Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2013 Ran by Dom (administrator) on DOM-KOMPUTER on 01-11-2013 00:25:11 Running from C:\Users\Dom\Desktop\SYSTEM Windows 7 Professional Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Hi-Rez Studios) D:\SMITE Beta\HiPatchService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Windows\SysWOW64\PnkBstrA.exe (VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Spotify Ltd) C:\Users\Dom\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Skillbrains) C:\Users\Dom\AppData\Local\Skillbrains\lightshot\4.4.2.0\LightShot.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Murray Hurps Corp Pty Ltd) C:\Program Files (x86)\Ad Muncher\AdMunch.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Murray Hurps Corp Pty Ltd) C:\Program Files (x86)\Ad Muncher\AdMunch64.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-08-27] (NVIDIA Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [ALLUpdate] - C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2995712 2013-07-19] (ALLPlayer Group Ltd.) HKCU\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPANEL.exe [2181744 2010-09-02] (Gainward Co.) HKCU\...\Run: [chromium] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.) HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung) HKCU\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [1163072 2012-04-12] (DT Soft Ltd) HKCU\...\Run: [LightShot] - C:\Users\Dom\AppData\Local\Skillbrains\lightshot\LightShot.exe [226592 2013-08-22] () HKCU\...\Run: [Spotify Web Helper] - C:\Users\Dom\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2009-12-31] (Spotify Ltd) HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-04-18] (Samsung Electronics) HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung) MountPoints2: {b2cfd24a-ee9f-11e1-b262-1c6f65e35a54} - H:\LaunchU3.exe -a MountPoints2: {b7361f87-a89b-11e1-ae30-1c6f65e35a54} - H:\SamsungKiesInstaller.exe MountPoints2: {b8a2a458-9849-11e0-940f-806e6f6e6963} - F:\Autoplay.exe HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [Ad Muncher] - C:\Program Files (x86)\Ad Muncher\AdMunch.exe [535752 2012-04-05] (Murray Hurps Corp Pty Ltd) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2472048 2010-08-11] (VIA) HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.) HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) AppInit_DLLs: C:\Windows\system32\guard64.dll [390392 2012-11-08] (COMODO) AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ SearchScopes: HKLM-x32 - {1E95D57A-3322-49b8-9458-35056C5CFFF8} URL = http://startsear.ch/?aff=1&src=sp&cf=6d667f5f-fa82-11e0-9400-1c6f65e35a54&q={searchTerms} SearchScopes: HKCU - {1E95D57A-3322-49b8-9458-35056C5CFFF8} URL = http://startsear.ch/?aff=1&src=sp&cf=6d667f5f-fa82-11e0-9400-1c6f65e35a54&q={searchTerms} SearchScopes: HKCU - {9BBFA847-2692-4cb0-A222-AF4472B7B774} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD SearchScopes: HKCU - {CC33DA20-8F2D-4787-939E-EC6860C2710E} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157 BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - D:\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files (x86)\ALLYouTubeDownloader\ALLYouTubeDownloader.dll (ALLCinema Ltd.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) Toolbar: HKCU - No Name - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt FireFox: ======== FF ProfilePath: C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\4jslxxfi.default FF SelectedSearchEngine: Google FF Homepage: www.google.pl FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - D:\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 - C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( ) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @iahgames.com/prodown - C:\Program Files (x86)\IAHgames\Playfast\npiahpd.dll (RSJ Software GmbH) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Dom\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Dom\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\Dom\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Dom\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF Extension: Iplex to ALLPlayer - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\4jslxxfi.default\Extensions\IplextoALL@ALLPlayer.org FF Extension: ALLYouTubeDownloader - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\4jslxxfi.default\Extensions\YouTubetoALL@ALLPlayer.org FF Extension: DownloadHelper - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\4jslxxfi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: artur.dubovoy - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\4jslxxfi.default\Extensions\artur.dubovoy@gmail.com.xpi FF Extension: gophoto - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\4jslxxfi.default\Extensions\gophoto@gophoto.it.xpi FF Extension: gpi - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\4jslxxfi.default\Extensions\gpi@gophoto.it.xpi FF Extension: IplextoALL - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\4jslxxfi.default\Extensions\IplextoALL@ALLPlayer.org.xpi FF Extension: jid0-wpCH2liWmuMjc8AV1VWejWvGjBI - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\4jslxxfi.default\Extensions\jid0-wpCH2liWmuMjc8AV1VWejWvGjBI@jetpack.xpi FF Extension: YouTubetoALL - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\4jslxxfi.default\Extensions\YouTubetoALL@ALLPlayer.org.xpi FF Extension: Adblock Plus - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\4jslxxfi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF HKLM-x32\...\Firefox\Extensions: [{3ED591BC-7CC7-495B-A526-B2431356EDC1}] - C:\Program Files (x86)\Ad Muncher\FirefoxExtension_2.0 FF Extension: Ad Muncher Browser Extensions - C:\Program Files (x86)\Ad Muncher\FirefoxExtension_2.0 FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF HKLM-x32\...\SeaMonkey\Extensions: [{3ED591BC-7CC7-495B-A526-B2431356EDC1}] - C:\Program Files (x86)\Ad Muncher\FirefoxExtension_2.0 FF Extension: Ad Muncher Browser Extensions - C:\Program Files (x86)\Ad Muncher\FirefoxExtension_2.0 Chrome: ======= CHR HomePage: hxxp://www.google.com CHR RestoreOnStartup: "hxxp://www.google.com/" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (GanymedeNet.Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npganymedenet.dll ( ) CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (LiveVDO plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll No File CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (IAHGames) - C:\Program Files (x86)\IAHgames\Playfast\npiahpd.dll (RSJ Software GmbH) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Unity Player) - C:\Users\Dom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Facebook Desktop) - C:\Users\Dom\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Dom\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Game Face Plugin) - C:\Users\Dom\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) CHR Plugin: (Raidcall plugin) - C:\Users\Dom\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) CHR Extension: (Remove Suggested Posts/Ads/etc from Facebook) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aokcjnnnleonaikoalkaodkgjpjdjccc\1.6.3_0 CHR Extension: (Google Drive) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (GoPhoto.it) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdjbhljkcfdfipjhecpfgagdalflncik\1.5_0 CHR Extension: (Turn Off the Lights) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.22_0 CHR Extension: (Adblock Plus) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0 CHR Extension: (RockAlone2k) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\efnnamhbbligjdkgkcolmmaoffobkbee\1.0.3_0 CHR Extension: (AdBlock) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.11_0 CHR Extension: (Google Translate for Google+) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfppgkomfopklagggkjiaddgndkgopgl\1.1.7_0 CHR Extension: (YouTube Downloader) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lecinmfhadegpcdocbpfdgffjopphmoa\11.0_0 CHR Extension: (Google Maps) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0 CHR Extension: (Google Mail Checker) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0 CHR Extension: (Baseball) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njneehkdlobpllhkldmhhephffnniaec\1.0_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Picasa) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0 CHR Extension: (Gmail) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [bdjbhljkcfdfipjhecpfgagdalflncik] - C:\Program Files (x86)\GoPhoto.it\gophotoit15.crx CHR HKLM-x32\...\Chrome\Extension: [bmbpbcpokffodhpcdjaoopolhdlbconi] - C:\Users\Dom\AppData\Local\Temp\tbch.crx CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx ==================== Services (Whitelisted) ================= R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.) R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO) R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-05-11] (Freemake) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [128928 2010-11-11] (Futuremark Corporation) R2 HiPatchService; D:\SMITE Beta\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios) S2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2012-09-19] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4135800 2011-05-15] (INCA Internet Co., Ltd.) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2013-09-19] () S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [743320 2012-09-25] (Tunngle.net GmbH) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.) ==================== Drivers (Whitelisted) ==================== R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] () R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [22736 2012-11-08] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-12] (DT Soft Ltd) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () S3 gdrv; C:\Windows\gdrv.sys [25640 2011-06-16] (Windows (R) Server 2003 DDK provider) S3 GZSQ; C:\Windows\SysWow64\drivers\GZSQ.SYS [29976 2007-12-14] (Compuware Corporation) R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-03] (INCA Internet Co., Ltd.) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-04-12] (Duplex Secure Ltd.) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2010-04-27] (MCCI Corporation) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) S3 TBPanel; No ImagePath S3 vproiah; C:\Windows\System32\DRIVERS\vproiah.sys [27848 2011-08-03] (RSJ Software GmbH) S3 cpuz130; \??\C:\Users\Dom\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x] S3 dump_wmimmc; \??\C:\Windows\system32\drivers\dump_wmimmc.sys [x] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [x] S3 IT9135BDA; System32\Drivers\IT9135BDA.sys [x] S3 SNPSTD3; system32\DRIVERS\snpstd3.sys [x] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x] S3 vtany; \??\C:\Windows\vtany.sys [x] S1 WRDRV; \SystemRoot\system32\drivers\wrdrv.sys [x] S3 X6va006; \??\C:\Users\Dom\AppData\Local\Temp\0068314.tmp [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-01 00:21 - 2013-11-01 00:21 - 00012569 _____ C:\Users\Dom\Desktop\AdwCleaner[S0].txt 2013-11-01 00:12 - 2013-11-01 00:16 - 00000000 ____D C:\AdwCleaner 2013-11-01 00:12 - 2013-11-01 00:12 - 01060070 _____ C:\Users\Dom\Desktop\adwcleaner.exe 2013-10-31 10:52 - 2013-11-01 00:23 - 00000000 ____D C:\Users\Dom\Desktop\SYSTEM 2013-10-31 09:50 - 2013-10-31 09:50 - 00000000 ____D C:\FRST 2013-10-29 09:32 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-10-29 09:32 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-10-29 09:32 - 2013-10-23 11:30 - 00023287 _____ C:\Windows\system32\nvinfo.pb 2013-10-29 09:32 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll 2013-10-28 16:17 - 2013-10-28 16:17 - 00000000 ____D C:\Program Files (x86)\LoLOracle 2013-10-28 15:44 - 2013-10-28 15:44 - 00002135 _____ C:\Users\Dom\.recently-used.xbel 2013-10-28 15:31 - 2013-10-28 15:31 - 00000000 ____D C:\Users\Dom\Documents\FIFA MANAGER 14 2013-10-27 01:09 - 2013-10-27 12:44 - 00000000 ____D C:\ProgramData\SecTaskMan 2013-10-27 01:09 - 2013-10-27 01:09 - 00000000 ____D C:\Program Files (x86)\Security Task Manager 2013-10-27 00:05 - 2013-10-27 00:05 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Malwarebytes 2013-10-27 00:05 - 2013-10-27 00:05 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-27 00:05 - 2013-10-27 00:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-27 00:05 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-25 15:13 - 2013-10-25 15:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2013-10-25 15:13 - 2013-10-25 15:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf 2013-10-25 14:02 - 2013-10-25 15:04 - 00121416 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys 2013-10-25 14:02 - 2013-10-25 14:02 - 00000000 ____D C:\Users\Dom\AppData\Roaming\MotioninJoy 2013-10-25 14:02 - 2013-10-25 14:02 - 00000000 ____D C:\Program Files\MotioninJoy 2013-10-25 14:02 - 2010-08-19 18:24 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2013-10-25 14:02 - 2010-08-19 18:24 - 00074960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xusb21.sys 2013-10-25 14:02 - 2010-05-03 15:12 - 00328712 _____ (Logitech Inc.) C:\Windows\system32\MijFrc.dll 2013-10-24 15:40 - 2013-10-24 15:40 - 00000000 ____D C:\Users\Dom\Documents\How To Survive Saves 2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-10-21 21:15 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll 2013-10-21 21:15 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll 2013-10-20 21:37 - 2013-10-20 21:37 - 00000000 __RHD C:\Users\Dom\AppData\Roaming\SecuROM 2013-10-20 21:37 - 2013-10-20 21:37 - 00000000 ____D C:\Users\Dom\Documents\EA Games 2013-10-18 09:34 - 2013-10-18 09:34 - 00000000 ____D C:\ProgramData\Oracle 2013-10-18 09:34 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-18 09:33 - 2013-10-18 09:33 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-18 09:33 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-18 09:33 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-18 09:33 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-15 18:55 - 2013-10-15 18:55 - 00003120 _____ C:\Windows\System32\Tasks\{7D5F148F-0AE9-4EE8-8E33-178E9B35276B} 2013-10-15 18:05 - 2013-10-15 18:05 - 00000000 ____D C:\Program Files\Defraggler 2013-10-14 12:37 - 2013-10-14 12:37 - 00000000 ____D C:\ProgramData\BlueStacks 2013-10-14 12:35 - 2013-10-14 12:39 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2013-10-11 18:00 - 2013-10-11 18:08 - 00000000 ____D C:\Users\Dom\AppData\Roaming\DawngateData 2013-10-09 17:09 - 2013-10-09 19:09 - 17813896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-10-04 10:38 - 2013-09-27 09:57 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433140.dll 2013-10-04 10:38 - 2013-09-27 09:57 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433140.dll 2013-10-04 09:39 - 2013-10-04 09:39 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-10-03 18:06 - 2013-10-03 18:06 - 00010852 _____ C:\Users\Dom\Desktop\PLAN.xlsx ==================== One Month Modified Files and Folders ======= 2013-11-01 00:24 - 2012-04-05 14:14 - 01315493 _____ C:\Windows\WindowsUpdate.log 2013-11-01 00:23 - 2013-10-31 10:52 - 00000000 ____D C:\Users\Dom\Desktop\SYSTEM 2013-11-01 00:21 - 2013-11-01 00:21 - 00012569 _____ C:\Users\Dom\Desktop\AdwCleaner[S0].txt 2013-11-01 00:20 - 2012-02-05 21:26 - 00000000 ____D C:\Users\Dom\AppData\Local\LogMeIn Hamachi 2013-11-01 00:18 - 2012-01-06 22:45 - 00001038 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-01 00:18 - 2009-12-31 23:02 - 00029026 _____ C:\Windows\setupact.log 2013-11-01 00:18 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-01 00:17 - 2011-07-12 18:48 - 00000000 ____D C:\ProgramData\NVIDIA 2013-11-01 00:17 - 2009-12-31 23:01 - 00009302 _____ C:\Windows\PFRO.log 2013-11-01 00:16 - 2013-11-01 00:12 - 00000000 ____D C:\AdwCleaner 2013-11-01 00:16 - 2012-04-05 14:19 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat 2013-11-01 00:12 - 2013-11-01 00:12 - 01060070 _____ C:\Users\Dom\Desktop\adwcleaner.exe 2013-11-01 00:12 - 2011-06-16 20:05 - 00000000 ___RD C:\Users\Dom\Pobrane 2013-11-01 00:11 - 2011-11-10 20:34 - 00000000 ____D C:\Users\Dom\Desktop\PROGRAMY 2013-11-01 00:09 - 2012-09-21 23:14 - 00000000 ____D C:\ProgramData\InstallMate 2013-11-01 00:09 - 2012-08-17 11:29 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-01 00:02 - 2012-01-06 22:45 - 00001042 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-01 00:00 - 2011-06-23 14:10 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Skype 2013-10-31 23:51 - 2012-07-26 21:59 - 00000000 ____D C:\Users\Dom\AppData\Local\PMB Files 2013-10-31 23:51 - 2012-07-26 21:59 - 00000000 ____D C:\ProgramData\PMB Files 2013-10-31 22:40 - 2013-09-07 16:58 - 00000384 _____ C:\Windows\Tasks\update-sys.job 2013-10-31 22:26 - 2013-01-30 11:58 - 00000920 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3890849927-490080802-2399739387-1000UA.job 2013-10-31 21:46 - 2013-09-07 16:58 - 00000384 _____ C:\Windows\Tasks\update-S-1-5-21-3890849927-490080802-2399739387-1000.job 2013-10-31 16:26 - 2013-01-30 11:58 - 00000898 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3890849927-490080802-2399739387-1000Core.job 2013-10-31 15:21 - 2009-07-14 05:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-31 15:21 - 2009-07-14 05:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-31 15:06 - 2013-09-25 19:03 - 00000000 ____D C:\Users\Dom\Documents\FIFA 14 2013-10-31 14:14 - 2011-10-03 15:55 - 00000000 ____D C:\Program Files (x86)\Origin 2013-10-31 10:52 - 2013-06-07 10:00 - 00000000 ____D C:\Users\Dom\Desktop\STUDIA 2013-10-31 09:50 - 2013-10-31 09:50 - 00000000 ____D C:\FRST 2013-10-30 17:47 - 2012-11-16 16:34 - 00000000 ____D C:\Users\Dom\AppData\Roaming\GG 2013-10-30 17:46 - 2012-11-16 16:34 - 00000000 ____D C:\Users\Dom\AppData\Local\GG 2013-10-30 10:35 - 2011-02-04 18:38 - 00752506 _____ C:\Windows\system32\perfh015.dat 2013-10-30 10:35 - 2011-02-04 18:38 - 00162402 _____ C:\Windows\system32\perfc015.dat 2013-10-30 10:35 - 2009-07-14 06:13 - 01705886 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-29 22:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2013-10-29 20:57 - 2013-09-10 20:16 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Spotify 2013-10-29 19:49 - 2013-09-10 20:16 - 00000000 ____D C:\Users\Dom\AppData\Local\Spotify 2013-10-29 09:39 - 2011-07-12 18:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-10-28 16:17 - 2013-10-28 16:17 - 00000000 ____D C:\Program Files (x86)\LoLOracle 2013-10-28 15:45 - 2012-03-03 01:53 - 00000000 ____D C:\Users\Dom\.gimp-2.6 2013-10-28 15:45 - 2012-02-24 15:18 - 00000000 ____D C:\Users\Dom\AppData\Roaming\IcoFX2X 2013-10-28 15:44 - 2013-10-28 15:44 - 00002135 _____ C:\Users\Dom\.recently-used.xbel 2013-10-28 15:44 - 2011-06-16 20:05 - 00000000 ____D C:\Users\Dom 2013-10-28 15:31 - 2013-10-28 15:31 - 00000000 ____D C:\Users\Dom\Documents\FIFA MANAGER 14 2013-10-28 15:30 - 2011-11-10 20:34 - 00000000 ____D C:\Users\Dom\Desktop\GRY 2013-10-28 13:16 - 2012-12-09 21:14 - 00000000 ____D C:\Program Files (x86)\Gophoto.it 2013-10-27 12:57 - 2013-05-16 21:03 - 00000000 ____D C:\Users\Dom\AppData\Roaming\WindowsPExE 2013-10-27 12:44 - 2013-10-27 01:09 - 00000000 ____D C:\ProgramData\SecTaskMan 2013-10-27 01:09 - 2013-10-27 01:09 - 00000000 ____D C:\Program Files (x86)\Security Task Manager 2013-10-27 01:05 - 2012-05-09 07:53 - 00000000 ____D C:\Windows\SysWOW64\Windows 2013-10-27 00:05 - 2013-10-27 00:05 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Malwarebytes 2013-10-27 00:05 - 2013-10-27 00:05 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-27 00:05 - 2013-10-27 00:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-26 21:58 - 2013-03-09 18:31 - 00000000 __SHD C:\Users\Dom\wc 2013-10-26 13:19 - 2012-02-29 07:05 - 00130048 ___SH C:\Users\Dom\Documents\Thumbs.db 2013-10-26 13:16 - 2012-02-13 12:36 - 00000000 ____D C:\Users\Dom\Documents\My Games 2013-10-26 13:10 - 2012-07-06 23:15 - 00000000 ____D C:\Users\Dom\AppData\Roaming\vlc 2013-10-26 13:01 - 2012-09-03 10:15 - 00024576 ___SH C:\Users\Dom\Thumbs.db 2013-10-25 15:13 - 2013-10-25 15:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2013-10-25 15:13 - 2013-10-25 15:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf 2013-10-25 15:04 - 2013-10-25 14:02 - 00121416 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys 2013-10-25 14:40 - 2013-09-30 12:07 - 00000000 ____D C:\Users\Dom\Desktop\Kontroler XBOX 2013-10-25 14:02 - 2013-10-25 14:02 - 00000000 ____D C:\Users\Dom\AppData\Roaming\MotioninJoy 2013-10-25 14:02 - 2013-10-25 14:02 - 00000000 ____D C:\Program Files\MotioninJoy 2013-10-24 15:40 - 2013-10-24 15:40 - 00000000 ____D C:\Users\Dom\Documents\How To Survive Saves 2013-10-23 11:30 - 2013-10-29 09:32 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-10-23 11:30 - 2013-10-29 09:32 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-10-23 11:30 - 2013-10-29 09:32 - 00023287 _____ C:\Windows\system32\nvinfo.pb 2013-10-23 11:30 - 2012-12-29 15:25 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-10-23 11:30 - 2012-12-29 15:25 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-10-23 11:30 - 2012-12-29 15:25 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-10-23 11:30 - 2012-12-29 15:25 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2013-10-23 11:30 - 2010-09-15 07:25 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-10-23 09:20 - 2012-04-17 09:03 - 03426956 _____ C:\Windows\system32\nvcoproc.bin 2013-10-23 09:20 - 2010-08-08 22:12 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-10-23 09:20 - 2010-08-08 22:12 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-10-23 09:20 - 2010-08-08 22:12 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-10-23 09:20 - 2010-08-08 22:12 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-10-23 09:20 - 2010-08-08 22:12 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-10-23 09:20 - 2010-08-08 22:12 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-10-21 21:22 - 2011-07-12 18:45 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-10-20 21:37 - 2013-10-20 21:37 - 00000000 __RHD C:\Users\Dom\AppData\Roaming\SecuROM 2013-10-20 21:37 - 2013-10-20 21:37 - 00000000 ____D C:\Users\Dom\Documents\EA Games 2013-10-20 20:20 - 2013-09-10 08:59 - 00487567 _____ C:\Windows\DirectX.log 2013-10-19 13:38 - 2011-06-16 21:23 - 00000000 ____D C:\Users\Dom\AppData\Roaming\uTorrent 2013-10-19 11:08 - 2011-12-17 13:21 - 00000000 ____D C:\Program Files (x86)\NapiProjekt 2013-10-18 09:34 - 2013-10-18 09:34 - 00000000 ____D C:\ProgramData\Oracle 2013-10-18 09:33 - 2013-10-18 09:33 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-18 09:33 - 2011-07-07 20:22 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-16 01:48 - 2013-10-21 21:15 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll 2013-10-16 01:48 - 2013-10-21 21:15 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll 2013-10-15 20:52 - 2011-06-23 14:10 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-10-15 20:52 - 2011-06-23 14:10 - 00000000 ____D C:\ProgramData\Skype 2013-10-15 18:55 - 2013-10-15 18:55 - 00003120 _____ C:\Windows\System32\Tasks\{7D5F148F-0AE9-4EE8-8E33-178E9B35276B} 2013-10-15 18:05 - 2013-10-15 18:05 - 00000000 ____D C:\Program Files\Defraggler 2013-10-14 12:39 - 2013-10-14 12:35 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2013-10-14 12:38 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries 2013-10-14 12:37 - 2013-10-14 12:37 - 00000000 ____D C:\ProgramData\BlueStacks 2013-10-14 12:37 - 2012-07-05 15:47 - 00000000 ____D C:\Program Files (x86)\BlueStacks 2013-10-11 18:08 - 2013-10-11 18:00 - 00000000 ____D C:\Users\Dom\AppData\Roaming\DawngateData 2013-10-11 09:57 - 2012-01-06 22:45 - 00004038 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-11 09:57 - 2012-01-06 22:45 - 00003786 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-09 19:09 - 2013-10-09 17:09 - 17813896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-10-09 19:09 - 2012-08-17 11:29 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-10-09 19:09 - 2012-04-03 05:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-09 19:09 - 2011-06-16 20:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-08 06:50 - 2013-10-18 09:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-08 06:46 - 2013-10-18 09:34 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-08 06:46 - 2013-10-18 09:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-08 06:46 - 2013-10-18 09:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-07 20:41 - 2012-01-06 15:52 - 00183112 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-10-07 20:10 - 2012-03-12 14:17 - 00000000 ____D C:\Users\Dom\AppData\Roaming\gtk-2.0 2013-10-05 13:49 - 2011-09-11 12:04 - 00029184 _____ C:\Users\Dom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-10-04 09:39 - 2013-10-04 09:39 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-10-03 18:06 - 2013-10-03 18:06 - 00010852 _____ C:\Users\Dom\Desktop\PLAN.xlsx Files to move or delete: ==================== C:\Users\Dom\ace_uninstaller.exe Some content of TEMP: ==================== C:\Users\Dom\AppData\Local\Temp\CleanSchedule.exe C:\Users\Dom\AppData\Local\Temp\ggdrive-menu.exe C:\Users\Dom\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\Dom\AppData\Local\Temp\installstats.exe C:\Users\Dom\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Dom\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Dom\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Dom\AppData\Local\Temp\nvStInst.exe C:\Users\Dom\AppData\Local\Temp\q3jdkojm.dll C:\Users\Dom\AppData\Local\Temp\Quarantine.exe C:\Users\Dom\AppData\Local\Temp\SRLDetectionLibrary162274391663334206.dll C:\Users\Dom\AppData\Local\Temp\vlc-2.0.8-win32.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-31 18:13 ==================== End Of Log ============================