Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014 Ran by Rusher (administrator) on RUSHER-KOMPUTER on 07-02-2014 22:35:16 Running from C:\Users\Rusher\Desktop\programsy Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2000-01-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2000-01-01] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation) HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET) HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS) HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2048665305-901967102-3235237696-1000\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe -silent AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation) AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation) AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=HitachiXHTS547550A9E384_J2150050CTEXRDCTEXRDX&ts=1377244360 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=HitachiXHTS547550A9E384_J2150050CTEXRDCTEXRDX&ts=1377244360 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=HitachiXHTS547550A9E384_J2150050CTEXRDCTEXRDX&ts=1377244360 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com/web/?utm_source=b&utm_medium=bnd&from=bnd&uid=HitachiXHTS547550A9E384_J2150050CTEXRDCTEXRDX&ts=1375793149 SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com/web/?utm_source=b&utm_medium=bnd&from=bnd&uid=HitachiXHTS547550A9E384_J2150050CTEXRDCTEXRDX&ts=1375793149 SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com/web/?utm_source=b&utm_medium=bnd&from=bnd&uid=HitachiXHTS547550A9E384_J2150050CTEXRDCTEXRDX&ts=1375793149 SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com/web/?utm_source=b&utm_medium=bnd&from=bnd&uid=HitachiXHTS547550A9E384_J2150050CTEXRDCTEXRDX&ts=1375793149 SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=D641162F68B6C954&affID=119357&tsp=4996 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=D641162F68B6C954&affID=119357&tsp=4996 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=HitachiXHTS547550A9E384_J2150050CTEXRDCTEXRDX&ts=1377244360 BHO-x32: No Name - {2316c625-b487-4410-a1a5-ff040b65245f} - No File BHO-x32: DealPly Shopping - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - C:\Program Files (x86)\DealPly\DealPlyIE.dll No File BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll No File Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 10.26.248.109 10.26.250.254 FireFox: ======== FF ProfilePath: C:\Users\Rusher\AppData\Roaming\Mozilla\Firefox\Profiles\dg10b03q.default FF user.js: detected! => C:\Users\Rusher\AppData\Roaming\Mozilla\Firefox\Profiles\dg10b03q.default\user.js FF SearchEngineOrder.1: Ask Search FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=3 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll () FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=9 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll () FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Users\Rusher\AppData\Roaming\Mozilla\Firefox\Profiles\dg10b03q.default\searchplugins\ask-search.xml FF SearchPlugin: C:\Users\Rusher\AppData\Roaming\Mozilla\Firefox\Profiles\dg10b03q.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\Rusher\AppData\Roaming\Mozilla\Firefox\Profiles\dg10b03q.default\searchplugins\BrowserProtect.xml FF SearchPlugin: C:\Users\Rusher\AppData\Roaming\Mozilla\Firefox\Profiles\dg10b03q.default\searchplugins\delta.xml FF Extension: Torntv V6.0 - C:\Users\Rusher\AppData\Roaming\Mozilla\Firefox\Profiles\dg10b03q.default\Extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com [2013-11-29] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-02-07] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-02-07] Chrome: ======= CHR Extension: (Dokumenty Google) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-08] CHR Extension: (Dysk Google) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-08] CHR Extension: (YouTube) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-08] CHR Extension: (Szukaj w Google) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-08] CHR Extension: (PutLockerDownloader V3.0) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\koalekbhpbggkcfhkkbolikjoaobbppi [2014-01-08] CHR Extension: (Google Wallet) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-08] CHR Extension: (Gmail) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-08] CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Rusher\AppData\Roaming\BabSolution\CR\Delta.crx [2014-01-08] CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - \User Data\Default\Extensions\newtab.crx [2013-08-23] CHR HKLM-x32\...\Chrome\Extension: [koalekbhpbggkcfhkkbolikjoaobbppi] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx [2013-04-11] ==================== Services (Whitelisted) ================= S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-08-24] () S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-08-24] () R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation) R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-08-23] (Taiwan Shui Mu Chih Ching Technology Limited.) ==================== Drivers (Whitelisted) ==================== R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET) S0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-09-21] () S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 WinRing0_1_2_0; \??\D:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-07 22:34 - 2014-02-07 22:35 - 00000000 ____D () C:\FRST 2014-02-07 21:53 - 2014-02-07 21:53 - 02079744 _____ (Farbar) C:\Users\Rusher\Downloads\FRST64 (1).exe 2014-02-07 21:13 - 2014-02-07 22:35 - 00000000 ____D () C:\Users\Rusher\Desktop\programsy 2014-02-07 20:39 - 2014-02-07 20:39 - 00000000 ____D () C:\ProgramData\ESET 2014-02-07 20:39 - 2014-02-07 20:39 - 00000000 ____D () C:\Program Files\ESET 2014-02-07 20:34 - 2014-02-07 20:35 - 72777728 _____ () C:\Users\Rusher\Desktop\eav_nt64_enu.msi 2014-02-07 19:51 - 2014-02-07 21:07 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-02-07 19:51 - 2014-02-07 19:51 - 00001007 _____ () C:\Users\Rusher\Desktop\SpeedFan.lnk 2014-02-07 19:51 - 2014-02-07 19:51 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo 2014-02-07 19:51 - 2014-02-07 19:51 - 00000000 ____D () C:\Users\Rusher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-02-07 19:50 - 2014-02-07 19:50 - 02143832 _____ () C:\Users\Rusher\Downloads\installspeedfan449(dobreprogramy.pl).exe 2014-02-07 19:14 - 2014-02-07 21:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-06 14:35 - 2014-02-06 14:35 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-02-06 14:35 - 2014-02-06 14:35 - 00000000 ____D () C:\Windows\system32\NV 2014-02-06 14:29 - 2014-02-06 14:30 - 266633424 _____ (NVIDIA Corporation) C:\Users\Rusher\Desktop\332.21-notebook-win8-win7-64bit-international-whql.exe 2014-01-31 20:44 - 2014-02-07 18:36 - 00001727 _____ () C:\Windows\setupact.log 2014-01-31 20:44 - 2014-01-31 20:44 - 00000000 _____ () C:\Windows\setuperr.log 2014-01-31 12:50 - 2014-02-06 14:35 - 00000000 ____D () C:\Users\Rusher\AppData\Local\NVIDIA Corporation 2014-01-31 12:46 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-01-31 12:46 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2014-01-31 12:46 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-01-31 12:46 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-01-31 12:46 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-01-31 12:46 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-01-31 12:45 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-01-31 12:45 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-01-31 12:43 - 2014-01-31 12:50 - 00000000 ____D () C:\Users\Rusher\AppData\Local\NVIDIA 2014-01-31 12:42 - 2014-01-31 12:42 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-01-31 12:34 - 2014-01-31 12:36 - 01637498 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-01-31 12:26 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-01-31 12:26 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys 2014-01-31 12:26 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-01-31 12:26 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2014-01-31 12:26 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-01-31 12:17 - 2014-01-31 12:17 - 00000000 ____D () C:\NVIDIA 2014-01-31 12:15 - 2014-01-31 12:17 - 262041840 _____ (NVIDIA Corporation) C:\Users\Rusher\Downloads\332.21-desktop-win8-win7-winvista-64bit-international-whql.exe 2014-01-09 12:28 - 2014-01-16 15:03 - 00023305 _____ () C:\Users\Rusher\Desktop\Ruch drogowy,cwiczenia.odt 2014-01-09 12:24 - 2014-01-09 12:24 - 00007334 _____ () C:\Users\Rusher\Desktop\Nowy OpenDocument Dokument tekstowy.odt 2014-01-08 18:10 - 2014-01-08 18:10 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk 2014-01-08 18:09 - 2014-02-07 22:20 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-08 18:09 - 2014-02-07 18:37 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-08 18:09 - 2014-02-06 14:22 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-01-08 18:09 - 2014-01-08 18:15 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-01-08 18:09 - 2014-01-08 18:15 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-01-08 18:08 - 2014-01-08 18:08 - 00819328 _____ (Google Inc.) C:\Users\Rusher\Desktop\googleupdatesetup.exe ==================== One Month Modified Files and Folders ======= 2014-02-07 22:35 - 2014-02-07 22:34 - 00000000 ____D () C:\FRST 2014-02-07 22:35 - 2014-02-07 21:13 - 00000000 ____D () C:\Users\Rusher\Desktop\programsy 2014-02-07 22:30 - 2013-11-01 22:30 - 00000292 _____ () C:\Windows\Tasks\FoxTab.job 2014-02-07 22:23 - 2013-08-24 17:53 - 00000000 ____D () C:\Users\Rusher\AppData\Roaming\Skype 2014-02-07 22:20 - 2014-01-08 18:09 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-07 21:53 - 2014-02-07 21:53 - 02079744 _____ (Farbar) C:\Users\Rusher\Downloads\FRST64 (1).exe 2014-02-07 21:53 - 2013-08-24 17:48 - 00000906 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job 2014-02-07 21:53 - 2013-04-28 13:29 - 01810274 _____ () C:\Windows\WindowsUpdate.log 2014-02-07 21:34 - 2014-02-07 19:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-07 21:07 - 2014-02-07 19:51 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-02-07 21:03 - 2013-04-28 20:30 - 00000000 ____D () C:\Users\Rusher\AppData\Roaming\TS3Client 2014-02-07 20:51 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-07 20:51 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-07 20:39 - 2014-02-07 20:39 - 00000000 ____D () C:\ProgramData\ESET 2014-02-07 20:39 - 2014-02-07 20:39 - 00000000 ____D () C:\Program Files\ESET 2014-02-07 20:35 - 2014-02-07 20:34 - 72777728 _____ () C:\Users\Rusher\Desktop\eav_nt64_enu.msi 2014-02-07 19:51 - 2014-02-07 19:51 - 00001007 _____ () C:\Users\Rusher\Desktop\SpeedFan.lnk 2014-02-07 19:51 - 2014-02-07 19:51 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo 2014-02-07 19:51 - 2014-02-07 19:51 - 00000000 ____D () C:\Users\Rusher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-02-07 19:50 - 2014-02-07 19:50 - 02143832 _____ () C:\Users\Rusher\Downloads\installspeedfan449(dobreprogramy.pl).exe 2014-02-07 18:53 - 2013-08-24 17:48 - 00000902 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job 2014-02-07 18:48 - 2013-08-23 08:52 - 00000000 ____D () C:\Program Files (x86)\WinZipper 2014-02-07 18:41 - 2011-04-12 14:21 - 00737480 _____ () C:\Windows\system32\perfh015.dat 2014-02-07 18:41 - 2011-04-12 14:21 - 00154136 _____ () C:\Windows\system32\perfc015.dat 2014-02-07 18:41 - 2009-07-14 06:13 - 01661232 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-07 18:37 - 2014-01-08 18:09 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-07 18:37 - 2013-11-29 22:37 - 00002174 _____ () C:\Windows\Tasks\Torntv V6.0-firefoxinstaller.job 2014-02-07 18:37 - 2013-11-29 22:37 - 00001298 _____ () C:\Windows\Tasks\Torntv V6.0-updater.job 2014-02-07 18:36 - 2014-01-31 20:44 - 00001727 _____ () C:\Windows\setupact.log 2014-02-07 18:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-06 18:15 - 2013-05-24 17:32 - 00000000 ____D () C:\Users\Rusher\AppData\Roaming\uTorrent 2014-02-06 14:35 - 2014-02-06 14:35 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-02-06 14:35 - 2014-02-06 14:35 - 00000000 ____D () C:\Windows\system32\NV 2014-02-06 14:35 - 2014-01-31 12:50 - 00000000 ____D () C:\Users\Rusher\AppData\Local\NVIDIA Corporation 2014-02-06 14:35 - 2013-04-28 17:53 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-02-06 14:30 - 2014-02-06 14:29 - 266633424 _____ (NVIDIA Corporation) C:\Users\Rusher\Desktop\332.21-notebook-win8-win7-64bit-international-whql.exe 2014-02-06 14:22 - 2014-01-08 18:09 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-01-31 20:44 - 2014-01-31 20:44 - 00000000 _____ () C:\Windows\setuperr.log 2014-01-31 12:50 - 2014-01-31 12:43 - 00000000 ____D () C:\Users\Rusher\AppData\Local\NVIDIA 2014-01-31 12:50 - 2013-04-28 17:52 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-01-31 12:45 - 2013-04-28 17:52 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-01-31 12:45 - 2013-04-28 17:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-01-31 12:42 - 2014-01-31 12:42 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-01-31 12:36 - 2014-01-31 12:34 - 01637498 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-01-31 12:17 - 2014-01-31 12:17 - 00000000 ____D () C:\NVIDIA 2014-01-31 12:17 - 2014-01-31 12:15 - 262041840 _____ (NVIDIA Corporation) C:\Users\Rusher\Downloads\332.21-desktop-win8-win7-winvista-64bit-international-whql.exe 2014-01-30 18:48 - 2013-04-28 13:36 - 00000000 ___RD () C:\Users\Rusher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-01-16 15:03 - 2014-01-09 12:28 - 00023305 _____ () C:\Users\Rusher\Desktop\Ruch drogowy,cwiczenia.odt 2014-01-12 10:59 - 2013-12-05 09:54 - 00000000 ____D () C:\Users\Rusher\Desktop\Epickie bitwy 2014-01-11 04:33 - 2013-06-06 14:24 - 00000000 ____D () C:\Users\Rusher\AppData\Local\PMB Files 2014-01-11 04:33 - 2013-06-06 14:24 - 00000000 ____D () C:\ProgramData\PMB Files 2014-01-09 12:24 - 2014-01-09 12:24 - 00007334 _____ () C:\Users\Rusher\Desktop\Nowy OpenDocument Dokument tekstowy.odt 2014-01-08 18:15 - 2014-01-08 18:09 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-01-08 18:15 - 2014-01-08 18:09 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-01-08 18:10 - 2014-01-08 18:10 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk 2014-01-08 18:10 - 2013-08-11 10:06 - 00000000 ____D () C:\Users\Rusher\AppData\Local\Google 2014-01-08 18:10 - 2013-08-11 10:06 - 00000000 ____D () C:\Program Files (x86)\Google 2014-01-08 18:08 - 2014-01-08 18:08 - 00819328 _____ (Google Inc.) C:\Users\Rusher\Desktop\googleupdatesetup.exe Some content of TEMP: ==================== C:\Users\Rusher\AppData\Local\Temp\InstHelper.exe C:\Users\Rusher\AppData\Local\Temp\sfamcc00001.dll C:\Users\Rusher\AppData\Local\Temp\sfextra.dll C:\Users\Rusher\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-20 18:09 ==================== End Of Log ============================