Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-02-2014 Ran by Admin (administrator) on NTT on 20-02-2014 22:25:33 Running from C:\Users\Admin\Downloads Microsoft Windows 7 Professional (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\system32\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Razer Inc.) C:\Program Files\Razer Game Booster\RzKLService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Electronic Arts) C:\Program Files\Origin\Origin.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation) HKLM\...\Run: [NvBackend] - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap.dll [982232 2013-12-10] (NVIDIA Corporation) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKU\S-1-5-21-3944376034-2082120229-1992142864-1000\...\Run: [Spol] - http://www.toya.net.pl/~spol/site/index.htm HKU\S-1-5-21-3944376034-2082120229-1992142864-1000\...\MountPoints2: {1ca24331-5ca8-11e3-95d0-806e6f6e6963} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3944376034-2082120229-1992142864-1000\...\MountPoints2: {6b01264b-8370-11e3-b472-d460bd042446} - E:\Startme.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.spolszczenia.pl.prv.pl BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Chrome: ======= CHR HomePage: https://www.google.pl/webhp?authuser=1 CHR Extension: (Dokumenty Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-29] CHR Extension: (Dysk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-29] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-29] CHR Extension: (Szukaj w Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-29] CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-30] CHR Extension: (ClipConverter) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\njjjgjlocdhecpgdcfjblcnfebfnmhpp [2014-01-29] CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-29] CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-29] ========================== Services (Whitelisted) ================= R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14658848 2013-12-10] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-11-30] () R2 RzKLService; C:\Program Files\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.) S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) ==================== Drivers (Whitelisted) ==================== R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.) R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [50728 2014-02-20] (Eugene V. Muzychenko) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22688 2014-02-20] (REALiX(tm)) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-05] (NVIDIA Corporation) S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-20 22:25 - 2014-02-20 22:25 - 00006904 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-02-20 22:25 - 2014-02-20 22:25 - 00000000 ____D () C:\FRST 2014-02-20 22:24 - 2014-02-20 22:24 - 01142784 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe 2014-02-20 22:16 - 2014-02-20 22:16 - 00079694 _____ () C:\Users\Admin\Desktop\OTL.Txt 2014-02-20 22:16 - 2014-02-20 22:16 - 00051154 _____ () C:\Users\Admin\Desktop\Extras.Txt 2014-02-20 22:10 - 2014-02-20 22:10 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Downloads\OTL.exe 2014-02-20 22:08 - 2014-02-20 22:08 - 00522360 _____ (Duplex Secure Ltd.) C:\Users\Admin\Downloads\SPTDinst-v186-x86.exe 2014-02-20 21:50 - 2014-02-20 21:50 - 00001969 _____ () C:\Users\Admin\Desktop\CrystalDiskInfo Shizuku Edition.lnk 2014-02-20 21:50 - 2014-02-20 21:50 - 00000000 ____D () C:\Program Files\CrystalDiskInfo 2014-02-20 21:47 - 2014-02-20 21:49 - 41281696 _____ (Crystal Dew World ) C:\Users\Admin\Downloads\CrystalDiskInfo6_1_8ShizukuFull-en.exe 2014-02-20 21:04 - 2014-02-20 21:04 - 00022688 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS 2014-02-20 21:02 - 2014-02-20 21:02 - 00000000 ____D () C:\Program Files\HWiNFO32 2014-02-20 21:01 - 2014-02-20 21:01 - 02547256 _____ (Martin Malík - REALiX ) C:\Users\Admin\Downloads\hw32_434.exe 2014-02-20 19:46 - 2013-08-10 16:39 - 01839104 _____ () C:\Users\Admin\Desktop\memtest86+-5.01.iso 2014-02-20 19:45 - 2014-02-20 19:45 - 00059435 _____ () C:\Users\Admin\Downloads\memtest86+-5.01.iso.zip 2014-02-20 14:36 - 2014-02-20 14:36 - 00159904 _____ () C:\Windows\Minidump\022014-17706-01.dmp 2014-02-20 02:47 - 2014-02-20 02:47 - 00159960 _____ () C:\Windows\Minidump\022014-44507-01.dmp 2014-02-20 00:23 - 2014-02-20 00:24 - 00000000 ____D () C:\Program Files\Virtual Audio Cable 2014-02-20 00:23 - 2014-02-20 00:23 - 00380021 _____ () C:\Users\Admin\Downloads\Virtual Audio Cable 4.10.rar 2014-02-20 00:23 - 2014-02-20 00:23 - 00050728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2014-02-19 22:49 - 2014-02-19 23:51 - 00000000 ____D () C:\Users\Admin\Documents\Pobrane 2014-02-19 18:59 - 2014-02-19 19:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Nero 2014-02-19 18:52 - 2014-02-20 22:04 - 00000000 ____D () C:\ProgramData\Nero 2014-02-19 18:50 - 2014-02-19 18:50 - 00000000 ____D () C:\Program Files\MSXML 4.0 2014-02-19 18:35 - 2014-02-19 18:35 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\PowerISO 2014-02-19 18:35 - 2013-12-13 14:13 - 04673536 _____ () C:\Users\Admin\Desktop\Memtest86-5.0.0.iso 2014-02-19 18:34 - 2014-02-19 18:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\SearchProtect 2014-02-19 18:34 - 2014-02-19 18:34 - 00000000 ____D () C:\Program Files\SearchProtect 2014-02-19 18:34 - 2014-02-19 18:34 - 00000000 _____ () C:\END 2014-02-19 12:55 - 2014-02-08 19:27 - 23683360 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll 2014-02-19 12:55 - 2014-02-08 19:27 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-02-19 12:55 - 2014-02-08 19:27 - 10180896 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-02-19 12:55 - 2014-02-08 19:27 - 09728064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-02-19 12:55 - 2014-02-08 19:27 - 09690424 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-02-19 12:55 - 2014-02-08 19:27 - 02956576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-02-19 12:55 - 2014-02-08 19:27 - 02410784 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-02-19 12:55 - 2014-02-08 19:27 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233489.dll 2014-02-19 12:55 - 2014-02-08 19:27 - 00895264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233489.dll 2014-02-19 12:55 - 2014-02-08 19:27 - 00863520 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll 2014-02-19 12:55 - 2014-02-08 19:27 - 00844576 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll 2014-02-19 12:55 - 2014-02-08 19:27 - 00305600 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll 2014-02-19 12:55 - 2014-02-08 19:27 - 00148528 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll 2014-02-19 12:53 - 2014-02-19 12:53 - 00000000 ____D () C:\NVIDIA 2014-02-19 12:45 - 2014-02-19 12:45 - 00000627 _____ () C:\Users\Admin\Desktop\SA-MP.lnk 2014-02-19 00:17 - 2014-02-20 02:35 - 00002486 _____ () C:\Windows\PFRO.log 2014-02-18 14:14 - 2014-02-18 14:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer 2014-02-16 14:17 - 2014-02-16 14:17 - 08371244 _____ () C:\Users\Admin\Desktop\Głsy.wav 2014-02-16 14:13 - 2014-02-16 14:14 - 09601068 _____ () C:\Users\Admin\Desktop\Final.wav 2014-02-16 14:07 - 2014-02-16 14:10 - 08028204 _____ () C:\Users\Admin\Desktop\Dogrywka.wav 2014-02-16 14:05 - 2014-02-16 14:05 - 09289772 _____ () C:\Users\Admin\Desktop\DissNaSevaBit.wav 2014-02-16 14:02 - 2014-02-16 14:03 - 09031724 _____ () C:\Users\Admin\Desktop\dissnaseva.wav 2014-02-15 23:51 - 2014-02-16 03:29 - 00000939 _____ () C:\Users\Admin\Desktop\Rust.lnk 2014-02-15 23:48 - 2014-02-15 23:48 - 00000000 ___SH () C:\Users\Admin\AppData\Local\LumaEmu 2014-02-15 23:39 - 2014-02-15 23:39 - 00000000 ____D () C:\ProgramData\Package Cache 2014-02-15 11:33 - 2014-02-15 11:34 - 08011820 _____ () C:\Users\Admin\Desktop\Podwójne.wav 2014-02-15 01:00 - 2014-02-15 01:00 - 08241196 _____ () C:\Users\Admin\Desktop\SevvDiss.wav 2014-02-14 20:01 - 2014-02-20 20:41 - 00003407 _____ () C:\Windows\setupact.log 2014-02-14 20:01 - 2014-02-20 14:36 - 255253877 _____ () C:\Windows\MEMORY.DMP 2014-02-14 20:01 - 2014-02-14 20:01 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-14 17:57 - 2014-02-14 17:57 - 00000707 _____ () C:\Users\Admin\Desktop\COD MW3.lnk 2014-02-14 13:21 - 2014-02-15 00:45 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Cool Record Edit Pro 2014-02-14 13:21 - 2014-02-14 13:21 - 00002006 _____ () C:\Users\Admin\Desktop\Cool Record Edit Pro.lnk 2014-02-14 13:21 - 2014-02-14 13:21 - 00000000 ____D () C:\Program Files\Cool Record Edit Pro 2014-02-14 13:21 - 2006-03-23 12:56 - 00113486 _____ () C:\Windows\system32\NCTWMAProfiles.prx 2014-02-14 13:21 - 2005-05-18 11:52 - 01212416 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioInformation2.dll 2014-02-14 13:21 - 2005-05-17 12:37 - 01986560 _____ (NCT Company Ltd.) C:\Windows\system32\NCTAudioFile2.dll 2014-02-14 13:21 - 2005-04-25 13:01 - 00458752 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioRecord2.dll 2014-02-14 13:21 - 2005-04-25 13:01 - 00458752 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioPlayer2.dll 2014-02-14 13:21 - 2005-04-15 12:08 - 00880640 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioEditor2.dll 2014-02-14 13:21 - 2005-04-04 17:21 - 00602112 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioTransform2.dll 2014-02-14 13:21 - 2005-03-28 15:54 - 00479232 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioVisualization2.dll 2014-02-14 13:21 - 2005-03-28 15:52 - 00417792 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTTextToAudio2.dll 2014-02-14 13:21 - 2005-02-24 11:51 - 00348160 _____ (NCT Company Ltd.) C:\Windows\system32\NCTWMAFile2.dll 2014-02-14 13:21 - 2004-11-04 13:31 - 00835584 _____ (NCT) C:\Windows\system32\NCTAudioCDGrabber2.dll 2014-02-14 13:21 - 2002-01-05 16:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll 2014-02-14 13:02 - 2014-02-14 13:02 - 00000718 _____ () C:\Users\Admin\Desktop\GoldWave.lnk 2014-02-14 13:02 - 2014-02-14 13:02 - 00000000 ____D () C:\Program Files\GoldWave 2014-02-14 12:57 - 2014-02-14 13:16 - 07314472 _____ () C:\Users\Admin\Desktop\SevDiss.wav 2014-02-14 12:56 - 2014-02-16 14:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Audacity 2014-02-14 12:55 - 2014-02-14 12:55 - 00000969 _____ () C:\Users\Public\Desktop\Audacity.lnk 2014-02-14 12:55 - 2014-02-14 12:55 - 00000000 ____D () C:\Program Files\Audacity 2014-02-14 10:58 - 2014-02-14 10:59 - 00000000 ____D () C:\Users\Admin\Desktop\Crack 2014-02-10 22:15 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-02-10 22:15 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-02-10 22:15 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-02-10 22:15 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-02-10 22:15 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-02-10 22:15 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-02-10 22:15 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-02-10 22:14 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-02-10 22:14 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-02-10 21:42 - 2014-02-11 16:24 - 00000000 ____D () C:\ProgramData\Avira 2014-02-10 21:42 - 2014-02-11 16:24 - 00000000 ____D () C:\Program Files\Avira 2014-02-10 21:40 - 2014-02-10 21:40 - 00000000 ____D () C:\Users\Admin\Documents\Razer 2014-02-10 21:40 - 2014-02-10 21:40 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer_Inc 2014-02-10 21:34 - 2014-02-10 21:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer 2014-02-10 21:33 - 2014-02-10 21:44 - 00000000 ____D () C:\Program Files\Razer Game Booster 2014-02-10 21:33 - 2014-02-10 21:33 - 00001957 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk 2014-02-10 21:33 - 2014-02-10 21:33 - 00000000 ____D () C:\ProgramData\Razer 2014-02-08 23:38 - 2014-02-09 10:22 - 00000000 ____D () C:\ProgramData\Adobe 2014-02-08 23:38 - 2014-02-08 23:38 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-02-08 23:38 - 2014-02-08 23:38 - 00000000 ____D () C:\Program Files\Adobe 2014-02-08 23:07 - 2014-02-08 23:39 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe 2014-02-08 22:22 - 2014-02-08 22:22 - 00000000 ____D () C:\Users\Admin\Documents\My Games 2014-02-08 22:22 - 2014-02-08 22:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2014-02-08 22:22 - 2014-02-08 22:22 - 00000000 ____D () C:\Users\Admin\AppData\Local\WarThunder 2014-02-08 22:22 - 2014-02-08 22:22 - 00000000 ____D () C:\ProgramData\WarThunder 2014-02-07 23:54 - 2013-12-19 21:26 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233221.dll 2014-02-07 23:54 - 2013-12-19 21:26 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233221.dll 2014-02-07 23:54 - 2013-11-28 14:38 - 00162592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys 2014-02-07 23:54 - 2013-11-28 14:38 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll 2014-02-07 23:54 - 2013-11-22 09:36 - 00895264 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll 2014-02-07 23:41 - 2013-12-05 09:42 - 00034080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys 2014-02-06 10:50 - 2014-02-06 10:50 - 00000513 _____ () C:\Windows\eReg.dat 2014-02-06 10:48 - 2014-02-06 10:49 - 00000491 _____ () C:\debugInstaller.txt 2014-01-27 22:01 - 2014-01-27 22:01 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-01-27 22:01 - 2014-01-27 22:01 - 00000000 ____D () C:\Windows\system32\directx 2014-01-25 16:02 - 2014-01-25 16:02 - 00000000 ____D () C:\Users\Admin\Desktop\GTA Parking SA 1.0 2014-01-22 16:06 - 2014-01-22 16:06 - 00000000 ____D () C:\ProgramData\Sony 2014-01-22 16:06 - 2014-01-22 16:06 - 00000000 ____D () C:\Program Files\Sony 2014-01-22 15:27 - 2014-01-22 15:27 - 00000703 _____ () C:\Users\Admin\Desktop\Postal2.lnk 2014-01-22 15:16 - 2014-01-22 15:16 - 00000077 _____ () C:\Windows\wininit.ini 2014-01-22 14:39 - 1999-12-17 08:13 - 00086016 _____ (MindVision Software) C:\Windows\unvise32.exe ==================== One Month Modified Files and Folders ======= 2014-02-20 22:25 - 2014-02-20 22:25 - 00006904 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-02-20 22:25 - 2014-02-20 22:25 - 00000000 ____D () C:\FRST 2014-02-20 22:24 - 2014-02-20 22:24 - 01142784 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe 2014-02-20 22:24 - 2013-11-29 18:04 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-20 22:16 - 2014-02-20 22:16 - 00079694 _____ () C:\Users\Admin\Desktop\OTL.Txt 2014-02-20 22:16 - 2014-02-20 22:16 - 00051154 _____ () C:\Users\Admin\Desktop\Extras.Txt 2014-02-20 22:10 - 2014-02-20 22:10 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Downloads\OTL.exe 2014-02-20 22:08 - 2014-02-20 22:08 - 00522360 _____ (Duplex Secure Ltd.) C:\Users\Admin\Downloads\SPTDinst-v186-x86.exe 2014-02-20 22:04 - 2014-02-19 18:52 - 00000000 ____D () C:\ProgramData\Nero 2014-02-20 21:54 - 2009-07-14 05:34 - 00013616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-20 21:54 - 2009-07-14 05:34 - 00013616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-20 21:50 - 2014-02-20 21:50 - 00001969 _____ () C:\Users\Admin\Desktop\CrystalDiskInfo Shizuku Edition.lnk 2014-02-20 21:50 - 2014-02-20 21:50 - 00000000 ____D () C:\Program Files\CrystalDiskInfo 2014-02-20 21:49 - 2014-02-20 21:47 - 41281696 _____ (Crystal Dew World ) C:\Users\Admin\Downloads\CrystalDiskInfo6_1_8ShizukuFull-en.exe 2014-02-20 21:47 - 2013-11-29 18:53 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client 2014-02-20 21:36 - 2013-11-29 18:03 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-20 21:08 - 2013-11-30 10:06 - 00290184 _____ () C:\Windows\system32\PnkBstrB.xtr 2014-02-20 21:08 - 2013-11-30 04:19 - 00290184 _____ () C:\Windows\system32\PnkBstrB.exe 2014-02-20 21:08 - 2013-11-30 04:19 - 00139032 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys 2014-02-20 21:07 - 2013-11-30 04:19 - 00280904 _____ () C:\Windows\system32\PnkBstrB.ex0 2014-02-20 21:06 - 2013-11-29 20:26 - 00000000 ____D () C:\ProgramData\Origin 2014-02-20 21:06 - 2013-11-29 20:26 - 00000000 ____D () C:\Program Files\Origin 2014-02-20 21:05 - 2014-01-05 00:00 - 00000000 ____D () C:\Users\Admin\Documents\Traktor3 2014-02-20 21:04 - 2014-02-20 21:04 - 00022688 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS 2014-02-20 21:04 - 2013-11-29 18:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype 2014-02-20 21:02 - 2014-02-20 21:02 - 00000000 ____D () C:\Program Files\HWiNFO32 2014-02-20 21:01 - 2014-02-20 21:01 - 02547256 _____ (Martin Malík - REALiX ) C:\Users\Admin\Downloads\hw32_434.exe 2014-02-20 20:44 - 2013-11-29 17:55 - 01442476 _____ () C:\Windows\WindowsUpdate.log 2014-02-20 20:41 - 2014-02-14 20:01 - 00003407 _____ () C:\Windows\setupact.log 2014-02-20 20:41 - 2013-11-29 18:04 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-20 20:41 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-20 19:45 - 2014-02-20 19:45 - 00059435 _____ () C:\Users\Admin\Downloads\memtest86+-5.01.iso.zip 2014-02-20 14:36 - 2014-02-20 14:36 - 00159904 _____ () C:\Windows\Minidump\022014-17706-01.dmp 2014-02-20 14:36 - 2014-02-14 20:01 - 255253877 _____ () C:\Windows\MEMORY.DMP 2014-02-20 14:36 - 2014-01-18 21:27 - 00000000 ____D () C:\Windows\Minidump 2014-02-20 13:40 - 2013-12-22 11:12 - 00000000 ____D () C:\Users\Admin\Documents\VirtualDJ 2014-02-20 02:47 - 2014-02-20 02:47 - 00159960 _____ () C:\Windows\Minidump\022014-44507-01.dmp 2014-02-20 02:35 - 2014-02-19 00:17 - 00002486 _____ () C:\Windows\PFRO.log 2014-02-20 00:24 - 2014-02-20 00:23 - 00000000 ____D () C:\Program Files\Virtual Audio Cable 2014-02-20 00:23 - 2014-02-20 00:23 - 00380021 _____ () C:\Users\Admin\Downloads\Virtual Audio Cable 4.10.rar 2014-02-20 00:23 - 2014-02-20 00:23 - 00050728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2014-02-19 23:51 - 2014-02-19 22:49 - 00000000 ____D () C:\Users\Admin\Documents\Pobrane 2014-02-19 22:49 - 2014-01-10 15:50 - 00000000 ____D () C:\Users\Admin\Documents\Ubisoft 2014-02-19 19:00 - 2014-02-19 18:59 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Nero 2014-02-19 18:57 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Cursors 2014-02-19 18:50 - 2014-02-19 18:50 - 00000000 ____D () C:\Program Files\MSXML 4.0 2014-02-19 18:35 - 2014-02-19 18:35 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\PowerISO 2014-02-19 18:34 - 2014-02-19 18:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\SearchProtect 2014-02-19 18:34 - 2014-02-19 18:34 - 00000000 ____D () C:\Program Files\SearchProtect 2014-02-19 18:34 - 2014-02-19 18:34 - 00000000 _____ () C:\END 2014-02-19 18:18 - 2013-11-29 23:34 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite 2014-02-19 17:53 - 2009-07-14 05:53 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-02-19 17:19 - 2013-11-29 18:45 - 00000000 ____D () C:\Program Files\Steam 2014-02-19 12:58 - 2013-11-29 18:13 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-02-19 12:55 - 2013-11-29 18:12 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-02-19 12:53 - 2014-02-19 12:53 - 00000000 ____D () C:\NVIDIA 2014-02-19 12:45 - 2014-02-19 12:45 - 00000627 _____ () C:\Users\Admin\Desktop\SA-MP.lnk 2014-02-18 14:14 - 2014-02-18 14:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer 2014-02-18 14:14 - 2013-12-07 12:31 - 00000000 ____D () C:\Users\Admin\Documents\GTA San Andreas 2014-02-16 14:17 - 2014-02-16 14:17 - 08371244 _____ () C:\Users\Admin\Desktop\Głsy.wav 2014-02-16 14:17 - 2014-02-14 12:56 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Audacity 2014-02-16 14:14 - 2014-02-16 14:13 - 09601068 _____ () C:\Users\Admin\Desktop\Final.wav 2014-02-16 14:10 - 2014-02-16 14:07 - 08028204 _____ () C:\Users\Admin\Desktop\Dogrywka.wav 2014-02-16 14:05 - 2014-02-16 14:05 - 09289772 _____ () C:\Users\Admin\Desktop\DissNaSevaBit.wav 2014-02-16 14:03 - 2014-02-16 14:02 - 09031724 _____ () C:\Users\Admin\Desktop\dissnaseva.wav 2014-02-16 03:29 - 2014-02-15 23:51 - 00000939 _____ () C:\Users\Admin\Desktop\Rust.lnk 2014-02-16 03:26 - 2013-11-29 19:32 - 00000000 ____D () C:\Gry 2014-02-16 01:00 - 2013-11-29 19:30 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent 2014-02-15 23:48 - 2014-02-15 23:48 - 00000000 ___SH () C:\Users\Admin\AppData\Local\LumaEmu 2014-02-15 23:39 - 2014-02-15 23:39 - 00000000 ____D () C:\ProgramData\Package Cache 2014-02-15 23:17 - 2013-11-29 19:32 - 00000000 ____D () C:\Pobrane Torrent 2014-02-15 23:09 - 2013-11-29 20:37 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.minecraft 2014-02-15 11:34 - 2014-02-15 11:33 - 08011820 _____ () C:\Users\Admin\Desktop\Podwójne.wav 2014-02-15 01:00 - 2014-02-15 01:00 - 08241196 _____ () C:\Users\Admin\Desktop\SevvDiss.wav 2014-02-15 00:45 - 2014-02-14 13:21 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Cool Record Edit Pro 2014-02-14 20:01 - 2014-02-14 20:01 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-14 17:57 - 2014-02-14 17:57 - 00000707 _____ () C:\Users\Admin\Desktop\COD MW3.lnk 2014-02-14 13:21 - 2014-02-14 13:21 - 00002006 _____ () C:\Users\Admin\Desktop\Cool Record Edit Pro.lnk 2014-02-14 13:21 - 2014-02-14 13:21 - 00000000 ____D () C:\Program Files\Cool Record Edit Pro 2014-02-14 13:16 - 2014-02-14 12:57 - 07314472 _____ () C:\Users\Admin\Desktop\SevDiss.wav 2014-02-14 13:02 - 2014-02-14 13:02 - 00000718 _____ () C:\Users\Admin\Desktop\GoldWave.lnk 2014-02-14 13:02 - 2014-02-14 13:02 - 00000000 ____D () C:\Program Files\GoldWave 2014-02-14 12:55 - 2014-02-14 12:55 - 00000969 _____ () C:\Users\Public\Desktop\Audacity.lnk 2014-02-14 12:55 - 2014-02-14 12:55 - 00000000 ____D () C:\Program Files\Audacity 2014-02-14 10:59 - 2014-02-14 10:58 - 00000000 ____D () C:\Users\Admin\Desktop\Crack 2014-02-14 01:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-02-14 00:37 - 2013-11-29 17:56 - 01664708 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-14 00:37 - 2009-07-14 09:07 - 00738468 _____ () C:\Windows\system32\perfh015.dat 2014-02-14 00:37 - 2009-07-14 09:07 - 00154578 _____ () C:\Windows\system32\perfc015.dat 2014-02-11 16:24 - 2014-02-10 21:42 - 00000000 ____D () C:\ProgramData\Avira 2014-02-11 16:24 - 2014-02-10 21:42 - 00000000 ____D () C:\Program Files\Avira 2014-02-11 16:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-02-10 21:44 - 2014-02-10 21:33 - 00000000 ____D () C:\Program Files\Razer Game Booster 2014-02-10 21:40 - 2014-02-10 21:40 - 00000000 ____D () C:\Users\Admin\Documents\Razer 2014-02-10 21:40 - 2014-02-10 21:40 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer_Inc 2014-02-10 21:34 - 2014-02-10 21:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer 2014-02-10 21:33 - 2014-02-10 21:33 - 00001957 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk 2014-02-10 21:33 - 2014-02-10 21:33 - 00000000 ____D () C:\ProgramData\Razer 2014-02-09 10:22 - 2014-02-08 23:38 - 00000000 ____D () C:\ProgramData\Adobe 2014-02-08 23:39 - 2014-02-08 23:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe 2014-02-08 23:39 - 2013-11-29 18:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe 2014-02-08 23:38 - 2014-02-08 23:38 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-02-08 23:38 - 2014-02-08 23:38 - 00000000 ____D () C:\Program Files\Adobe 2014-02-08 22:22 - 2014-02-08 22:22 - 00000000 ____D () C:\Users\Admin\Documents\My Games 2014-02-08 22:22 - 2014-02-08 22:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2014-02-08 22:22 - 2014-02-08 22:22 - 00000000 ____D () C:\Users\Admin\AppData\Local\WarThunder 2014-02-08 22:22 - 2014-02-08 22:22 - 00000000 ____D () C:\ProgramData\WarThunder 2014-02-08 19:27 - 2014-02-19 12:55 - 23683360 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll 2014-02-08 19:27 - 2014-02-19 12:55 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-02-08 19:27 - 2014-02-19 12:55 - 10180896 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-02-08 19:27 - 2014-02-19 12:55 - 09728064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-02-08 19:27 - 2014-02-19 12:55 - 09690424 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-02-08 19:27 - 2014-02-19 12:55 - 02956576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-02-08 19:27 - 2014-02-19 12:55 - 02410784 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-02-08 19:27 - 2014-02-19 12:55 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233489.dll 2014-02-08 19:27 - 2014-02-19 12:55 - 00895264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233489.dll 2014-02-08 19:27 - 2014-02-19 12:55 - 00863520 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll 2014-02-08 19:27 - 2014-02-19 12:55 - 00844576 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll 2014-02-08 19:27 - 2014-02-19 12:55 - 00305600 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll 2014-02-08 19:27 - 2014-02-19 12:55 - 00148528 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll 2014-02-08 19:27 - 2013-11-30 10:13 - 00832424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll 2014-02-08 19:27 - 2013-11-29 18:12 - 00019204 _____ () C:\Windows\system32\nvinfo.pb 2014-02-08 19:27 - 2010-08-09 06:03 - 15740232 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll 2014-02-08 19:27 - 2010-08-09 06:03 - 14669032 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll 2014-02-08 19:27 - 2010-08-09 06:03 - 02713728 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll 2014-02-08 18:11 - 2010-08-08 23:08 - 04348704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-02-08 18:11 - 2010-08-08 23:08 - 03045664 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll 2014-02-08 18:11 - 2010-08-08 23:08 - 02555168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-02-08 18:11 - 2010-08-08 23:08 - 00664864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-02-08 18:11 - 2010-08-08 23:08 - 00376096 _____ () C:\Windows\system32\nvmctray.dll 2014-02-08 18:11 - 2010-08-08 23:08 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-02-07 23:41 - 2013-12-03 16:22 - 00000000 ____D () C:\Users\Admin\AppData\Local\NVIDIA Corporation 2014-02-07 23:41 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-02-06 10:50 - 2014-02-06 10:50 - 00000513 _____ () C:\Windows\eReg.dat 2014-02-06 10:49 - 2014-02-06 10:48 - 00000491 _____ () C:\debugInstaller.txt 2014-02-06 10:49 - 2013-11-29 18:03 - 00000000 ____D () C:\Windows\system32\Macromed 2014-02-05 20:36 - 2013-11-29 18:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-02-05 20:36 - 2013-11-29 18:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-02-04 15:49 - 2013-11-30 10:17 - 03573739 _____ () C:\Windows\system32\nvcoproc.bin 2014-01-31 20:50 - 2013-11-30 23:44 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\openvr 2014-01-31 20:47 - 2013-11-29 18:45 - 00000000 ____D () C:\Program Files\Common Files\Steam 2014-01-27 22:01 - 2014-01-27 22:01 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-01-27 22:01 - 2014-01-27 22:01 - 00000000 ____D () C:\Windows\system32\directx 2014-01-25 16:21 - 2014-01-18 17:06 - 00000000 ____D () C:\Users\Admin\Desktop\GTA San Andreas 2014-01-25 16:21 - 2013-12-05 17:46 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\www.gtavicecity.ru 2014-01-25 16:02 - 2014-01-25 16:02 - 00000000 ____D () C:\Users\Admin\Desktop\GTA Parking SA 1.0 2014-01-22 16:06 - 2014-01-22 16:06 - 00000000 ____D () C:\ProgramData\Sony 2014-01-22 16:06 - 2014-01-22 16:06 - 00000000 ____D () C:\Program Files\Sony 2014-01-22 16:06 - 2013-11-29 17:59 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-01-22 15:27 - 2014-01-22 15:27 - 00000703 _____ () C:\Users\Admin\Desktop\Postal2.lnk 2014-01-22 15:16 - 2014-01-22 15:16 - 00000077 _____ () C:\Windows\wininit.ini 2014-01-22 14:40 - 2013-12-02 14:34 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games Some content of TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\nsq3BB.tmp.exe C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Admin\AppData\Local\Temp\nvStInst.exe C:\Users\Admin\AppData\Local\Temp\safeguard.exe C:\Users\Admin\AppData\Local\Temp\sp-downloader.exe C:\Users\Admin\AppData\Local\Temp\SPIdentifier.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-18 11:14 ==================== End Of Log ============================