Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2014 01
Ran by Kinguń (administrator) on PC on 12-04-2014 23:33:18
Running from C:\Users\Kinguń\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Intel Corporation) C:\windows\system32\hkcmd.exe
(Intel Corporation) C:\windows\system32\igfxtray.exe
(Intel Corporation) C:\windows\system32\igfxpers.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Farbar) C:\Users\Kinguń\Desktop\ListParts64.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kinguń\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11369576 2010-08-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2586504 2010-08-05] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2013-09-09] (Research In Motion Limited)
HKLM-x32\...\Run: [RIM PeerManager] - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4465152 2013-11-28] (Research In Motion Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1593099923-3472938015-3572154625-1000\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1593099923-3472938015-3572154625-1002\...\Run: [Mobile Partner] - C:\Program Files (x86)\PLAY Web partner\PLAY Web partner
HKU\S-1-5-21-1593099923-3472938015-3572154625-1002\...\Run: [ALLUpdate] - C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3000704 2014-01-29] (ALLPlayer Group Ltd.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-01-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-01-17] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: W2PBrowser Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
BHO-x32: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Kinguń\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Kinguń\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Kinguń\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFF
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFF [2014-01-13]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_13_2 [2014-04-12]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Angry Birds) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-04-10]
CHR Extension: (Dysk Google) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-10]
CHR Extension: (WOT) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-04-10]
CHR Extension: (Adblock Plus) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-10]
CHR Extension: (Read Later Fast) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2014-04-10]
CHR Extension: (Torrent Turbo Search App) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegbffmjdkflkcfncpfjjbggbdlnbdif [2014-04-10]
CHR Extension: (Football Logo Quiz) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\geihfokhocgliohaepfljelcnjlcobmp [2014-04-10]
CHR Extension: (KodyRabatowe.pl) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\kafpjghdfockenndmdalblagbonhemkf [2014-04-10]
CHR Extension: (Konwersja PDF do Word) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\kclbidlajocjmicnpgpfmkblhdhjelfe [2014-04-10]
CHR Extension: (Mapy Google) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-04-10]
CHR Extension: (Darmowe PDF Unlocker) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdknbehfogkgogcennnagfokmnimpab [2014-04-10]
CHR Extension: (Google Wallet) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-04-10]
CHR Extension: (Click&Clean App) - C:\Users\Kinguń\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-04-10]

==================== Services (Whitelisted) =================

R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-09-09] (Research In Motion Limited)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2013-11-28] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1304064 2013-11-28] (Research In Motion Limited)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-13] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20140411.001\IDSvia64.sys [525016 2014-03-24] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20140411.018\ENG64.SYS [126040 2014-02-14] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20140411.018\EX64.SYS [2099288 2014-02-14] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-06-27] (Research In Motion Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-11-28] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-01-13] ()
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2014-01-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
U3 adh852bl; C:\Windows\System32\Drivers\adh852bl.sys [0 ] (Microsoft Corporation)
U3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-12 23:32 - 2014-04-12 23:33 - 00029754 _____ () C:\Users\Kinguń\Desktop\Addition.txt
2014-04-12 23:32 - 2014-04-12 23:33 - 00018508 _____ () C:\Users\Kinguń\Desktop\FRST.txt
2014-04-12 23:30 - 2014-04-12 23:33 - 00000000 ____D () C:\FRST
2014-04-12 23:26 - 2014-04-12 23:26 - 02157568 _____ (Farbar) C:\Users\Kinguń\Desktop\FRST64.exe
2014-04-12 23:09 - 2014-04-12 23:09 - 00007952 _____ () C:\Users\Kinguń\Desktop\Result.txt
2014-04-12 23:07 - 2014-04-12 23:07 - 01025024 _____ (Farbar) C:\Users\Kinguń\Desktop\ListParts64.exe
2014-04-12 22:25 - 2014-04-12 22:25 - 00025161 _____ () C:\ComboFix.txt
2014-04-12 22:21 - 2014-04-12 22:21 - 00000000 ____D () C:\Users\Kingun
2014-04-12 21:56 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2014-04-12 21:56 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2014-04-12 21:56 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-04-12 21:56 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-04-12 21:56 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-04-12 21:56 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2014-04-12 21:56 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2014-04-12 21:56 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2014-04-12 21:52 - 2014-04-12 22:26 - 00000000 ____D () C:\Qoobox
2014-04-12 21:52 - 2014-04-12 22:18 - 00000000 ____D () C:\windows\erdnt
2014-04-12 12:59 - 2014-04-12 12:59 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-04-12 12:59 - 2014-04-12 12:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-04-12 11:47 - 2013-06-03 06:13 - 00455680 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ewusbwwan.sys
2014-04-12 11:47 - 2013-05-28 11:36 - 00245760 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_juwwanecm.sys
2014-04-12 11:47 - 2013-03-04 10:32 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_jucdcacm.sys
2014-04-12 11:47 - 2013-03-04 10:32 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_jubusenum.sys
2014-04-12 11:47 - 2013-03-04 10:32 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_jucdcecm.sys
2014-04-12 11:47 - 2013-03-04 10:32 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_juextctrl.sys
2014-04-12 11:47 - 2013-03-04 10:21 - 00226048 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ewusbmdm.sys
2014-04-12 11:47 - 2013-01-25 03:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_hwusbdev.sys
2014-04-12 11:47 - 2012-12-22 03:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_usbenumfilter.sys
2014-04-12 11:47 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\windows\system32\Drivers\ewdcsc.sys
2014-04-12 11:47 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_hwupgrade.sys
2014-04-12 11:47 - 2010-08-06 01:43 - 01001472 _____ (DiBcom SA) C:\windows\system32\Drivers\mod7700.sys
2014-04-11 09:53 - 2014-04-12 21:02 - 00006552 _____ () C:\windows\setupact.log
2014-04-11 09:53 - 2014-04-11 09:53 - 00000000 _____ () C:\windows\setuperr.log
2014-04-11 01:41 - 2014-04-11 01:41 - 00000000 _____ () C:\windows\SysWOW64\shoFC68.tmp
2014-04-11 01:40 - 2014-04-11 01:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-04-11 01:35 - 2014-03-08 06:54 - 17848832 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-11 01:35 - 2014-03-08 06:06 - 10926592 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-11 01:35 - 2014-03-08 05:49 - 02334720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-11 01:35 - 2014-03-08 05:41 - 01347072 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-11 01:35 - 2014-03-08 05:40 - 01392128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-11 01:35 - 2014-03-08 05:39 - 01494528 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-11 01:35 - 2014-03-08 05:38 - 00237056 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-04-11 01:35 - 2014-03-08 05:37 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-11 01:35 - 2014-03-08 05:34 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-11 01:35 - 2014-03-08 05:34 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-11 01:35 - 2014-03-08 05:33 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-11 01:35 - 2014-03-08 05:32 - 02147840 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-11 01:35 - 2014-03-08 05:32 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-11 01:35 - 2014-03-08 05:30 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-04-11 01:35 - 2014-03-08 05:29 - 02382848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-11 01:35 - 2014-03-08 05:24 - 00248320 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-11 01:35 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-11 01:35 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-11 01:35 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-11 01:35 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-11 01:35 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-11 01:35 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-11 01:35 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2014-04-11 01:35 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-11 01:35 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-11 01:35 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-11 01:35 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-11 01:35 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-11 01:35 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-11 01:35 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-11 01:35 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-04-11 01:35 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-10 23:38 - 2014-04-10 23:38 - 00000000 ____D () C:\Users\Kinguń\AppData\Roaming\TeamViewer
2014-04-10 12:45 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-10 12:45 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-10 12:45 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-10 12:45 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-10 12:45 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-10 12:45 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-10 12:45 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-10 12:45 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-10 12:45 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-10 12:45 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-10 12:45 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-10 12:45 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-10 12:45 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-10 12:45 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-10 12:45 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-10 12:45 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-10 12:45 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-10 11:28 - 2014-04-10 11:28 - 00000000 ____D () C:\Users\Kinguń\AppData\Local\Mozilla
2014-04-10 10:49 - 2014-04-10 10:50 - 04591288 _____ (TeamViewer) C:\Users\Kinguń\Desktop\TeamViewerQS_pl.exe
2014-04-09 13:37 - 2014-04-09 13:37 - 00000000 ____D () C:\Users\Public\CyberLink
2014-04-09 13:37 - 2014-04-09 13:37 - 00000000 ____D () C:\Users\Kinguń\Documents\Youcam
2014-04-09 10:31 - 2014-04-12 13:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-04-09 10:24 - 2014-04-09 10:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-09 10:23 - 2014-04-12 13:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 10:23 - 2014-04-09 10:30 - 00000000 ____D () C:\windows\SHELLNEW
2014-04-09 10:23 - 2014-04-09 10:23 - 00000000 ___RD () C:\MSOCache
2014-04-09 10:23 - 2014-04-09 10:23 - 00000000 ____D () C:\Users\Kinguń\AppData\Local\Microsoft Help
2014-03-19 01:27 - 2014-03-19 01:27 - 00000040 _____ () C:\windows\system32\Ꙁí
2014-03-18 13:52 - 2014-03-18 13:52 - 00000000 ___SD () C:\Users\Kinguń\GG dysk
2014-03-18 13:51 - 2014-03-18 16:41 - 00000000 ____D () C:\Users\Kinguń\AppData\Roaming\GG
2014-03-18 13:51 - 2014-03-18 16:37 - 00000000 ____D () C:\Users\Kinguń\AppData\Local\GG
2014-03-18 13:51 - 2014-03-18 13:51 - 00001146 _____ () C:\Users\Kinguń\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
2014-03-18 13:51 - 2014-03-18 13:51 - 00000000 ____D () C:\ProgramData\GG
2014-03-17 00:44 - 2014-03-17 00:44 - 00000040 _____ () C:\windows\system32\Ꙁã
2014-03-16 11:45 - 2014-03-16 11:45 - 00000000 ____D () C:\Users\Kinguń\Documents\Symantec
2014-03-13 02:21 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-13 02:21 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-13 02:21 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-03-13 02:21 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-03-13 02:21 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-03-13 02:21 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll

==================== One Month Modified Files and Folders =======

2014-04-12 23:33 - 2014-04-12 23:32 - 00029754 _____ () C:\Users\Kinguń\Desktop\Addition.txt
2014-04-12 23:33 - 2014-04-12 23:32 - 00018508 _____ () C:\Users\Kinguń\Desktop\FRST.txt
2014-04-12 23:33 - 2014-04-12 23:30 - 00000000 ____D () C:\FRST
2014-04-12 23:26 - 2014-04-12 23:26 - 02157568 _____ (Farbar) C:\Users\Kinguń\Desktop\FRST64.exe
2014-04-12 23:11 - 2009-07-14 06:45 - 00014144 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-12 23:11 - 2009-07-14 06:45 - 00014144 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-12 23:09 - 2014-04-12 23:09 - 00007952 _____ () C:\Users\Kinguń\Desktop\Result.txt
2014-04-12 23:07 - 2014-04-12 23:07 - 01025024 _____ (Farbar) C:\Users\Kinguń\Desktop\ListParts64.exe
2014-04-12 22:26 - 2014-04-12 21:52 - 00000000 ____D () C:\Qoobox
2014-04-12 22:25 - 2014-04-12 22:25 - 00025161 _____ () C:\ComboFix.txt
2014-04-12 22:25 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-04-12 22:21 - 2014-04-12 22:21 - 00000000 ____D () C:\Users\Kingun
2014-04-12 22:18 - 2014-04-12 21:52 - 00000000 ____D () C:\windows\erdnt
2014-04-12 22:09 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini
2014-04-12 22:01 - 2010-09-02 06:50 - 01769865 _____ () C:\windows\WindowsUpdate.log
2014-04-12 21:02 - 2014-04-11 09:53 - 00006552 _____ () C:\windows\setupact.log
2014-04-12 21:02 - 2014-01-13 01:22 - 00114384 _____ () C:\Users\Kinguń\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-12 21:02 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-12 21:02 - 2009-07-14 06:45 - 00419976 _____ () C:\windows\system32\FNTCACHE.DAT
2014-04-12 13:04 - 2014-04-09 10:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-12 13:01 - 2014-04-09 10:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-04-12 12:59 - 2014-04-12 12:59 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-04-12 12:59 - 2014-04-12 12:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-04-12 12:59 - 2009-07-14 04:34 - 00000478 _____ () C:\windows\win.ini
2014-04-11 10:18 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-04-11 09:53 - 2014-04-11 09:53 - 00000000 _____ () C:\windows\setuperr.log
2014-04-11 01:41 - 2014-04-11 01:41 - 00000000 _____ () C:\windows\SysWOW64\shoFC68.tmp
2014-04-11 01:40 - 2014-04-11 01:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-04-11 01:39 - 2014-01-13 03:58 - 00000000 ____D () C:\windows\system32\MRT
2014-04-11 01:37 - 2014-01-13 03:57 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-11 00:01 - 2014-01-17 11:55 - 00000000 ____D () C:\Users\Kinguń\AppData\Roaming\Skype
2014-04-10 23:38 - 2014-04-10 23:38 - 00000000 ____D () C:\Users\Kinguń\AppData\Roaming\TeamViewer
2014-04-10 23:34 - 2014-03-03 11:16 - 00000000 ____D () C:\windows\Minidump
2014-04-10 11:28 - 2014-04-10 11:28 - 00000000 ____D () C:\Users\Kinguń\AppData\Local\Mozilla
2014-04-10 10:50 - 2014-04-10 10:49 - 04591288 _____ (TeamViewer) C:\Users\Kinguń\Desktop\TeamViewerQS_pl.exe
2014-04-10 00:06 - 2014-01-13 15:55 - 00000000 ____D () C:\Users\Kinguń\AppData\Roaming\SoftGrid Client
2014-04-09 19:56 - 2010-09-02 07:17 - 00740792 _____ () C:\windows\system32\perfh015.dat
2014-04-09 19:56 - 2010-09-02 07:17 - 00156076 _____ () C:\windows\system32\perfc015.dat
2014-04-09 19:56 - 2009-07-14 07:13 - 01670702 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-09 13:37 - 2014-04-09 13:37 - 00000000 ____D () C:\Users\Public\CyberLink
2014-04-09 13:37 - 2014-04-09 13:37 - 00000000 ____D () C:\Users\Kinguń\Documents\Youcam
2014-04-09 13:37 - 2010-09-01 15:05 - 00000000 ____D () C:\ProgramData\CyberLink
2014-04-09 10:30 - 2014-04-09 10:23 - 00000000 ____D () C:\windows\SHELLNEW
2014-04-09 10:30 - 2010-09-01 15:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-09 10:30 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-04-09 10:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-09 10:24 - 2014-04-09 10:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-09 10:24 - 2014-01-13 15:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-09 10:23 - 2014-04-09 10:23 - 00000000 ___RD () C:\MSOCache
2014-04-09 10:23 - 2014-04-09 10:23 - 00000000 ____D () C:\Users\Kinguń\AppData\Local\Microsoft Help
2014-03-19 01:27 - 2014-03-19 01:27 - 00000040 _____ () C:\windows\system32\Ꙁí
2014-03-18 16:41 - 2014-03-18 13:51 - 00000000 ____D () C:\Users\Kinguń\AppData\Roaming\GG
2014-03-18 16:37 - 2014-03-18 13:51 - 00000000 ____D () C:\Users\Kinguń\AppData\Local\GG
2014-03-18 13:52 - 2014-03-18 13:52 - 00000000 ___SD () C:\Users\Kinguń\GG dysk
2014-03-18 13:52 - 2014-01-13 01:09 - 00000000 ____D () C:\Users\Kinguń
2014-03-18 13:51 - 2014-03-18 13:51 - 00001146 _____ () C:\Users\Kinguń\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
2014-03-18 13:51 - 2014-03-18 13:51 - 00000000 ____D () C:\ProgramData\GG
2014-03-18 13:51 - 2014-03-11 02:14 - 00000000 ____D () C:\Program Files (x86)\Nowe Gadu-Gadu
2014-03-17 00:44 - 2014-03-17 00:44 - 00000040 _____ () C:\windows\system32\Ꙁã
2014-03-16 20:14 - 2014-02-13 11:29 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-03-16 11:45 - 2014-03-16 11:45 - 00000000 ____D () C:\Users\Kinguń\Documents\Symantec
2014-03-13 14:27 - 2014-01-13 23:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 14:27 - 2014-01-13 23:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-31 09:55

==================== End Of Log ============================