Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013 Ran by pc (administrator) on 30-08-2013 11:36:57 Running from C:\Users\pc\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\PskSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\TPSrvWow.exe (Panda Security) C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA ANTIVIRUS PRO 2013\WebProxy.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\ApVxdWin.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\PsCtrls.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\PavFnSvr.exe (Panda Security, S.L.) C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\pavsrvx86.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\AVENGINE.EXE (Panda Security International) C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\Firewall\PSHOST.EXE (Panda Security S.L.) C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\PsImSvc.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE ==================== Registry (Whitelisted) ================== Winlogon\Notify\avldr: avldr64.dll (On-Access Anti-Malware Scanner Sync) HKCU\...\Run: [TBPanel] - C:\Program Files (x86)\Vtune\TBPanel.exe [2158592 2010-10-22] () HKCU\...\Policies\system: [LogonHoursAction] 2 HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2770432 2010-02-10] (VIA) HKLM-x32\...\Run: [APVXDWIN] - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\APVXDWIN.EXE [1038192 2012-12-12] (Panda Security, S.L.) HKLM-x32\...\Run: [SCANINICIO] - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\Inicio.exe [70432 2012-11-08] (Panda Security, S.L.) HKU\Mcx1-PC-KOMPUTER\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-14] (Microsoft Corporation) <==== ATTENTION AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation) AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== ProxyServer: :0 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\f3p03sby.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: samsung.com/AllSharePlayPCPlugin - C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll (Samsung) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: samsung.com/AllSharePlayPCPlugin - C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll (Samsung) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allegro-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\fbc-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\merlin-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pwn-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wp-pl.xml FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM-x32\...\Firefox\Extensions: [{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}] C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\ FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Nightly\firefox.exe Chrome: ======= CHR RestoreOnStartup: "https://www.google.pl/" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB) CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (AllShare) - C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll (Samsung) CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) CHR Plugin: (Unity Player) - C:\Users\pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Replace New Tab Page) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkhddihkmmiiclaipbaaelfojkmlkja\1.2_0 CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AdBlock) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0 CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 ==================== Services (Whitelisted) ================= S4 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [408184 2012-10-23] (Samsung) S4 AllShare Play Service; C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [662600 2013-02-21] (Copyright 2013 SAMSUNG) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation) R2 Panda Software Controller; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\PsCtrls.exe [177440 2012-11-19] (Panda Security, S.L.) R2 PAVFNSVR; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\PavFnSvr.exe [202016 2012-09-21] (Panda Security, S.L.) R2 PavPrSrv; C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe [62768 2008-02-04] (Panda Security, S.L.) R2 PAVSRV; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\pavsrvx86.exe [313664 2011-04-13] (Panda Security, S.L.) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-16] () R2 PSHost; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\Firewall\PSHOST.EXE [226560 2009-11-26] (Panda Security International) R2 PSIMSVC; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\PsImSvc.exe [108288 2008-06-19] (Panda Security S.L.) R2 PskSvcRetail; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\PskSvc.exe [28992 2010-08-16] (Panda Security, S.L.) R2 TPSrv; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\TPSrvWow.exe [173344 2012-11-16] (Panda Security, S.L.) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-31] (TuneUp Software) ==================== Drivers (Whitelisted) ==================== R2 AmFSM; C:\Windows\System32\DRIVERS\amm6460.sys [71432 2012-03-26] (Panda Security, S.L.) S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-03-30] (LG Electronics Inc.) S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-03-30] (LG Electronics Inc.) S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-03-30] (LG Electronics Inc.) S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [33792 2010-03-30] (LG Electronics Inc.) R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.) R2 APPFLT; C:\Windows\system32\Drivers\APPFLT64.SYS [129096 2011-01-31] (Panda Security, S.L.) R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider) R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider) R2 DSAFLT; C:\Windows\system32\Drivers\DSAFLT64.SYS [82952 2009-09-25] (Panda Security, S.L.) R2 FNETMON; C:\Windows\system32\Drivers\fnetm64.SYS [31752 2009-09-25] (Panda Security, S.L.) S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security) R2 IDSFLT; C:\Windows\system32\Drivers\IDSFLT64.SYS [78920 2010-09-09] (Panda Security, S.L.) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R2 NETFLTDI; C:\Windows\system32\Drivers\NETTDI64.SYS [170504 2009-09-25] (Panda Security, S.L.) R3 NETIMFLT01060044; C:\Windows\System32\DRIVERS\n64i1644.sys [216648 2010-09-01] (Panda Security, S.L.) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-07-18] (NVIDIA Corporation) R0 pavboot; C:\Windows\System32\Drivers\pavboot64.sys [30792 2010-06-22] (Panda Security, S.L.) R1 ShldFlt; C:\Windows\System32\DRIVERS\ShldFlt.sys [48136 2009-10-27] (Panda Security, S.L.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software) S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [145936 2010-05-09] (Sun Microsystems, Inc.) R2 WNMFLT; C:\Windows\system32\Drivers\WNMFLT64.SYS [74760 2009-09-25] (Panda Security, S.L.) S1 ArcSec; system32\drivers\ArcSec.sys [x] S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x] S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [x] S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [x] S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [x] R3 PavTPK.sys; \??\C:\Windows\system32\PavTPK.sys [x] R3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [x] S3 TBPanel; No ImagePath S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x] S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-30 11:35 - 2013-08-30 11:35 - 01579080 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe 2013-08-30 09:54 - 2013-08-30 09:54 - 00000141 _____ C:\Windows\system32\Drivers\etc\pfdnnt.act 2013-08-30 00:46 - 2013-08-30 11:36 - 00001008 _____ C:\Windows\setupact.log 2013-08-30 00:46 - 2013-08-30 00:46 - 00000000 _____ C:\Windows\setuperr.log 2013-08-30 00:32 - 2013-08-30 00:33 - 00009542 _____ C:\Users\pc\Documents\cc_20130830_003258.reg 2013-08-29 16:41 - 2013-08-29 16:41 - 00018704 _____ C:\ComboFix.txt 2013-08-29 16:21 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2013-08-29 16:21 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2013-08-29 16:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-08-29 16:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-08-29 16:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-08-29 16:21 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2013-08-29 16:21 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2013-08-29 16:21 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2013-08-29 16:20 - 2013-08-29 16:41 - 00000000 ____D C:\Qoobox 2013-08-29 16:19 - 2013-08-29 16:26 - 00000000 ____D C:\Windows\erdnt 2013-08-29 16:16 - 2013-08-29 16:16 - 00097112 _____ C:\Users\pc\Desktop\Extras.Txt 2013-08-29 16:15 - 2013-08-29 16:16 - 00336318 _____ C:\Users\pc\Desktop\OTL.Txt 2013-08-29 16:08 - 2013-08-29 16:09 - 05115711 ____R (Swearware) C:\Users\pc\Desktop\ComboFix.exe 2013-08-29 15:56 - 2013-08-29 15:56 - 00000000 ____D C:\_OTL 2013-08-29 15:26 - 2013-08-29 15:31 - 00000000 ____D C:\TDSSKiller_Quarantine 2013-08-28 15:34 - 2013-08-28 15:34 - 00000000 ____D C:\Users\pc\Documents\Electronic Arts 2013-08-28 15:33 - 2013-08-28 15:31 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll 2013-08-28 15:32 - 2013-08-28 15:32 - 00000931 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk 2013-08-28 13:49 - 2013-08-28 13:53 - 00000000 ____D C:\Windows\System32\Tasks\Zadania podglądu zdarzeń 2013-08-28 13:44 - 2013-08-28 13:44 - 00115824 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-27 11:24 - 2013-08-27 11:25 - 00449376 _____ C:\Windows\system32\FNTCACHE.DAT 2013-08-26 19:02 - 2013-08-30 11:07 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-26 19:02 - 2013-08-26 19:02 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-08-26 19:02 - 2013-08-26 19:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-08-26 19:02 - 2013-08-26 19:02 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-08-26 18:58 - 2013-08-05 16:00 - 75778376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe 2013-08-24 23:57 - 2013-08-24 23:57 - 00119322 _____ C:\Users\pc\Documents\ts3_clientui-win64-1365064384-2013-08-24 23_57_11.344143.dmp 2013-08-24 17:09 - 2013-08-24 17:09 - 00116087 _____ C:\Users\pc\Documents\ts3_clientui-win64-1365064384-2013-08-24 17_09_08.985832.dmp 2013-08-24 00:53 - 2013-08-24 00:53 - 00112039 _____ C:\Users\pc\Documents\ts3_clientui-win64-1365064384-2013-08-24 00_53_31.059362.dmp 2013-08-23 14:56 - 2013-08-23 14:56 - 00000583 _____ C:\Users\Public\Desktop\World of Tanks - Common Test.lnk 2013-08-23 12:07 - 2013-08-23 12:07 - 10983288 _____ (Wargaming.net ) C:\Users\pc\Desktop\WoT_internet_install_ct.exe 2013-08-22 14:28 - 2013-08-27 11:43 - 00000000 ____D C:\Users\pc\Desktop\Dokumenty 2013-08-22 13:53 - 2013-04-11 11:06 - 00039504 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys 2013-08-22 13:48 - 2013-08-22 13:48 - 00004322 _____ C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan 2013-08-22 13:47 - 2013-08-22 15:25 - 00000000 ____D C:\Users\pc\AppData\Roaming\Ad-Aware Antivirus 2013-08-22 13:47 - 2013-08-22 13:47 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus 2013-08-22 13:45 - 2013-08-22 15:25 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus 2013-08-22 13:45 - 2013-08-22 13:45 - 00000000 ____D C:\ProgramData\Lavasoft 2013-08-21 15:55 - 2013-08-21 15:55 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-08-21 15:50 - 2013-08-18 23:02 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 22101792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 15703176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 13627696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 11271968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-08-21 15:50 - 2013-08-18 23:02 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432680.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432680.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-08-21 15:50 - 2013-08-18 23:02 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-08-21 15:50 - 2013-07-18 19:15 - 00039712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2013-08-21 15:50 - 2013-07-18 19:15 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2013-08-18 14:58 - 2013-08-18 14:58 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-08-18 02:30 - 2013-08-18 02:30 - 00000000 ____D C:\Users\pc\AppData\Local\EA Games 2013-08-18 02:22 - 2013-08-18 02:22 - 00000693 _____ C:\Users\Public\Desktop\Dead Space 3.lnk 2013-08-17 14:01 - 2013-08-18 02:30 - 00000000 ____D C:\ProgramData\Origin 2013-08-16 13:25 - 2013-08-15 13:38 - 02601752 _____ C:\Windows\SysWOW64\pbsvc_moh.exe 2013-08-16 11:24 - 2013-08-16 11:24 - 00000000 ____D C:\Users\pc\AppData\Local\Criterion Games 2013-08-16 00:40 - 2013-08-16 00:40 - 00000221 _____ C:\Users\pc\Desktop\Medal of Honor(TM) Multiplayer.url 2013-08-15 13:53 - 2013-08-18 02:30 - 00000000 ____D C:\Users\pc\Documents\EA Games 2013-08-15 13:53 - 2013-08-15 13:53 - 00000000 __SHD C:\ProgramData\DSS 2013-08-15 12:35 - 2013-08-15 12:35 - 00000221 _____ C:\Users\pc\Desktop\Medal of Honor(TM) Single Player.url 2013-08-14 13:13 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-14 13:13 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-14 13:13 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-14 13:13 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-14 13:13 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-14 13:13 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-14 13:13 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-14 13:13 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-14 13:13 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-14 13:13 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-08-14 13:13 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-14 13:13 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-14 13:13 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-14 13:13 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-14 13:13 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-14 13:13 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-08-14 13:13 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-08-14 13:13 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-08-14 13:13 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-08-14 13:13 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-08-14 13:13 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-08-14 13:13 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-08-14 13:13 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-08-14 13:13 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-08-14 13:13 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-08-14 13:13 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-08-14 13:13 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-08-14 13:13 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-08-14 13:13 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-08-14 13:13 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-14 13:13 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-14 09:37 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-14 09:37 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-14 09:37 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-14 09:37 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-14 09:37 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-08-14 09:37 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-08-14 09:37 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-08-14 09:37 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-14 09:37 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-14 09:37 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-14 09:37 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-14 09:37 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-14 09:37 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-14 09:37 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-14 09:37 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-08-14 09:37 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-08-14 09:37 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-08-14 09:37 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-08-14 09:37 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-08-14 09:37 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-08-14 09:37 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-08-14 09:37 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-08-14 09:37 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-08-14 09:37 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-08-14 09:37 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-08-14 09:37 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-14 09:37 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-08-12 10:21 - 2013-08-12 10:25 - 00000000 ____D C:\Users\pc\AppData\Roaming\PDF Editor 64bit 3 2013-08-12 10:21 - 2013-08-12 10:25 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Editor 64bit 3.3 2013-08-12 10:21 - 2013-08-12 10:21 - 00000000 ____D C:\Users\pc\AppData\Roaming\CAD-KAS 2013-08-10 20:07 - 2013-08-10 20:07 - 00000000 _____ C:\icon_2417919800 2013-08-09 23:01 - 2013-08-09 23:01 - 00107095 _____ C:\Users\pc\Documents\ts3_clientui-win64-1365064384-2013-08-09 23_01_17.382531.dmp 2013-08-09 21:22 - 2013-08-09 21:22 - 00003154 _____ C:\Windows\System32\Tasks\Game_Booster_AutoUpdate 2013-08-09 21:22 - 2013-08-09 21:22 - 00000000 ____D C:\ProgramData\IObit 2013-08-09 21:22 - 2013-08-09 21:22 - 00000000 ____D C:\Program Files (x86)\IObit 2013-08-09 11:09 - 2013-08-09 11:09 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander 2013-08-09 11:09 - 2013-08-09 11:09 - 00000000 ____D C:\Users\pc\AppData\Roaming\GHISLER 2013-08-09 11:09 - 2013-08-09 11:09 - 00000000 ____D C:\totalcmd 2013-07-31 16:08 - 2013-07-26 08:09 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432641.dll 2013-07-31 16:08 - 2013-07-26 08:09 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432641.dll 2013-07-31 16:08 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2013-07-31 16:08 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2013-07-31 16:06 - 2013-07-31 16:06 - 00000000 ____D C:\NvidiaLogging 2013-07-31 16:05 - 2013-07-18 19:15 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll ==================== One Month Modified Files and Folders ======= 2013-08-30 11:36 - 2013-08-30 11:36 - 00000000 ____D C:\FRST 2013-08-30 11:36 - 2013-08-30 00:46 - 00001008 _____ C:\Windows\setupact.log 2013-08-30 11:36 - 2013-04-10 20:51 - 00473068 _____ C:\Windows\system32\Drivers\APPFCONT.DAT.bck 2013-08-30 11:36 - 2013-04-10 20:51 - 00473068 _____ C:\Windows\system32\Drivers\APPFCONT.DAT 2013-08-30 11:35 - 2013-08-30 11:35 - 01579080 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe 2013-08-30 11:07 - 2013-08-26 19:02 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-30 09:54 - 2013-08-30 09:54 - 00000141 _____ C:\Windows\system32\Drivers\etc\pfdnnt.act 2013-08-30 09:51 - 2009-07-14 06:45 - 00015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-30 09:51 - 2009-07-14 06:45 - 00015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-30 09:48 - 2011-09-14 00:30 - 01709360 _____ C:\Windows\WindowsUpdate.log 2013-08-30 09:45 - 2013-04-10 20:53 - 00000252 _____ C:\Windows\system32\Drivers\etc\IdsFlt.cfg.bck 2013-08-30 09:45 - 2013-04-10 20:53 - 00000252 _____ C:\Windows\system32\Drivers\etc\IdsFlt.cfg 2013-08-30 09:45 - 2013-04-10 20:53 - 00000092 _____ C:\Windows\system32\Drivers\etc\NetLoc.wlt.bck 2013-08-30 09:45 - 2013-04-10 20:53 - 00000092 _____ C:\Windows\system32\Drivers\etc\NetLoc.wlt 2013-08-30 09:45 - 2013-04-10 20:53 - 00000068 _____ C:\Windows\system32\Drivers\etc\NetFlt.cfg.bck 2013-08-30 09:45 - 2013-04-10 20:53 - 00000068 _____ C:\Windows\system32\Drivers\etc\NetFlt.cfg 2013-08-30 09:45 - 2013-04-10 20:53 - 00000056 _____ C:\Windows\system32\Drivers\etc\WnmFlt.cfg.bck 2013-08-30 09:45 - 2013-04-10 20:53 - 00000056 _____ C:\Windows\system32\Drivers\etc\WnmFlt.cfg 2013-08-30 09:45 - 2013-04-10 20:53 - 00000056 _____ C:\Windows\system32\Drivers\etc\DsaFlt.cfg.bck 2013-08-30 09:45 - 2013-04-10 20:53 - 00000056 _____ C:\Windows\system32\Drivers\etc\DsaFlt.cfg 2013-08-30 09:45 - 2013-04-10 20:51 - 00303044 _____ C:\Windows\system32\Drivers\etc\DsaFlt.rls.bck 2013-08-30 09:45 - 2013-04-10 20:51 - 00303044 _____ C:\Windows\system32\Drivers\etc\DsaFlt.rls 2013-08-30 09:45 - 2013-04-10 20:51 - 00001132 _____ C:\Windows\system32\Drivers\APPFLTR.CFG.bck 2013-08-30 09:45 - 2013-04-10 20:51 - 00001132 _____ C:\Windows\system32\Drivers\APPFLTR.CFG 2013-08-30 09:44 - 2013-04-10 20:52 - 00000136 _____ C:\Windows\system32\Drivers\etc\NetAdapt.cfg.bck 2013-08-30 09:44 - 2013-04-10 20:52 - 00000136 _____ C:\Windows\system32\Drivers\etc\NetAdapt.cfg 2013-08-30 09:44 - 2013-04-10 20:52 - 00000064 _____ C:\Windows\system32\Drivers\etc\NetAR.wlt.bck 2013-08-30 09:44 - 2013-04-10 20:52 - 00000064 _____ C:\Windows\system32\Drivers\etc\NetAR.wlt 2013-08-30 09:44 - 2011-12-30 22:25 - 00000000 ____D C:\Program Files (x86)\Origin 2013-08-30 09:43 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-30 00:46 - 2013-08-30 00:46 - 00000000 _____ C:\Windows\setuperr.log 2013-08-30 00:33 - 2013-08-30 00:32 - 00009542 _____ C:\Users\pc\Documents\cc_20130830_003258.reg 2013-08-30 00:32 - 2012-07-22 13:02 - 00000000 ____D C:\Users\pc\AppData\Roaming\TS3Client 2013-08-29 16:41 - 2013-08-29 16:41 - 00018704 _____ C:\ComboFix.txt 2013-08-29 16:41 - 2013-08-29 16:20 - 00000000 ____D C:\Qoobox 2013-08-29 16:40 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2013-08-29 16:26 - 2013-08-29 16:19 - 00000000 ____D C:\Windows\erdnt 2013-08-29 16:26 - 2011-04-07 19:19 - 00000000 ___RD C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-08-29 16:25 - 2013-02-27 17:10 - 00000000 ____D C:\Program Files (x86)\GmoteServer 2013-08-29 16:19 - 2011-04-08 22:54 - 00008627 _____ C:\Windows\SysWOW64\PAV_FOG.OPC 2013-08-29 16:16 - 2013-08-29 16:16 - 00097112 _____ C:\Users\pc\Desktop\Extras.Txt 2013-08-29 16:16 - 2013-08-29 16:15 - 00336318 _____ C:\Users\pc\Desktop\OTL.Txt 2013-08-29 16:14 - 2011-05-25 17:49 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FA3F0C53-4CAE-4B11-B29C-15FF07478107} 2013-08-29 16:09 - 2013-08-29 16:08 - 05115711 ____R (Swearware) C:\Users\pc\Desktop\ComboFix.exe 2013-08-29 15:56 - 2013-08-29 15:56 - 00000000 ____D C:\_OTL 2013-08-29 15:31 - 2013-08-29 15:26 - 00000000 ____D C:\TDSSKiller_Quarantine 2013-08-29 08:24 - 2011-04-13 21:31 - 00000000 ____D C:\Windows\System32\Tasks\Games 2013-08-28 15:34 - 2013-08-28 15:34 - 00000000 ____D C:\Users\pc\Documents\Electronic Arts 2013-08-28 15:32 - 2013-08-28 15:32 - 00000931 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk 2013-08-28 15:32 - 2011-04-08 19:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-08-28 15:31 - 2013-08-28 15:33 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll 2013-08-28 13:53 - 2013-08-28 13:49 - 00000000 ____D C:\Windows\System32\Tasks\Zadania podglądu zdarzeń 2013-08-28 13:44 - 2013-08-28 13:44 - 00115824 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-27 12:32 - 2009-07-14 07:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-27 11:43 - 2013-08-22 14:28 - 00000000 ____D C:\Users\pc\Desktop\Dokumenty 2013-08-27 11:25 - 2013-08-27 11:24 - 00449376 _____ C:\Windows\system32\FNTCACHE.DAT 2013-08-26 20:28 - 2013-03-30 18:06 - 00003358 _____ C:\Windows\System32\Tasks\Odkurzacz 2013-08-26 20:28 - 2012-08-02 18:41 - 00002768 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-08-26 19:06 - 2013-03-31 21:53 - 00000000 ____D C:\Program Files (x86)\Steam 2013-08-26 19:06 - 2012-06-05 22:35 - 00000000 ____D C:\Users\pc\AppData\Roaming\AIMP3 2013-08-26 19:06 - 2011-04-08 23:27 - 00000000 ____D C:\Users\pc\AppData\Roaming\uTorrent 2013-08-26 19:06 - 2011-04-07 20:11 - 00000000 ____D C:\Windows\Panther 2013-08-26 19:05 - 2012-09-09 09:37 - 00000000 ____D C:\Users\pc\AppData\Roaming\Media Player Classic 2013-08-26 19:03 - 2011-04-23 18:07 - 00000000 ____D C:\Windows\Minidump 2013-08-26 19:02 - 2013-08-26 19:02 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-08-26 19:02 - 2013-08-26 19:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-08-26 19:02 - 2013-08-26 19:02 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-08-26 19:02 - 2011-04-11 22:00 - 00000000 ____D C:\Users\pc\AppData\Local\Adobe 2013-08-26 18:57 - 2012-05-31 15:10 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-08-26 13:59 - 2012-03-15 17:57 - 00000000 ____D C:\Users\pc\.gimp-2.6 2013-08-25 11:57 - 2011-04-07 19:19 - 00000000 ____D C:\Users\pc 2013-08-24 23:57 - 2013-08-24 23:57 - 00119322 _____ C:\Users\pc\Documents\ts3_clientui-win64-1365064384-2013-08-24 23_57_11.344143.dmp 2013-08-24 17:09 - 2013-08-24 17:09 - 00116087 _____ C:\Users\pc\Documents\ts3_clientui-win64-1365064384-2013-08-24 17_09_08.985832.dmp 2013-08-24 00:53 - 2013-08-24 00:53 - 00112039 _____ C:\Users\pc\Documents\ts3_clientui-win64-1365064384-2013-08-24 00_53_31.059362.dmp 2013-08-23 16:58 - 2012-09-10 18:05 - 00000000 ____D C:\Users\pc\AppData\Roaming\vlc 2013-08-23 14:56 - 2013-08-23 14:56 - 00000583 _____ C:\Users\Public\Desktop\World of Tanks - Common Test.lnk 2013-08-23 12:07 - 2013-08-23 12:07 - 10983288 _____ (Wargaming.net ) C:\Users\pc\Desktop\WoT_internet_install_ct.exe 2013-08-22 15:25 - 2013-08-22 13:47 - 00000000 ____D C:\Users\pc\AppData\Roaming\Ad-Aware Antivirus 2013-08-22 15:25 - 2013-08-22 13:45 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus 2013-08-22 13:48 - 2013-08-22 13:48 - 00004322 _____ C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan 2013-08-22 13:47 - 2013-08-22 13:47 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus 2013-08-22 13:45 - 2013-08-22 13:45 - 00000000 ____D C:\ProgramData\Lavasoft 2013-08-22 00:33 - 2012-05-31 15:11 - 00000000 ____D C:\Users\pc\AppData\Roaming\wargaming.net 2013-08-21 15:55 - 2013-08-21 15:55 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-08-21 15:55 - 2011-04-08 19:28 - 00000000 ____D C:\ProgramData\NVIDIA 2013-08-21 15:55 - 2011-04-08 19:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-08-19 09:08 - 2011-12-31 00:26 - 00281312 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2013-08-19 09:08 - 2011-12-30 22:59 - 00281312 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-08-19 09:07 - 2011-12-30 22:59 - 00218496 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2013-08-18 23:07 - 2011-12-31 09:58 - 00007620 _____ C:\Users\pc\AppData\Local\Resmon.ResmonCfg 2013-08-18 23:02 - 2013-08-21 15:50 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 22101792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 15703176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 13627696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 11271968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-08-18 23:02 - 2013-08-21 15:50 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432680.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432680.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-08-18 23:02 - 2013-08-21 15:50 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-08-18 23:02 - 2013-05-25 00:20 - 12946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-08-18 23:02 - 2013-05-25 00:20 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-08-18 23:02 - 2012-02-26 02:20 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2013-08-18 23:02 - 2011-04-08 19:27 - 00022581 _____ C:\Windows\system32\nvinfo.pb 2013-08-18 23:02 - 2011-04-08 19:26 - 15900936 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-08-18 23:02 - 2011-04-08 19:26 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-08-18 21:34 - 2010-10-19 02:25 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-08-18 21:34 - 2010-10-19 02:25 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-08-18 21:34 - 2010-10-19 02:25 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-08-18 21:34 - 2010-10-19 02:25 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-08-18 21:34 - 2010-10-19 02:25 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-08-18 21:34 - 2010-10-19 02:25 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-08-18 14:58 - 2013-08-18 14:58 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-08-18 02:30 - 2013-08-18 02:30 - 00000000 ____D C:\Users\pc\AppData\Local\EA Games 2013-08-18 02:30 - 2013-08-17 14:01 - 00000000 ____D C:\ProgramData\Origin 2013-08-18 02:30 - 2013-08-15 13:53 - 00000000 ____D C:\Users\pc\Documents\EA Games 2013-08-18 02:22 - 2013-08-18 02:22 - 00000693 _____ C:\Users\Public\Desktop\Dead Space 3.lnk 2013-08-17 07:30 - 2012-02-26 02:21 - 03319709 _____ C:\Windows\system32\nvcoproc.bin 2013-08-16 13:38 - 2011-12-30 22:59 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-08-16 13:25 - 2011-12-31 00:26 - 00000000 ____D C:\Users\pc\AppData\Local\PunkBuster 2013-08-16 11:24 - 2013-08-16 11:24 - 00000000 ____D C:\Users\pc\AppData\Local\Criterion Games 2013-08-16 00:40 - 2013-08-16 00:40 - 00000221 _____ C:\Users\pc\Desktop\Medal of Honor(TM) Multiplayer.url 2013-08-16 00:40 - 2013-04-01 07:52 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2013-08-15 13:53 - 2013-08-15 13:53 - 00000000 __SHD C:\ProgramData\DSS 2013-08-15 13:51 - 2011-12-30 22:25 - 00000000 ____D C:\ProgramData\Electronic Arts 2013-08-15 13:38 - 2013-08-16 13:25 - 02601752 _____ C:\Windows\SysWOW64\pbsvc_moh.exe 2013-08-15 12:35 - 2013-08-15 12:35 - 00000221 _____ C:\Users\pc\Desktop\Medal of Honor(TM) Single Player.url 2013-08-15 11:39 - 2012-11-24 10:56 - 00000000 ____D C:\Users\pc\AppData\Local\Origin 2013-08-15 11:39 - 2011-12-30 22:26 - 00000000 ____D C:\Users\pc\AppData\Roaming\Origin 2013-08-14 19:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-08-14 14:52 - 2013-07-09 22:25 - 00000000 ____D C:\Windows\system32\MRT 2013-08-14 14:50 - 2011-04-08 20:04 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-08-14 13:13 - 2011-05-08 19:54 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-08-13 00:47 - 2011-04-09 06:59 - 00000000 ____D C:\Users\pc\dwhelper 2013-08-12 10:25 - 2013-08-12 10:21 - 00000000 ____D C:\Users\pc\AppData\Roaming\PDF Editor 64bit 3 2013-08-12 10:25 - 2013-08-12 10:21 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Editor 64bit 3.3 2013-08-12 10:21 - 2013-08-12 10:21 - 00000000 ____D C:\Users\pc\AppData\Roaming\CAD-KAS 2013-08-10 20:07 - 2013-08-10 20:07 - 00000000 _____ C:\icon_2417919800 2013-08-09 23:01 - 2013-08-09 23:01 - 00107095 _____ C:\Users\pc\Documents\ts3_clientui-win64-1365064384-2013-08-09 23_01_17.382531.dmp 2013-08-09 21:22 - 2013-08-09 21:22 - 00003154 _____ C:\Windows\System32\Tasks\Game_Booster_AutoUpdate 2013-08-09 21:22 - 2013-08-09 21:22 - 00000000 ____D C:\ProgramData\IObit 2013-08-09 21:22 - 2013-08-09 21:22 - 00000000 ____D C:\Program Files (x86)\IObit 2013-08-09 11:09 - 2013-08-09 11:09 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander 2013-08-09 11:09 - 2013-08-09 11:09 - 00000000 ____D C:\Users\pc\AppData\Roaming\GHISLER 2013-08-09 11:09 - 2013-08-09 11:09 - 00000000 ____D C:\totalcmd 2013-08-08 16:26 - 2009-07-14 19:55 - 01290212 _____ C:\Windows\system32\perfh015.dat 2013-08-08 16:26 - 2009-07-14 19:55 - 00441726 _____ C:\Windows\system32\perfc015.dat 2013-08-08 16:26 - 2009-07-14 07:13 - 00006248 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-05 16:00 - 2013-08-26 18:58 - 75778376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe 2013-08-01 02:30 - 2009-07-14 04:34 - 72351744 _____ C:\Windows\system32\config\SOFTWARE_tureg_old 2013-08-01 02:30 - 2009-07-14 04:34 - 22806528 _____ C:\Windows\system32\config\SYSTEM_tureg_old 2013-08-01 02:30 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY_tureg_old 2013-08-01 02:28 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\DEFAULT_tureg_old 2013-08-01 02:28 - 2009-07-14 04:34 - 00065536 _____ C:\Windows\system32\config\SAM_tureg_old 2013-08-01 02:17 - 2011-06-12 22:40 - 00000000 ____D C:\Program Files\CCleaner 2013-07-31 16:06 - 2013-07-31 16:06 - 00000000 ____D C:\NvidiaLogging 2013-07-31 16:06 - 2011-04-08 19:26 - 00000000 ____D C:\Program Files\NVIDIA Corporation ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-28 10:20 ==================== End Of Log ============================