Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 01 Ran by Admin (administrator) on ADMIN-KOMPUTER on 28-06-2014 11:52:18 Running from C:\Users\Admin\Desktop\Temporary\Logi Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2716216 2009-09-29] (ESET) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-09-16] (Adobe Systems Incorporated) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.) HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2012-01-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [815512 2012-01-03] (Adobe Systems Inc.) HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\S-1-5-21-2936724634-1324443680-929429672-1000\...\Run: [Google Update] => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-22] (Google Inc.) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: {4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B} -> {4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B} => C:\Windows\system32\pfmshx_7DB.dll (Pismo Technic Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: {4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B} -> {4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B} => C:\Windows\SysWOW64\pfmshx_7DB.dll (Pismo Technic Inc.) ==================== Internet (Whitelisted) ==================== ProxyServer: 10.60.1.248:8080 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - DefaultScope {ADAAF82B-8D0E-4251-8321-95DE206A2636} URL = BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc) BHO-x32: Pomocnik logowania za pomocą konta Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 62.21.99.94 62.21.99.95 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-12-13] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-08-27] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) CHR Plugin: (Google Update) - C:\Users\Admin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Extension: (Angry Birds) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-06-22] CHR Extension: (Little Birds) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\alideofjffapikhdkookpohehnaaplnf [2012-11-13] CHR Extension: (Dysk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-04] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-22] CHR Extension: (Adblock dla serwisu Youtube™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2013-09-23] CHR Extension: (TweetDeck by Twitter) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2012-08-03] CHR Extension: (Dropbox) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2012-06-22] CHR Extension: (Muffin Knight) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngcgpajmidlcgbkpjaopbcglkjepkbaa [2012-06-22] CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-22] CHR StartMenuInternet: Google Chrome - C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-04-21] (Perfect World Entertainment Inc) S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [23296 2009-09-29] (ESET) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [735960 2009-09-29] (ESET) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-11-14] (Wacom Technology, Corp.) S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [675936 2012-08-09] (Wellbia.com Co., Ltd.) [File not signed] ==================== Drivers (Whitelisted) ==================== S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-02-10] () R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [144824 2009-09-29] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [136584 2009-09-29] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123200 2009-09-29] (ESET) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-02-10] () R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R1 pfmfs_7DB; C:\Windows\System32\Drivers\pfmfs_7DB.sys [258296 2012-12-11] (Pismo Technic Inc.) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] () S3 AIDA64Driver; \??\G:\Instalki\Testowanie kompa\Aida64 extreme 220 portable\kerneld.x64 [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 slb; \??\E:\Gry\Scarlet Blade\ScarletBlade\avital\scarlb64.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-23 18:37 - 2014-06-28 11:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sleeping Dogs 2014-06-23 18:37 - 2014-06-23 18:37 - 00000681 _____ () C:\Users\Public\Desktop\Sleeping Dogs.lnk 2014-06-18 23:24 - 2014-06-18 23:24 - 00000000 ____D () C:\Users\Admin\Documents\IAmAlive 2014-06-15 14:08 - 2014-06-28 11:52 - 00000000 ____D () C:\FRST 2014-06-14 08:22 - 2014-06-14 08:22 - 00000000 ____D () C:\Users\Admin\Desktop\concept art 2014-06-10 00:15 - 2014-06-10 00:15 - 00000000 ____D () C:\ProgramData\Orbit 2014-06-10 00:05 - 2014-06-10 01:12 - 00000000 ____D () C:\Users\Admin\AppData\Local\NVIDIA Corporation 2014-06-10 00:05 - 2014-06-10 00:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\NVIDIA 2014-06-10 00:05 - 2014-06-10 00:05 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-06-10 00:05 - 2014-04-30 20:27 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-06-10 00:05 - 2014-04-30 20:26 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-06-10 00:04 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-06-10 00:02 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-06-10 00:02 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2014-06-10 00:02 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-06-10 00:02 - 2014-05-20 04:44 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2014-06-10 00:00 - 2014-06-10 00:00 - 00000000 ____D () C:\NVIDIA 2014-06-10 00:00 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-06-10 00:00 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2014-06-10 00:00 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-06-09 23:56 - 2014-06-14 22:22 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2014-06-09 23:56 - 2014-06-09 23:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\Ubisoft Game Launcher 2014-05-29 15:07 - 2014-05-29 15:07 - 00000865 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk ==================== One Month Modified Files and Folders ======= 2014-06-28 11:52 - 2014-06-15 14:08 - 00000000 ____D () C:\FRST 2014-06-28 11:49 - 2012-06-22 22:44 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2936724634-1324443680-929429672-1000UA.job 2014-06-28 11:44 - 2012-06-21 13:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DeviceVm 2014-06-28 11:39 - 2009-07-14 06:45 - 00024976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-28 11:39 - 2009-07-14 06:45 - 00024976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-28 11:36 - 2012-06-21 12:59 - 01279290 _____ () C:\Windows\WindowsUpdate.log 2014-06-28 11:31 - 2012-06-21 14:15 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-28 11:31 - 2012-06-21 13:33 - 00000000 ____D () C:\Users\Admin 2014-06-28 11:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-28 11:31 - 2009-07-14 06:51 - 00093158 _____ () C:\Windows\setupact.log 2014-06-28 11:30 - 2014-06-23 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sleeping Dogs 2014-06-28 11:30 - 2012-09-09 13:42 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\IrfanView 2014-06-28 11:30 - 2012-06-25 10:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\BitTorrent 2014-06-28 11:30 - 2012-06-21 13:49 - 00000000 ____D () C:\ProgramData\DeviceVm 2014-06-28 11:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-06-28 11:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2014-06-26 00:57 - 2014-05-27 14:13 - 00000000 ____D () C:\Users\Admin\Desktop\Games backup 2014-06-24 06:49 - 2012-06-22 22:44 - 00001006 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2936724634-1324443680-929429672-1000Core.job 2014-06-23 18:37 - 2014-06-23 18:37 - 00000681 _____ () C:\Users\Public\Desktop\Sleeping Dogs.lnk 2014-06-22 20:23 - 2012-12-12 16:11 - 00000000 ____D () C:\Users\Admin\AppData\Local\SKIDROW 2014-06-22 17:52 - 2014-01-04 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ENSLAVED Odyssey to the West Premium Edition 2014-06-22 17:51 - 2012-06-21 13:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-06-22 17:48 - 2012-12-12 12:00 - 00000000 ____D () C:\Users\Admin\Desktop\Temporary 2014-06-22 17:13 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-06-18 23:24 - 2014-06-18 23:24 - 00000000 ____D () C:\Users\Admin\Documents\IAmAlive 2014-06-18 23:22 - 2012-10-07 08:21 - 00515355 _____ () C:\Windows\DirectX.log 2014-06-17 07:42 - 2012-11-01 11:28 - 00391310 _____ () C:\Windows\system32\prfh0404.dat 2014-06-17 07:42 - 2012-11-01 11:28 - 00113328 _____ () C:\Windows\system32\prfc0404.dat 2014-06-17 07:42 - 2012-11-01 11:07 - 00374208 _____ () C:\Windows\system32\prfh0804.dat 2014-06-17 07:42 - 2012-11-01 11:07 - 00118242 _____ () C:\Windows\system32\prfc0804.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00734402 _____ () C:\Windows\system32\perfh00A.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00732272 _____ () C:\Windows\system32\perfh013.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00672580 _____ () C:\Windows\system32\perfh00E.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00657598 _____ () C:\Windows\system32\perfh005.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00652842 _____ () C:\Windows\system32\perfh01D.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00470540 _____ () C:\Windows\system32\perfh00B.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00418478 _____ () C:\Windows\system32\perfh012.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00381886 _____ () C:\Windows\system32\perfh00D.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00169172 _____ () C:\Windows\system32\perfc00E.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00156512 _____ () C:\Windows\system32\perfc00A.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00151104 _____ () C:\Windows\system32\perfc013.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00140662 _____ () C:\Windows\system32\perfc01D.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00139284 _____ () C:\Windows\system32\perfc005.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00118670 _____ () C:\Windows\system32\perfc012.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00099320 _____ () C:\Windows\system32\perfc00B.dat 2014-06-17 07:42 - 2012-10-26 10:57 - 00083088 _____ () C:\Windows\system32\perfc00D.dat 2014-06-17 07:42 - 2012-10-25 12:00 - 00729094 _____ () C:\Windows\system32\perfh010.dat 2014-06-17 07:42 - 2012-10-25 12:00 - 00144976 _____ () C:\Windows\system32\perfc010.dat 2014-06-17 07:42 - 2012-10-25 11:51 - 00734558 _____ () C:\Windows\system32\perfh00C.dat 2014-06-17 07:42 - 2012-10-25 11:51 - 00468320 _____ () C:\Windows\system32\perfh001.dat 2014-06-17 07:42 - 2012-10-25 11:51 - 00147480 _____ () C:\Windows\system32\perfc00C.dat 2014-06-17 07:42 - 2012-10-25 11:51 - 00092978 _____ () C:\Windows\system32\perfc001.dat 2014-06-17 07:42 - 2012-10-25 11:35 - 00685842 _____ () C:\Windows\system32\perfh007.dat 2014-06-17 07:42 - 2012-10-25 11:35 - 00146970 _____ () C:\Windows\system32\perfc007.dat 2014-06-17 07:42 - 2009-07-14 19:55 - 00737242 _____ () C:\Windows\system32\perfh015.dat 2014-06-17 07:42 - 2009-07-14 19:55 - 00153930 _____ () C:\Windows\system32\perfc015.dat 2014-06-17 07:42 - 2009-07-14 07:13 - 11582568 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-17 06:44 - 2012-06-22 22:44 - 00004032 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2936724634-1324443680-929429672-1000UA 2014-06-17 06:44 - 2012-06-22 22:44 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2936724634-1324443680-929429672-1000Core 2014-06-15 13:49 - 2012-06-21 14:08 - 00445990 _____ () C:\Windows\PFRO.log 2014-06-14 22:22 - 2014-06-09 23:56 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2014-06-14 13:31 - 2012-10-26 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-06-14 13:31 - 2012-06-22 23:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Winamp 2014-06-14 13:31 - 2012-06-22 22:46 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-14 08:22 - 2014-06-14 08:22 - 00000000 ____D () C:\Users\Admin\Desktop\concept art 2014-06-10 01:12 - 2014-06-10 00:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\NVIDIA Corporation 2014-06-10 01:12 - 2012-06-21 14:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-06-10 00:15 - 2014-06-10 00:15 - 00000000 ____D () C:\ProgramData\Orbit 2014-06-10 00:15 - 2013-02-05 15:34 - 00000000 ____D () C:\Users\Admin\Documents\My Games 2014-06-10 00:05 - 2014-06-10 00:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\NVIDIA 2014-06-10 00:05 - 2014-06-10 00:05 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-06-10 00:05 - 2012-06-21 14:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-06-10 00:05 - 2012-06-21 14:11 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-06-10 00:00 - 2014-06-10 00:00 - 00000000 ____D () C:\NVIDIA 2014-06-09 23:56 - 2014-06-09 23:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\Ubisoft Game Launcher 2014-06-09 23:56 - 2012-06-29 11:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps 2014-06-09 19:30 - 2013-01-31 18:46 - 00000000 ____D () C:\Users\Admin\Documents\Bioware 2014-06-04 14:53 - 2013-06-16 17:08 - 00000000 ____D () C:\Users\Admin\Desktop\Foundry projects 2014-06-02 20:22 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-05-29 15:07 - 2014-05-29 15:07 - 00000865 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk 2014-05-29 15:07 - 2012-06-25 10:33 - 00000000 ____D () C:\Program Files (x86)\BitTorrent 2014-05-29 02:36 - 2014-03-16 16:34 - 00000000 ____D () C:\Users\Admin\Desktop\Gry Some content of TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\AutoUI.exe C:\Users\Admin\AppData\Local\Temp\bdfilters.dll C:\Users\Admin\AppData\Local\Temp\D3DX81ab.dll C:\Users\Admin\AppData\Local\Temp\dotnetfx 3.5 sp1.exe C:\Users\Admin\AppData\Local\Temp\dxwebsetup.exe C:\Users\Admin\AppData\Local\Temp\EAD206B.exe C:\Users\Admin\AppData\Local\Temp\EAD50FE.exe C:\Users\Admin\AppData\Local\Temp\EAD6BBD.exe C:\Users\Admin\AppData\Local\Temp\EAD7F1D.exe C:\Users\Admin\AppData\Local\Temp\EAD85B2.exe C:\Users\Admin\AppData\Local\Temp\EAD86FA.exe C:\Users\Admin\AppData\Local\Temp\EAD9877.exe C:\Users\Admin\AppData\Local\Temp\EAD9991.exe C:\Users\Admin\AppData\Local\Temp\huffyuv.dll C:\Users\Admin\AppData\Local\Temp\iv_uninstall.exe C:\Users\Admin\AppData\Local\Temp\ncuninstaller.exe C:\Users\Admin\AppData\Local\Temp\NGMDll.dll C:\Users\Admin\AppData\Local\Temp\NGMResource.dll C:\Users\Admin\AppData\Local\Temp\nvStInst.exe C:\Users\Admin\AppData\Local\Temp\SRLDetectionLibrary6565346852774212635.dll C:\Users\Admin\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Admin\AppData\Local\Temp\ubiE8B1.tmp.exe C:\Users\Admin\AppData\Local\Temp\unicows.dll C:\Users\Admin\AppData\Local\Temp\utt2B20.tmp.exe C:\Users\Admin\AppData\Local\Temp\vcredist_x86.exe C:\Users\Admin\AppData\Local\Temp\wmfdist.exe C:\Users\Admin\AppData\Local\Temp\_isA59E.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-18 17:33 ==================== End Of Log ============================