2015-06-29 15:44 - 00000000 ____D C:\Windows\SysWOW64\xlive 2015-06-27 10:50 - 2015-06-27 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ 2015-06-25 18:19 - 2015-06-25 18:19 - 00001314 _____ C:\Windows\DIFx.log 2015-06-25 18:19 - 2015-06-25 18:19 - 00000000 ____D C:\Windows\SysWOW64\AGEIA 2015-06-25 18:19 - 2015-06-25 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGEIA 2015-06-25 18:19 - 2015-06-25 18:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2015-06-25 09:53 - 2015-06-25 09:53 - 00000000 ____D C:\Windows\pss 2015-06-24 21:00 - 2015-06-24 21:52 - 00000408 __RSH C:\ProgramData\ntuser.pol 2015-06-24 18:27 - 2015-06-24 18:27 - 00000000 ____D C:\Users\Marcin\AppData\Local\Ascaron Entertainment 2015-06-24 18:26 - 2015-06-24 18:26 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll 2015-06-24 18:26 - 2015-06-24 18:26 - 00000000 __RHD C:\Users\Marcin\AppData\Roaming\SecuROM 2015-06-24 15:31 - 2008-07-12 08:18 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2015-06-24 15:31 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2015-06-24 15:31 - 2008-07-12 08:18 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2015-06-24 15:31 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2015-06-24 15:31 - 2008-07-12 08:18 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2015-06-24 15:31 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2015-06-24 15:30 - 2015-06-24 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver 2015-06-24 12:27 - 2015-06-24 12:27 - 00003094 _____ C:\Windows\System32\Tasks\{684A648F-E3FE-443D-9767-3A2C21706DA0} 2015-06-24 12:20 - 2015-06-24 12:20 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tony Hawks Pro Skater 3 2015-06-24 12:20 - 2015-06-24 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tony Hawks Pro Skater 3 2015-06-24 12:19 - 2015-06-24 12:20 - 00000709 _____ C:\Windows\Thps3.INI ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-24 11:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-07-24 10:57 - 2015-06-20 20:27 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS 2015-07-24 10:56 - 2015-04-04 17:26 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Skype 2015-07-24 10:56 - 2015-04-04 09:59 - 00004004 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1023B49E-8437-4528-8D94-5BF75B740E49} 2015-07-24 10:56 - 2015-04-04 09:53 - 01266646 _____ C:\Windows\WindowsUpdate.log 2015-07-24 10:54 - 2015-04-04 13:29 - 00003320 _____ C:\Windows\System32\Tasks\WizMouse 2015-07-24 10:54 - 2015-04-04 12:53 - 00000000 ___RD C:\Users\Marcin\Dropbox 2015-07-24 10:54 - 2015-04-04 12:49 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Dropbox 2015-07-24 10:53 - 2015-04-06 16:56 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\uTorrent 2015-07-24 10:52 - 2015-04-04 10:52 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-24 10:52 - 2015-04-04 09:58 - 00000000 ____D C:\Users\Marcin\SkyDrive 2015-07-24 01:48 - 2015-04-04 20:41 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Audacity 2015-07-24 01:08 - 2015-06-17 22:55 - 00001192 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-532919332-968226284-4016100017-1001UA.job 2015-07-24 01:08 - 2015-04-04 10:52 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-23 19:08 - 2015-06-17 22:55 - 00001140 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-532919332-968226284-4016100017-1001Core.job 2015-07-23 16:15 - 2015-04-04 10:04 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-532919332-968226284-4016100017-1001 2015-07-23 13:39 - 2015-04-04 20:43 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Mp3tag 2015-07-22 21:38 - 2015-04-15 23:09 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\AccurateRip 2015-07-22 20:37 - 2015-04-12 14:47 - 00000000 ____D C:\Program Files (x86)\Exact Audio Copy 2015-07-22 20:36 - 2015-04-07 14:03 - 00000000 ____D C:\Users\Marcin\Desktop\Tmp 2015-07-22 11:39 - 2015-05-19 16:06 - 00000000 ____D C:\Users\Marcin\Documents\The Witcher 3 2015-07-22 11:35 - 2015-05-19 16:06 - 00000000 ____D C:\Users\Marcin\AppData\Local\GalaxyCommunicationService 2015-07-21 19:43 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-07-21 09:55 - 2015-04-04 10:15 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-07-21 09:44 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-21 09:44 - 2013-08-22 16:44 - 00485112 _____ C:\Windows\system32\FNTCACHE.DAT 2015-07-21 02:39 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-07-21 01:16 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-07-20 14:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2015-07-20 11:12 - 2015-04-04 13:35 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\spek 2015-07-19 23:12 - 2015-05-19 16:01 - 00000000 ____D C:\Program Files (x86)\GalaxyClient 2015-07-19 19:40 - 2013-09-30 06:15 - 01825074 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-19 19:40 - 2013-09-30 05:56 - 00807160 _____ C:\Windows\system32\perfh015.dat 2015-07-19 19:40 - 2013-09-30 05:56 - 00163478 _____ C:\Windows\system32\perfc015.dat 2015-07-19 19:29 - 2015-04-08 19:57 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-07-19 19:28 - 2015-04-08 20:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-07-19 19:08 - 2015-04-11 22:28 - 00008704 _____ C:\Users\Marcin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-07-19 19:03 - 2015-06-17 22:55 - 00004140 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-532919332-968226284-4016100017-1001UA 2015-07-19 19:03 - 2015-06-17 22:55 - 00003760 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-532919332-968226284-4016100017-1001Core 2015-07-19 18:58 - 2015-04-30 14:42 - 00000600 _____ C:\Users\Marcin\AppData\Local\PUTTY.RND 2015-07-18 00:59 - 2015-04-04 09:55 - 00000000 ____D C:\Users\Marcin 2015-07-17 00:54 - 2015-04-05 01:29 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-17 00:54 - 2015-04-05 01:29 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-16 23:58 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2015-07-16 11:03 - 2015-04-04 10:52 - 00004054 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-16 11:03 - 2015-04-04 10:52 - 00003818 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-16 00:56 - 2015-04-13 15:36 - 00000000 ____D C:\Windows\system32\appraiser 2015-07-16 00:56 - 2015-04-05 01:28 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-07-16 00:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData 2015-07-16 00:56 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore 2015-07-16 00:56 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-07-15 19:47 - 2015-04-04 10:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-07-15 14:28 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini 2015-07-15 14:27 - 2015-04-04 10:53 - 00000000 ____D C:\Windows\system32\MRT 2015-07-15 11:49 - 2015-04-07 15:49 - 00000326 _____ C:\Users\Marcin\Documents\ax_files.xml 2015-07-15 10:02 - 2015-04-04 17:26 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-07-15 10:02 - 2015-04-04 17:26 - 00000000 ____D C:\ProgramData\Skype 2015-07-14 21:06 - 2015-04-04 10:15 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-07-14 21:06 - 2015-04-04 10:15 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-07-14 21:05 - 2015-04-04 10:15 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-07-14 21:05 - 2015-04-04 10:15 - 01710056 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-07-14 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\LiveKernelReports 2015-07-13 23:10 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-13 23:10 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-11 10:44 - 2015-04-04 12:34 - 00000000 ____D C:\Program Files\7-Zip 2015-07-11 10:44 - 2013-09-29 21:05 - 00016768 _____ C:\Windows\PFRO.log 2015-07-10 19:21 - 2015-05-26 19:07 - 00000000 ____D C:\Program Files (x86)\FlashFXP 5 2015-07-10 14:52 - 2015-04-04 09:55 - 00000000 ____D C:\Users\Marcin\AppData\Local\Packages 2015-07-06 13:47 - 2015-04-11 11:08 - 00001686 _____ C:\Users\Marcin\Desktop\slownik.txt 2015-07-05 12:08 - 2015-04-04 11:31 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-07-05 03:00 - 2015-05-09 10:45 - 00000000 ____D C:\Users\Marcin\.VirtualBox 2015-07-04 19:41 - 2015-04-05 10:39 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\CDisplayEx 2015-07-04 11:26 - 2015-04-04 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX 2015-07-04 11:26 - 2015-04-04 12:58 - 00000000 ____D C:\Program Files\ShareX 2015-07-03 08:43 - 2015-04-04 10:52 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-07-03 06:28 - 2015-04-04 10:14 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-07-02 22:43 - 2015-06-08 20:12 - 00000000 ____D C:\Users\Marcin\Desktop\IS 2015-07-02 15:47 - 2015-04-04 09:55 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Adobe 2015-07-02 13:55 - 2015-05-09 10:47 - 00000000 ____D C:\Users\Marcin\VirtualBox VMs 2015-06-30 20:19 - 2015-04-04 10:15 - 00000000 ____D C:\ProgramData\NVIDIA 2015-06-30 20:17 - 2015-06-01 22:21 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-06-30 12:41 - 2015-06-10 19:07 - 00000000 ____D C:\Users\Marcin\Desktop\MP3 2015-06-29 20:44 - 2015-04-11 13:49 - 00000000 ____D C:\Users\Marcin\Documents\my games 2015-06-29 20:44 - 2015-04-04 12:20 - 00222503 _____ C:\Windows\DirectX.log 2015-06-24 21:00 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-06-24 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy ==================== Files in the root of some directories ======= 2015-04-07 12:37 - 2015-04-07 12:37 - 0524288 _____ (Simon Tatham) C:\Program Files (x86)\putty.exe 2015-04-04 11:00 - 2009-12-07 01:22 - 2159032 _____ (UltraVNC) C:\Program Files (x86)\vncviewerr.exe 2015-05-12 16:15 - 2015-05-12 15:14 - 0012005 _____ () C:\Users\Marcin\AppData\Roaming\alsoft.ini 2015-04-12 16:38 - 2015-04-12 16:38 - 0007833 _____ () C:\Users\Marcin\AppData\Roaming\ezplay.cat 2015-04-12 16:38 - 2015-04-12 16:38 - 0001126 _____ () C:\Users\Marcin\AppData\Roaming\ezplay.inf 2015-04-12 16:38 - 2015-04-12 16:38 - 0000125 _____ () C:\Users\Marcin\AppData\Roaming\ezplay.ini 2015-04-12 16:39 - 2015-04-12 16:39 - 0000034 _____ () C:\Users\Marcin\AppData\Roaming\ezplay.log 2015-04-12 16:38 - 2015-04-12 16:38 - 0118400 _____ (VSO Software) C:\Users\Marcin\AppData\Roaming\ezplay.sys 2015-04-12 16:38 - 2015-04-12 16:38 - 0099384 _____ () C:\Users\Marcin\AppData\Roaming\inst.exe 2015-04-12 16:38 - 2015-04-12 16:38 - 0007859 _____ () C:\Users\Marcin\AppData\Roaming\pcouffin.cat 2015-04-12 16:38 - 2015-04-12 16:38 - 0001167 _____ () C:\Users\Marcin\AppData\Roaming\pcouffin.inf 2015-04-12 16:38 - 2015-04-12 16:38 - 0000055 _____ () C:\Users\Marcin\AppData\Roaming\pcouffin.log 2015-04-12 16:38 - 2015-04-12 16:38 - 0082816 _____ (VSO Software) C:\Users\Marcin\AppData\Roaming\pcouffin.sys 2015-04-11 22:28 - 2015-07-19 19:08 - 0008704 _____ () C:\Users\Marcin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-06-14 11:24 - 2015-06-14 11:24 - 0000000 ___SH () C:\Users\Marcin\AppData\Local\LumaEmu 2015-07-16 19:14 - 2015-07-17 19:14 - 0065970 _____ () C:\Users\Marcin\AppData\Local\MediaPlayerDotNet.exe.dump 2015-06-03 19:39 - 2015-06-04 10:06 - 18213709 _____ () C:\Users\Marcin\AppData\Local\OcrMap.bin 2015-04-30 14:42 - 2015-07-19 18:58 - 0000600 _____ () C:\Users\Marcin\AppData\Local\PUTTY.RND 2015-04-19 11:48 - 2015-04-19 11:48 - 0000041 ___SH () C:\ProgramData\.zreglib Some files in TEMP: ==================== C:\Users\Marcin\AppData\Local\Temp\bassmod.dll C:\Users\Marcin\AppData\Local\Temp\DataCard_Setup64.exe C:\Users\Marcin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxl8vj5.dll C:\Users\Marcin\AppData\Local\Temp\ose00000.exe C:\Users\Marcin\AppData\Local\Temp\ResetDevice.exe C:\Users\Marcin\AppData\Local\Temp\ShareX-10.0.0-setup.exe C:\Users\Marcin\AppData\Local\Temp\_is6DD3.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-22 01:12 ==================== End of log ============================