Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 03
Ran by Klaku (administrator) on KLAKU on 26-04-2014 19:28:49
Running from D:\Pobrane
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(OldTimer Tools) D:\Pobrane\OTL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [Razer Lachesis Driver] => C:\Program Files (x86)\Razer\Lachesis 5600\LachesisSysTray.exe [837008 2011-03-09] (Razer USA Ltd)
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Policies\Explorer: [NoRemoteRecursiveEvents] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-3836798863-1575055402-2987569554-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-3836798863-1575055402-2987569554-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3836798863-1575055402-2987569554-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3836798863-1575055402-2987569554-1000\...\Policies\Explorer: [NoCDBurning] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {3C9D86CF-68A6-410B-9F2A-FD51792B7A65} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {637D6E3C-DF93-48A5-8362-159A8AC56B11} URL = http://www.google.com/search?hl=en&q={searchTerms}&meta=
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Klaku\AppData\Roaming\Mozilla\Firefox\Profiles\q5h95of5.default
FF Homepage: www.google.pl
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Klaku\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Klaku\AppData\Roaming\Mozilla\Firefox\Profiles\q5h95of5.default\searchplugins\yahoo_ff.xml
FF Extension: Start Page - C:\Users\Klaku\AppData\Roaming\Mozilla\Firefox\Profiles\q5h95of5.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi [2014-01-12]

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Dokumenty Google) - C:\Users\Klaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-25]
CHR Extension: (Dysk Google) - C:\Users\Klaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-25]
CHR Extension: (YouTube) - C:\Users\Klaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-25]
CHR Extension: (Szukaj w Google) - C:\Users\Klaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-25]
CHR Extension: (AdBlock) - C:\Users\Klaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-25]
CHR Extension: (Google Wallet) - C:\Users\Klaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-25]
CHR Extension: (Gmail) - C:\Users\Klaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-25]

==================== Services (Whitelisted) =================

S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
S3 sftvsa; C:\Program Files (x86)\Microsoft Application Virtualization Sequencer x64\sftvsa.exe [219496 2010-12-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-11-26] ()
S3 hidusbf; C:\Windows\System32\DRIVERS\hidusbf.sys [6784 2009-02-11] (SweetLow)
S3 LtcyCfgWDM; C:\Windows\System32\DRIVERS\LtcyCfgWDM.sys [7936 2005-12-26] ()
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-11-21] (Razer, Inc.)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [40696 2013-05-17] (Windows (R) Win 7 DDK provider)
S3 Swfilem; C:\Windows\System32\DRIVERS\Swfilem.sys [24936 2010-12-27] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Klaku\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 FireStorm; \??\C:\Users\Klaku\AppData\Local\Temp\FireStorm.sys [X]
S3 hid7906; system32\drivers\hid7906.sys [X]
S3 hid8101; system32\drivers\hid8101.sys [X]
S3 hid8103; system32\drivers\hid8103.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-26 19:28 - 2014-04-26 19:28 - 00000000 ____D () C:\FRST
2014-04-26 18:42 - 2014-04-26 19:16 - 00000000 ____D () C:\AdwCleaner
2014-04-26 18:33 - 2014-04-26 18:33 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\NVIDIA
2014-04-26 17:22 - 2014-04-26 17:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-26 17:21 - 2013-12-19 20:53 - 06671648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-04-26 17:21 - 2013-12-19 20:53 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-04-26 17:21 - 2013-12-19 20:53 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-04-26 17:21 - 2013-12-19 20:53 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-04-26 17:21 - 2013-12-19 20:53 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-04-26 17:21 - 2013-12-19 20:53 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-04-26 17:19 - 2014-04-26 17:19 - 00000552 _____ () C:\Windows\PFRO.log
2014-04-26 17:16 - 2014-04-26 17:16 - 00000266 _____ () C:\Users\Klaku\Documents\cc_20140426_171610.reg
2014-04-26 17:15 - 2014-04-26 17:15 - 00001010 _____ () C:\Users\Klaku\Documents\cc_20140426_171516.reg
2014-04-26 17:13 - 2014-04-26 18:46 - 00000224 _____ () C:\Windows\setupact.log
2014-04-26 17:13 - 2014-04-26 17:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-26 17:12 - 2014-04-26 17:12 - 00025702 _____ () C:\Users\Klaku\Documents\cc_20140426_171212.reg
2014-04-26 16:32 - 2014-04-26 16:32 - 00017816 _____ () C:\ComboFix.txt
2014-04-26 13:48 - 2014-04-26 13:48 - 00000994 _____ () C:\Users\Public\Desktop\Gyazo.lnk
2014-04-26 13:48 - 2014-04-26 13:48 - 00000994 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk
2014-04-26 13:48 - 2014-04-26 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2014-04-26 13:48 - 2014-04-26 13:48 - 00000000 ____D () C:\Program Files (x86)\Gyazo
2014-04-25 20:08 - 2014-04-26 18:50 - 00191532 _____ () C:\Windows\WindowsUpdate.log
2014-04-25 20:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-25 20:01 - 2014-04-25 20:01 - 00002273 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-25 20:01 - 2014-04-25 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-25 19:55 - 2014-04-25 19:55 - 00000812 _____ () C:\Users\Klaku\Documents\cc_20140425_195531.reg
2014-04-25 19:51 - 2014-04-25 19:51 - 00029126 _____ () C:\Users\Klaku\Documents\cc_20140425_195153.reg
2014-04-25 19:46 - 2014-04-25 19:46 - 00000000 ____D () C:\Users\Klaku\Desktop\rbpscripts
2014-04-25 15:45 - 2014-04-25 15:45 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZOTAC FireStorm
2014-04-23 21:30 - 2014-04-26 16:25 - 00020485 _____ () C:\Windows\SysWOW64\.tmp
2014-04-21 17:08 - 2014-04-21 17:08 - 00000000 ____D () C:\Users\Klaku\Desktop\BBot-34.2
2014-04-18 19:31 - 2014-04-18 19:31 - 00000000 ____D () C:\Users\Klaku\AppData\Local\Skype
2014-04-18 19:31 - 2014-04-18 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-12 16:42 - 2014-04-12 16:42 - 00003760 _____ () C:\Users\Klaku\Documents\cc_20140412_164227.reg
2014-04-08 13:05 - 2014-04-08 13:05 - 00000219 _____ () C:\Users\Klaku\Desktop\Counter-Strike Global Offensive.url
2014-04-08 11:20 - 2014-04-08 11:20 - 00000680 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-04-07 16:54 - 2014-04-22 01:02 - 00000000 ____D () C:\Users\Klaku\Desktop\rbp
2014-04-07 16:46 - 2014-04-07 16:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-05 17:17 - 2014-04-05 17:25 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\Tibia MS
2014-04-05 16:09 - 2014-04-26 15:05 - 00000000 ____D () C:\Users\Klaku\Desktop\Tibia
2014-04-05 07:42 - 2014-04-05 07:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
2014-03-31 11:51 - 2014-03-31 11:51 - 00002020 _____ () C:\Users\Klaku\Documents\cc_20140331_115154.reg
2014-03-31 03:40 - 2014-03-31 12:17 - 00003016 _____ () C:\Windows\System32\Tasks\EVGAPrecision
2014-03-31 03:16 - 2014-03-31 11:11 - 00000000 ____D () C:\Users\Klaku\AppData\Local\NVIDIA Corporation
2014-03-31 03:00 - 2014-03-31 03:00 - 00001746 _____ () C:\Users\Klaku\Documents\cc_20140331_030046.reg
2014-03-30 04:12 - 2014-03-30 04:12 - 00000000 _____ () C:\Users\Klaku\AppData\Local\{91F28334-DEDD-4792-B6C6-835D6236704A}
2014-03-30 04:09 - 2014-03-30 04:09 - 00000000 _____ () C:\Users\Klaku\AppData\Local\{5D850783-F285-4C62-AC05-894C2B2EF8E2}
2014-03-30 04:04 - 2014-03-30 04:04 - 00000000 _____ () C:\Users\Klaku\AppData\Local\{5177872E-3762-4D9B-B5CD-B57C4439DDD4}

==================== One Month Modified Files and Folders =======

2014-04-26 19:28 - 2014-04-26 19:28 - 00000000 ____D () C:\FRST
2014-04-26 19:17 - 2013-11-18 04:26 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-04-26 19:16 - 2014-04-26 18:42 - 00000000 ____D () C:\AdwCleaner
2014-04-26 19:15 - 2013-06-25 20:56 - 00000000 ____D () C:\Program Files (x86)\jv16 PowerTools 2013
2014-04-26 18:54 - 2009-07-14 06:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-26 18:54 - 2009-07-14 06:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-26 18:52 - 2011-04-12 15:21 - 00740476 _____ () C:\Windows\system32\perfh015.dat
2014-04-26 18:52 - 2011-04-12 15:21 - 00156026 _____ () C:\Windows\system32\perfc015.dat
2014-04-26 18:52 - 2009-07-14 07:13 - 01670670 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-26 18:50 - 2014-04-25 20:08 - 00191532 _____ () C:\Windows\WindowsUpdate.log
2014-04-26 18:46 - 2014-04-26 17:13 - 00000224 _____ () C:\Windows\setupact.log
2014-04-26 18:46 - 2013-06-22 14:00 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-26 18:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-26 18:41 - 2013-06-22 14:00 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-26 18:33 - 2014-04-26 18:33 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\NVIDIA
2014-04-26 18:33 - 2013-07-01 00:18 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-26 17:22 - 2014-04-26 17:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-26 17:21 - 2013-07-07 14:59 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-26 17:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-04-26 17:20 - 2013-11-27 19:10 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-26 17:19 - 2014-04-26 17:19 - 00000552 _____ () C:\Windows\PFRO.log
2014-04-26 17:16 - 2014-04-26 17:16 - 00000266 _____ () C:\Users\Klaku\Documents\cc_20140426_171610.reg
2014-04-26 17:15 - 2014-04-26 17:15 - 00001010 _____ () C:\Users\Klaku\Documents\cc_20140426_171516.reg
2014-04-26 17:13 - 2014-04-26 17:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-26 17:12 - 2014-04-26 17:12 - 00025702 _____ () C:\Users\Klaku\Documents\cc_20140426_171212.reg
2014-04-26 16:32 - 2014-04-26 16:32 - 00017816 _____ () C:\ComboFix.txt
2014-04-26 16:32 - 2014-01-18 13:59 - 00000000 ____D () C:\Qoobox
2014-04-26 16:31 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-26 16:30 - 2013-06-22 13:57 - 00000000 ___RD () C:\Users\Klaku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-26 16:25 - 2014-04-23 21:30 - 00020485 _____ () C:\Windows\SysWOW64\.tmp
2014-04-26 15:05 - 2014-04-05 16:09 - 00000000 ____D () C:\Users\Klaku\Desktop\Tibia
2014-04-26 13:48 - 2014-04-26 13:48 - 00000994 _____ () C:\Users\Public\Desktop\Gyazo.lnk
2014-04-26 13:48 - 2014-04-26 13:48 - 00000994 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk
2014-04-26 13:48 - 2014-04-26 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2014-04-26 13:48 - 2014-04-26 13:48 - 00000000 ____D () C:\Program Files (x86)\Gyazo
2014-04-26 10:54 - 2013-06-23 16:14 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\Skype
2014-04-25 20:01 - 2014-04-25 20:01 - 00002273 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-25 20:01 - 2014-04-25 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-25 20:01 - 2013-06-22 14:00 - 00000000 ____D () C:\Users\Klaku\AppData\Local\Google
2014-04-25 20:01 - 2013-06-22 14:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-25 20:00 - 2013-06-22 13:56 - 00000000 ____D () C:\Users\Klaku
2014-04-25 19:55 - 2014-04-25 19:55 - 00000812 _____ () C:\Users\Klaku\Documents\cc_20140425_195531.reg
2014-04-25 19:52 - 2013-12-04 08:33 - 00000000 ____D () C:\Users\Klaku\AppData\Local\CrashDumps
2014-04-25 19:52 - 2013-07-06 12:28 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\TS3Client
2014-04-25 19:52 - 2013-06-22 14:22 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\AIMP3
2014-04-25 19:51 - 2014-04-25 19:51 - 00029126 _____ () C:\Users\Klaku\Documents\cc_20140425_195153.reg
2014-04-25 19:46 - 2014-04-25 19:46 - 00000000 ____D () C:\Users\Klaku\Desktop\rbpscripts
2014-04-25 19:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-25 19:42 - 2013-07-27 02:46 - 00000000 ____D () C:\Program Files\VDownloader
2014-04-25 19:41 - 2014-03-26 20:58 - 00000000 ____D () C:\Users\Klaku\Documents\Fiddler2
2014-04-25 19:09 - 2013-06-22 15:32 - 00000000 ____D () C:\Users\Klaku\AppData\Local\PMB Files
2014-04-25 19:09 - 2013-06-22 15:32 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-25 15:45 - 2014-04-25 15:45 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZOTAC FireStorm
2014-04-25 15:45 - 2014-03-17 23:32 - 00000000 ____D () C:\Program Files (x86)\ZOTAC FireStorm
2014-04-24 21:41 - 2013-06-24 14:51 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\GG
2014-04-23 19:29 - 2013-06-29 01:52 - 00000000 ____D () C:\Windows\pss
2014-04-22 01:02 - 2014-04-07 16:54 - 00000000 ____D () C:\Users\Klaku\Desktop\rbp
2014-04-22 01:02 - 2013-10-30 18:55 - 00000000 ____D () C:\Users\Klaku\Desktop\Pack
2014-04-21 17:08 - 2014-04-21 17:08 - 00000000 ____D () C:\Users\Klaku\Desktop\BBot-34.2
2014-04-20 16:02 - 2013-07-23 14:36 - 00000000 ____D () C:\Users\Klaku\AppData\Local\screenSHU
2014-04-18 19:31 - 2014-04-18 19:31 - 00000000 ____D () C:\Users\Klaku\AppData\Local\Skype
2014-04-18 19:31 - 2014-04-18 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-18 19:31 - 2013-06-23 16:14 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-18 19:31 - 2013-06-23 16:14 - 00000000 ____D () C:\ProgramData\Skype
2014-04-17 10:39 - 2009-07-14 04:34 - 22020096 _____ () C:\Windows\system32\config\system.jv16pt_bak2
2014-04-17 10:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\default.jv16pt_bak2
2014-04-14 18:29 - 2014-01-19 12:06 - 52023296 _____ () C:\Windows\system32\config\software.jv16pt_bak
2014-04-13 21:18 - 2013-06-24 14:51 - 00000000 ____D () C:\Users\Klaku\AppData\Local\GG
2014-04-12 16:42 - 2014-04-12 16:42 - 00003760 _____ () C:\Users\Klaku\Documents\cc_20140412_164227.reg
2014-04-12 16:42 - 2013-06-22 15:28 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\uTorrent
2014-04-11 20:59 - 2013-06-25 00:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-08 13:05 - 2014-04-08 13:05 - 00000219 _____ () C:\Users\Klaku\Desktop\Counter-Strike Global Offensive.url
2014-04-08 11:20 - 2014-04-08 11:20 - 00000680 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-04-07 16:46 - 2014-04-07 16:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-07 15:26 - 2014-03-16 21:06 - 00000000 ____D () C:\Program Files\SteamLibrary
2014-04-05 17:25 - 2014-04-05 17:17 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\Tibia MS
2014-04-05 07:42 - 2014-04-05 07:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
2014-04-05 07:42 - 2013-06-22 14:22 - 00000917 _____ () C:\Users\Public\Desktop\AIMP3.lnk
2014-04-05 07:42 - 2013-06-22 14:22 - 00000000 ____D () C:\Program Files (x86)\AIMP3
2014-04-03 09:31 - 2013-08-11 18:18 - 00000000 ____D () C:\Users\Klaku\Desktop\programy
2014-03-31 14:51 - 2014-03-09 12:54 - 00000105 _____ () C:\Users\Klaku\Desktop\numery.txt
2014-03-31 12:17 - 2014-03-31 03:40 - 00003016 _____ () C:\Windows\System32\Tasks\EVGAPrecision
2014-03-31 11:57 - 2014-01-20 20:05 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-03-31 11:51 - 2014-03-31 11:51 - 00002020 _____ () C:\Users\Klaku\Documents\cc_20140331_115154.reg
2014-03-31 11:11 - 2014-03-31 03:16 - 00000000 ____D () C:\Users\Klaku\AppData\Local\NVIDIA Corporation
2014-03-31 11:11 - 2013-10-03 18:30 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-31 11:10 - 2013-06-23 18:33 - 00000000 ____D () C:\Torrenty
2014-03-31 11:08 - 2014-03-08 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-03-31 11:08 - 2013-06-25 18:01 - 00000000 ____D () C:\ProgramData\Razer
2014-03-31 11:04 - 2014-01-06 17:01 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-31 11:04 - 2013-09-30 16:40 - 00000000 ____D () C:\ProgramData\Origin
2014-03-31 11:02 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-03-31 09:35 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-31 03:39 - 2013-07-08 19:39 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-03-31 03:39 - 2013-07-08 19:38 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-03-31 03:00 - 2014-03-31 03:00 - 00001746 _____ () C:\Users\Klaku\Documents\cc_20140331_030046.reg
2014-03-30 05:14 - 2013-11-16 19:36 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\Knight
2014-03-30 05:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-03-30 04:12 - 2014-03-30 04:12 - 00000000 _____ () C:\Users\Klaku\AppData\Local\{91F28334-DEDD-4792-B6C6-835D6236704A}
2014-03-30 04:09 - 2014-03-30 04:09 - 00000000 _____ () C:\Users\Klaku\AppData\Local\{5D850783-F285-4C62-AC05-894C2B2EF8E2}
2014-03-30 04:04 - 2014-03-30 04:04 - 00000000 _____ () C:\Users\Klaku\AppData\Local\{5177872E-3762-4D9B-B5CD-B57C4439DDD4}
2014-03-28 03:48 - 2013-11-18 04:26 - 00000000 ____D () C:\Users\Klaku\AppData\Roaming\IObit

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-23 06:03

==================== End Of Log ============================