Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014 Ran by Rusher (administrator) on RUSHER-KOMPUTER on 08-02-2014 17:33:27 Running from C:\Users\Rusher\Desktop\programsy Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Registry (Whitelisted) ================== Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation) AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation) AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206 FireFox: ======== FF ProfilePath: C:\Users\Rusher\AppData\Roaming\Mozilla\Firefox\Profiles\a1wlsmaq.default-1391876257979 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () CHR Extension: (Dokumenty Google) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-08] CHR Extension: (Dysk Google) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-08] CHR Extension: (YouTube) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-08] CHR Extension: (Szukaj w Google) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-08] CHR Extension: (Google Wallet) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-08] CHR Extension: (Gmail) - C:\Users\Rusher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-08] ==================== Services (Whitelisted) ================= R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation) ==================== Drivers (Whitelisted) ==================== R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-08] (REALiX(tm)) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-09-21] () S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-08 17:30 - 2014-02-08 17:30 - 00448512 _____ (OldTimer Tools) C:\Users\Rusher\Downloads\TFC.exe 2014-02-08 17:24 - 2014-02-08 17:25 - 00000000 ____D () C:\AdwCleaner 2014-02-08 17:24 - 2014-02-08 17:24 - 01166132 _____ () C:\Users\Rusher\Downloads\AdwCleaner.exe 2014-02-08 17:17 - 2014-02-08 17:17 - 00000000 ____D () C:\Users\Rusher\Desktop\Stare dane programu Firefox 2014-02-08 17:16 - 2014-02-08 17:16 - 00000000 ____D () C:\MATS 2014-02-08 11:24 - 2014-02-08 11:24 - 00031648 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS 2014-02-08 11:24 - 2014-02-08 11:24 - 00000000 ____D () C:\Users\Rusher\AppData\Roaming\Opera Software 2014-02-08 11:24 - 2014-02-08 11:24 - 00000000 ____D () C:\Users\Rusher\AppData\Local\Opera Software 2014-02-08 11:23 - 2014-02-08 11:23 - 00000000 ____D () C:\Program Files\HWiNFO64 2014-02-08 11:22 - 2014-02-08 11:22 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D7 2014-02-08 11:22 - 2014-02-08 11:22 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D6 2014-02-08 11:22 - 2014-02-08 11:22 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D5 2014-02-08 11:22 - 2014-02-08 11:22 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D4 2014-02-08 11:22 - 2014-02-08 11:22 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D3 2014-02-08 11:21 - 2014-02-08 11:25 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-02-08 11:21 - 2014-02-08 11:21 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D2 2014-02-08 11:21 - 2014-02-08 11:21 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D1 2014-02-08 11:05 - 2014-02-08 11:05 - 02990656 _____ (Martin Malík - REALiX ) C:\Users\Rusher\Downloads\hw64_432.exe 2014-02-08 11:05 - 2014-02-08 11:05 - 00666648 _____ () C:\Users\Rusher\Downloads\HWiNFO32(15982).exe 2014-02-08 09:44 - 2014-02-08 17:26 - 00000504 _____ () C:\Windows\setupact.log 2014-02-08 09:44 - 2014-02-08 09:44 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-08 00:17 - 2014-02-08 00:17 - 00000000 _____ () C:\Users\Rusher\Desktop\nod32 x2.txt 2014-02-07 22:34 - 2014-02-08 17:33 - 00000000 ____D () C:\FRST 2014-02-07 21:53 - 2014-02-07 21:53 - 02079744 _____ (Farbar) C:\Users\Rusher\Downloads\FRST64 (1).exe 2014-02-07 21:13 - 2014-02-08 17:33 - 00000000 ____D () C:\Users\Rusher\Desktop\programsy 2014-02-07 20:34 - 2014-02-07 20:35 - 72777728 _____ () C:\Users\Rusher\Desktop\eav_nt64_enu.msi 2014-02-07 19:51 - 2014-02-08 11:00 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-02-07 19:51 - 2014-02-07 19:51 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo 2014-02-07 19:50 - 2014-02-07 19:50 - 02143832 _____ () C:\Users\Rusher\Downloads\installspeedfan449(dobreprogramy.pl).exe 2014-02-07 19:14 - 2014-02-07 21:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-06 14:35 - 2014-02-06 14:35 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-02-06 14:35 - 2014-02-06 14:35 - 00000000 ____D () C:\Windows\system32\NV 2014-01-31 12:50 - 2014-02-06 14:35 - 00000000 ____D () C:\Users\Rusher\AppData\Local\NVIDIA Corporation 2014-01-31 12:46 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-01-31 12:46 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2014-01-31 12:46 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-01-31 12:46 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-01-31 12:46 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-01-31 12:46 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-01-31 12:45 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-01-31 12:45 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-01-31 12:43 - 2014-01-31 12:50 - 00000000 ____D () C:\Users\Rusher\AppData\Local\NVIDIA 2014-01-31 12:42 - 2014-01-31 12:42 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-01-31 12:34 - 2014-01-31 12:36 - 01637498 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-01-31 12:26 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-01-31 12:26 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-01-31 12:26 - 2013-12-19 21:33 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys 2014-01-31 12:26 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-01-31 12:26 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2014-01-31 12:26 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-01-31 12:17 - 2014-01-31 12:17 - 00000000 ____D () C:\NVIDIA 2014-01-31 12:15 - 2014-01-31 12:17 - 262041840 _____ (NVIDIA Corporation) C:\Users\Rusher\Downloads\332.21-desktop-win8-win7-winvista-64bit-international-whql.exe 2014-01-09 12:28 - 2014-01-16 15:03 - 00023305 _____ () C:\Users\Rusher\Desktop\Ruch drogowy,cwiczenia.odt 2014-01-09 12:24 - 2014-01-09 12:24 - 00007334 _____ () C:\Users\Rusher\Desktop\Nowy OpenDocument Dokument tekstowy.odt ==================== One Month Modified Files and Folders ======= 2014-02-08 17:33 - 2014-02-07 22:34 - 00000000 ____D () C:\FRST 2014-02-08 17:33 - 2014-02-07 21:13 - 00000000 ____D () C:\Users\Rusher\Desktop\programsy 2014-02-08 17:32 - 2013-08-24 17:53 - 00000000 ____D () C:\Users\Rusher\AppData\Roaming\Skype 2014-02-08 17:30 - 2014-02-08 17:30 - 00448512 _____ (OldTimer Tools) C:\Users\Rusher\Downloads\TFC.exe 2014-02-08 17:26 - 2014-02-08 09:44 - 00000504 _____ () C:\Windows\setupact.log 2014-02-08 17:26 - 2014-01-08 18:09 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-08 17:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-08 17:25 - 2014-02-08 17:24 - 00000000 ____D () C:\AdwCleaner 2014-02-08 17:25 - 2013-04-28 13:36 - 00001182 _____ () C:\Users\Rusher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-02-08 17:25 - 2013-04-28 13:29 - 01869871 _____ () C:\Windows\WindowsUpdate.log 2014-02-08 17:24 - 2014-02-08 17:24 - 01166132 _____ () C:\Users\Rusher\Downloads\AdwCleaner.exe 2014-02-08 17:20 - 2014-01-08 18:09 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-08 17:17 - 2014-02-08 17:17 - 00000000 ____D () C:\Users\Rusher\Desktop\Stare dane programu Firefox 2014-02-08 17:16 - 2014-02-08 17:16 - 00000000 ____D () C:\MATS 2014-02-08 14:14 - 2013-04-28 20:30 - 00000000 ____D () C:\Users\Rusher\AppData\Roaming\TS3Client 2014-02-08 13:59 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-08 13:59 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-08 11:25 - 2014-02-08 11:21 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-02-08 11:24 - 2014-02-08 11:24 - 00031648 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS 2014-02-08 11:24 - 2014-02-08 11:24 - 00000000 ____D () C:\Users\Rusher\AppData\Roaming\Opera Software 2014-02-08 11:24 - 2014-02-08 11:24 - 00000000 ____D () C:\Users\Rusher\AppData\Local\Opera Software 2014-02-08 11:23 - 2014-02-08 11:23 - 00000000 ____D () C:\Program Files\HWiNFO64 2014-02-08 11:22 - 2014-02-08 11:22 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D7 2014-02-08 11:22 - 2014-02-08 11:22 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D6 2014-02-08 11:22 - 2014-02-08 11:22 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D5 2014-02-08 11:22 - 2014-02-08 11:22 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D4 2014-02-08 11:22 - 2014-02-08 11:22 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D3 2014-02-08 11:21 - 2014-02-08 11:21 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D2 2014-02-08 11:21 - 2014-02-08 11:21 - 00003270 _____ () C:\Windows\System32\Tasks\Opera D1 2014-02-08 11:05 - 2014-02-08 11:05 - 02990656 _____ (Martin Malík - REALiX ) C:\Users\Rusher\Downloads\hw64_432.exe 2014-02-08 11:05 - 2014-02-08 11:05 - 00666648 _____ () C:\Users\Rusher\Downloads\HWiNFO32(15982).exe 2014-02-08 11:00 - 2014-02-07 19:51 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-02-08 09:44 - 2014-02-08 09:44 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-08 00:17 - 2014-02-08 00:17 - 00000000 _____ () C:\Users\Rusher\Desktop\nod32 x2.txt 2014-02-07 23:21 - 2011-04-12 14:21 - 00737480 _____ () C:\Windows\system32\perfh015.dat 2014-02-07 23:21 - 2011-04-12 14:21 - 00154136 _____ () C:\Windows\system32\perfc015.dat 2014-02-07 23:21 - 2009-07-14 06:13 - 01661232 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-07 23:12 - 2013-11-29 22:37 - 00000000 ____D () C:\Program Files (x86)\Torntv V6.0 2014-02-07 21:53 - 2014-02-07 21:53 - 02079744 _____ (Farbar) C:\Users\Rusher\Downloads\FRST64 (1).exe 2014-02-07 21:34 - 2014-02-07 19:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-07 20:35 - 2014-02-07 20:34 - 72777728 _____ () C:\Users\Rusher\Desktop\eav_nt64_enu.msi 2014-02-07 19:51 - 2014-02-07 19:51 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo 2014-02-07 19:50 - 2014-02-07 19:50 - 02143832 _____ () C:\Users\Rusher\Downloads\installspeedfan449(dobreprogramy.pl).exe 2014-02-06 18:15 - 2013-05-24 17:32 - 00000000 ____D () C:\Users\Rusher\AppData\Roaming\uTorrent 2014-02-06 14:35 - 2014-02-06 14:35 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-02-06 14:35 - 2014-02-06 14:35 - 00000000 ____D () C:\Windows\system32\NV 2014-02-06 14:35 - 2014-01-31 12:50 - 00000000 ____D () C:\Users\Rusher\AppData\Local\NVIDIA Corporation 2014-02-06 14:35 - 2013-04-28 17:53 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-02-06 14:22 - 2014-01-08 18:09 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-01-31 12:50 - 2014-01-31 12:43 - 00000000 ____D () C:\Users\Rusher\AppData\Local\NVIDIA 2014-01-31 12:50 - 2013-04-28 17:52 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-01-31 12:45 - 2013-04-28 17:52 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-01-31 12:45 - 2013-04-28 17:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-01-31 12:42 - 2014-01-31 12:42 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-01-31 12:36 - 2014-01-31 12:34 - 01637498 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-01-31 12:17 - 2014-01-31 12:17 - 00000000 ____D () C:\NVIDIA 2014-01-31 12:17 - 2014-01-31 12:15 - 262041840 _____ (NVIDIA Corporation) C:\Users\Rusher\Downloads\332.21-desktop-win8-win7-winvista-64bit-international-whql.exe 2014-01-30 18:48 - 2013-04-28 13:36 - 00000000 ___RD () C:\Users\Rusher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-01-16 15:03 - 2014-01-09 12:28 - 00023305 _____ () C:\Users\Rusher\Desktop\Ruch drogowy,cwiczenia.odt 2014-01-12 10:59 - 2013-12-05 09:54 - 00000000 ____D () C:\Users\Rusher\Desktop\Epickie bitwy 2014-01-11 04:33 - 2013-06-06 14:24 - 00000000 ____D () C:\Users\Rusher\AppData\Local\PMB Files 2014-01-11 04:33 - 2013-06-06 14:24 - 00000000 ____D () C:\ProgramData\PMB Files 2014-01-09 12:24 - 2014-01-09 12:24 - 00007334 _____ () C:\Users\Rusher\Desktop\Nowy OpenDocument Dokument tekstowy.odt ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-08 10:28 ==================== End Of Log ============================