Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015 Ran by DOM (administrator) on DOM-KOMPUTER (29-07-2015 11:40:29) Running from C:\Users\DOM\Desktop Loaded Profiles: DOM (Available Profiles: DOM) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Polski (Polska) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (G Data Software AG) C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe (G DATA Software AG) C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe (G Data Software AG) C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () E:\Programy\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe () C:\Windows\System32\PnkBstrA.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (G Data Software AG) C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH) HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG) HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G DATA\TotalProtection\DelayLoader\AutorunDelayLoader.exe [434296 2015-02-20] (G Data Software AG) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe, Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-900956390-2900685666-1750924883-1000\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-25] (Google Inc.) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-06-17] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155280 2015-06-17] (NVIDIA Corporation) Startup: C:\Users\DOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GM_DevUpdate.lnk [2014-06-07] ShortcutTarget: GM_DevUpdate.lnk -> C:\Program Files (x86)\USB all-in-one game controller\GM_DevUpdate.exe (No File) ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-900956390-2900685666-1750924883-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation) DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Hosts: 109.71.69.254 master.gamespy.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{02338642-07C7-4CE4-AF5E-54018F60E730}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{7ACB4D7C-03BC-47A7-B28B-1803CCA77A45}: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] () FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-02] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-02] (Adobe Systems) FF Plugin HKU\S-1-5-21-900956390-2900685666-1750924883-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\DOM\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-11] (Unity Technologies ApS) FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird Chrome: ======= CHR Profile: C:\Users\DOM\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (agar.io server browser) - C:\Users\DOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2015-05-20] CHR Extension: (Dingit Infinite HD App) - C:\Users\DOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\llnhnfikffkjbdnfallfpgikamegbbag [2015-05-22] CHR Extension: (Agario Extended – Enhance Agar.io Gameplay) - C:\Users\DOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mflicjopopjcpojfoefhbpdncmjbcbin [2015-05-20] CHR Extension: (Chrome Web Store Payments) - C:\Users\DOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-06-09] (Adobe Systems Incorporated) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [72704 2014-05-29] (Autodesk) [File not signed] R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2527864 2015-03-04] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe [3672560 2015-02-20] (G Data Software AG) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1718840 2015-07-21] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6871608 2015-07-21] (GOG.com) R2 GDBackupSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe [3881080 2015-02-20] (G Data Software AG) R3 GDFwSvc; C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG) S3 GDTunerSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe [2235512 2015-02-20] (G Data Software AG) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-09-18] () [File not signed] S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 mi-raysat_3dsmax8; E:\Programy\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe [65536 2005-09-21] () [File not signed] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-11] (Electronic Arts) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-25] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-02-25] () S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed] S3 TSNxGService; C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-07-01] (G DATA Software) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-25] (Disc Soft Ltd) R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-07-27] (G Data Software AG) R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-07-27] (G Data Software AG) R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-07-27] (G Data Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-07-27] (G Data Software AG) R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2015-07-27] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-07-27] (G Data Software AG) U3 GMFilter; C:\Windows\SysWow64\Drivers\GMFilter.sys [20992 2004-12-16] () R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-07-27] (G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-07-27] (G Data Software AG) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129856 2014-05-28] (Razer, Inc.) R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2015-07-27] (G Data Software) S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21072 2013-03-27] () S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-28 19:43 - 2015-07-28 19:43 - 00037518 _____ C:\Users\DOM\Desktop\wynikiskanowania.txt 2015-07-28 19:36 - 2015-07-28 19:36 - 00007089 _____ C:\Users\DOM\Desktop\RaportOchronyCodziennej.txt 2015-07-28 19:35 - 2015-07-28 19:36 - 00002464 _____ C:\Windows\SysWOW64\-log-2015-07-28 (19-34-47).xml 2015-07-28 19:33 - 2015-07-28 19:33 - 00002464 _____ C:\Windows\SysWOW64\-log-2015-07-28 (18-56-31).xml 2015-07-28 17:05 - 2015-07-29 11:40 - 00021151 _____ C:\Users\DOM\Desktop\FRST.txt 2015-07-28 17:04 - 2015-07-29 11:40 - 02169856 _____ (Farbar) C:\Users\DOM\Desktop\FRST64.exe 2015-07-28 16:59 - 2015-07-29 11:28 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-28 16:59 - 2015-07-28 16:59 - 00001062 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-07-28 16:59 - 2015-07-28 16:59 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-07-28 16:59 - 2015-07-28 16:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-07-28 16:59 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-07-28 16:59 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-07-28 16:59 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-07-27 17:42 - 2015-07-27 17:42 - 00000000 _____ C:\Windows\topsecret.INI 2015-07-27 17:42 - 2015-07-27 17:42 - 00000000 _____ C:\Windows\GDDevCtrl.INI 2015-07-27 17:39 - 2015-07-27 17:39 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys 2015-07-27 17:39 - 2015-07-27 17:39 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys 2015-07-27 17:34 - 2015-07-27 17:34 - 00098760 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys 2015-07-27 17:34 - 2015-07-27 17:34 - 00075776 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys 2015-07-27 17:34 - 2015-07-27 17:34 - 00027648 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys 2015-07-27 17:34 - 2015-07-27 17:34 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys 2015-07-27 17:34 - 2015-07-27 17:34 - 00002003 _____ C:\Users\Public\Desktop\G DATA TOTAL PROTECTION.lnk 2015-07-27 17:34 - 2015-07-27 17:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf 2015-07-27 17:34 - 2015-07-27 17:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBB64_01007.Wdf 2015-07-27 17:34 - 2015-07-27 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION 2015-07-27 17:33 - 2015-07-27 17:33 - 00230400 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys 2015-07-27 17:33 - 2015-07-27 17:33 - 00150016 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys 2015-07-27 17:33 - 2015-07-27 17:33 - 00124928 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys 2015-07-27 17:33 - 2015-07-27 17:33 - 00064512 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys 2015-07-27 17:33 - 2015-07-27 17:33 - 00001962 _____ C:\Windows\DPINST.LOG 2015-07-27 17:33 - 2015-07-27 17:33 - 00000779 _____ C:\Users\DOM\AppData\Roaming\gdscan.log 2015-07-27 17:33 - 2015-07-27 17:33 - 00000000 ____D C:\ProgramData\G DATA Software 2015-07-27 17:33 - 2015-07-27 17:33 - 00000000 ____D C:\Program Files (x86)\G DATA 2015-07-27 17:33 - 2015-07-27 17:33 - 00000000 _____ C:\Users\DOM\AppData\Roaming\gdfw.log 2015-07-27 17:30 - 2015-07-27 17:38 - 00000000 ____D C:\ProgramData\G Data 2015-07-27 12:36 - 2015-07-29 11:40 - 00000000 ____D C:\FRST 2015-07-27 10:39 - 2015-07-27 10:43 - 00000000 ____D C:\Windows\erdnt 2015-07-26 11:22 - 2015-07-26 11:22 - 00043931 _____ C:\Users\DOM\AppData\Local\recently-used.xbel 2015-07-24 21:31 - 2015-07-25 15:47 - 00000000 ____D C:\Users\DOM\Desktop\grafika 2015-07-22 18:20 - 2015-07-22 18:20 - 00000000 ____D C:\Users\DOM\AppData\Local\CEF 2015-07-17 16:15 - 2015-07-17 16:15 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-15 17:21 - 2015-07-15 17:57 - 00001328 _____ C:\Users\DOM\Desktop\RolePlay.txt 2015-07-15 00:38 - 2015-07-15 00:58 - 00000000 ____D C:\Users\DOM\Desktop\Wiersze 2015-07-08 13:43 - 2015-07-08 13:43 - 00000000 ____D C:\Users\DOM\Documents\Adobe 2015-07-08 13:37 - 2015-07-08 13:37 - 00003506 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-DOM-Komputer-DOM 2015-07-06 15:32 - 2015-07-06 15:32 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2015.lnk 2015-07-06 15:32 - 2015-07-06 15:32 - 00000000 ____D C:\Users\Public\Documents\Adobe 2015-07-06 15:32 - 2015-07-06 15:32 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2015-07-06 15:32 - 2015-07-06 15:32 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-07-06 15:32 - 2015-07-06 15:32 - 00000000 ____D C:\Program Files\Adobe 2015-07-06 15:31 - 2015-07-06 15:31 - 00000000 ____D C:\Program Files (x86)\My Company Name 2015-07-06 15:31 - 2012-06-22 03:01 - 00056336 ____N (Corel Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys 2015-07-06 15:31 - 2012-04-24 03:01 - 00011376 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdralw2k.sys 2015-07-06 15:31 - 2012-04-24 03:01 - 00010864 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdr4_xp.sys 2015-07-06 15:21 - 2015-07-06 15:21 - 00000000 ___RD C:\Users\DOM\Creative Cloud Files 2015-07-06 15:19 - 2015-07-08 10:56 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2015-07-06 15:19 - 2015-07-08 10:56 - 00001097 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2015-07-06 14:18 - 2015-07-06 14:18 - 00000000 ____D C:\Users\DOM\AppData\Roaming\GoldWave 2015-07-02 23:16 - 2015-07-03 15:12 - 00000041 _____ C:\Users\DOM\Desktop\lista uzbrojenia.txt 2015-07-01 16:29 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-07-01 16:28 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-07-01 16:28 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2015-07-01 16:28 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-07-01 16:28 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2015-06-30 21:41 - 2015-06-30 21:41 - 00003292 _____ C:\Windows\System32\Tasks\{1AEFE040-1C1A-4FAA-8D12-755D2191EF4F} 2015-06-30 21:39 - 2015-06-30 21:39 - 00000000 ____D C:\Windows\Battlefield Mod Development Toolkit 2015-06-30 21:39 - 2015-06-30 21:39 - 00000000 ____D C:\Users\DOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battlefield Mod Development Toolkit 2015-06-30 21:39 - 2015-06-30 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield Mod Development Toolkit 2015-06-29 16:14 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-06-29 16:14 - 2015-05-19 05:14 - 00061616 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-06-29 16:14 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-29 11:39 - 2014-01-18 11:27 - 00000000 ____D C:\Program Files (x86)\Steam 2015-07-29 11:38 - 2013-09-25 19:37 - 00000000 ____D C:\Users\DOM\AppData\Roaming\Skype 2015-07-29 11:35 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-29 11:35 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-29 11:34 - 2011-04-12 15:21 - 00744808 _____ C:\Windows\system32\perfh015.dat 2015-07-29 11:34 - 2011-04-12 15:21 - 00157788 _____ C:\Windows\system32\perfc015.dat 2015-07-29 11:34 - 2009-07-14 07:13 - 01682752 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-29 11:28 - 2015-05-16 20:52 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d090097786dbee.job 2015-07-29 11:28 - 2015-02-06 23:46 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04256688d5cf0.job 2015-07-29 11:28 - 2013-09-20 15:36 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-29 11:27 - 2014-05-13 20:33 - 00149336 _____ C:\Windows\setupact.log 2015-07-29 11:27 - 2013-10-13 10:22 - 00000000 ____D C:\Users\DOM\AppData\Local\TSVNCache 2015-07-29 11:27 - 2013-09-18 17:16 - 00000000 ____D C:\ProgramData\NVIDIA 2015-07-29 11:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-29 11:26 - 2013-09-18 16:14 - 01090992 _____ C:\Windows\WindowsUpdate.log 2015-07-29 11:07 - 2014-09-21 10:08 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-29 11:03 - 2013-09-18 17:27 - 00000000 ____D C:\Users\DOM\AppData\Local\Adobe 2015-07-29 10:57 - 2015-02-06 23:46 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04256689d149b.job 2015-07-29 00:51 - 2014-06-22 21:17 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8e4ea6a21e93.job 2015-07-28 22:35 - 2014-05-17 19:43 - 00440040 _____ C:\Windows\PFRO.log 2015-07-28 21:23 - 2013-09-19 18:54 - 00000000 ____D C:\Users\DOM\AppData\Roaming\TS3Client 2015-07-28 20:11 - 2013-09-19 20:17 - 00000000 ____D C:\Users\DOM\AppData\Roaming\.minecraft 2015-07-28 18:34 - 2014-05-31 15:14 - 00000000 ____D C:\Users\DOM\AppData\Local\screenSHU 2015-07-28 18:08 - 2014-10-10 14:40 - 00007612 _____ C:\Users\DOM\AppData\Local\Resmon.ResmonCfg 2015-07-28 16:51 - 2015-05-28 16:36 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-07-28 12:18 - 2015-06-06 11:50 - 00000000 ____D C:\Users\DOM\Desktop\YT 2015-07-27 16:55 - 2014-05-03 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-07-27 16:55 - 2014-02-02 20:35 - 00000000 ____D C:\Users\DOM\AppData\Local\NVIDIA Corporation 2015-07-27 16:55 - 2013-09-18 17:12 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-07-27 16:55 - 2013-09-18 17:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-07-27 16:55 - 2013-09-18 17:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-07-27 14:30 - 2014-07-27 00:07 - 00000000 ___RD C:\Users\DOM\Desktop\Games 2015-07-27 14:30 - 2014-06-27 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ 2015-07-27 10:19 - 2013-09-18 16:14 - 00000000 ____D C:\Users\DOM 2015-07-27 10:19 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System 2015-07-27 06:44 - 2015-06-20 12:23 - 00000000 ____D C:\Users\DOM\Documents\The Witcher 3 2015-07-26 22:45 - 2014-06-20 18:43 - 00000000 ____D C:\Users\DOM\AppData\Local\CrashDumps 2015-07-26 11:22 - 2013-09-22 16:32 - 00000000 ____D C:\Users\DOM\.gimp-2.8 2015-07-25 18:33 - 2013-09-22 16:43 - 00000000 ____D C:\Users\DOM\AppData\Local\gtk-2.0 2015-07-24 09:14 - 2009-07-14 06:45 - 00426000 _____ C:\Windows\system32\FNTCACHE.DAT 2015-07-24 01:42 - 2013-09-18 17:02 - 00111520 _____ C:\Users\DOM\AppData\Local\GDIPFONTCACHEV1.DAT 2015-07-22 11:46 - 2015-05-30 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-07-17 16:14 - 2015-04-18 23:06 - 00000000 ____D C:\Program Files (x86)\NapiProjekt 2015-07-17 16:14 - 2014-01-29 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative 2015-07-17 16:14 - 2014-01-29 15:27 - 00000000 ____D C:\Program Files (x86)\Creative 2015-07-16 12:52 - 2015-05-16 20:52 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d090097786dbee 2015-07-16 12:52 - 2015-02-06 23:46 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d04256689d149b 2015-07-15 11:48 - 2014-01-28 21:29 - 00000000 ____D C:\Users\DOM\AppData\Local\LogMeIn Hamachi 2015-07-14 22:07 - 2014-09-21 10:08 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-14 22:07 - 2013-09-20 15:36 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-14 22:07 - 2013-09-20 15:36 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-14 13:39 - 2013-09-18 16:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-07-14 11:44 - 2014-02-05 15:52 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys 2015-07-14 10:40 - 2015-06-14 10:34 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-07-14 10:40 - 2013-09-25 19:36 - 00000000 ____D C:\ProgramData\Skype 2015-07-11 12:01 - 2013-12-14 01:38 - 00000000 ____D C:\ProgramData\Origin 2015-07-11 12:00 - 2013-12-14 01:41 - 00000000 ____D C:\Users\DOM\AppData\Roaming\Origin 2015-07-11 11:59 - 2013-12-14 01:38 - 00000000 ____D C:\Program Files (x86)\Origin 2015-07-08 13:46 - 2014-02-02 02:54 - 00000000 ____D C:\Users\DOM\AppData\Roaming\Audacity 2015-07-08 10:56 - 2014-02-04 17:32 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-07-06 15:32 - 2013-09-20 15:38 - 00000000 ____D C:\Users\DOM\AppData\Roaming\Adobe 2015-07-06 15:31 - 2013-12-14 02:32 - 00000000 ____D C:\ProgramData\Package Cache 2015-07-06 15:21 - 2013-09-18 17:27 - 00000000 ____D C:\ProgramData\Adobe 2015-07-03 14:05 - 2014-06-15 15:49 - 00000000 ____D C:\Users\DOM\Documents\Pliki programu Outlook 2015-07-01 20:47 - 2013-09-19 18:17 - 00000000 ____D C:\Games 2015-07-01 20:43 - 2015-02-25 10:11 - 00000000 ____D C:\ProgramData\Hi-Rez Studios 2015-07-01 20:40 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-06-30 21:39 - 2015-01-24 13:38 - 00000000 ___RD C:\Users\DOM\Desktop\Work 2015-06-30 21:37 - 2014-01-29 15:28 - 00000000 ____D C:\ProgramData\Creative ==================== Files in the root of some directories ======= 2015-07-27 17:33 - 2015-07-27 17:33 - 0000000 _____ () C:\Users\DOM\AppData\Roaming\gdfw.log 2015-07-27 17:33 - 2015-07-27 17:33 - 0000779 _____ () C:\Users\DOM\AppData\Roaming\gdscan.log 2013-11-24 16:57 - 2014-08-01 15:05 - 0004608 _____ () C:\Users\DOM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-07-26 11:22 - 2015-07-26 11:22 - 0043931 _____ () C:\Users\DOM\AppData\Local\recently-used.xbel 2014-10-10 14:40 - 2015-07-28 18:08 - 0007612 _____ () C:\Users\DOM\AppData\Local\Resmon.ResmonCfg 2014-07-26 16:49 - 2014-07-26 16:49 - 0000000 _____ () C:\Users\DOM\AppData\Local\{CED18F6E-43AD-4B4D-A65D-6700A3FEE465} ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-15 13:05 ==================== End of log ============================