Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02 Ran by Sebash (administrator) on SEBASH-KOMP on 01-08-2014 10:44:36 Running from C:\Users\Sebash\Downloads\frsts Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Corporation) C:\Windows\System32\PING.EXE (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (OldTimer Tools) C:\Users\Sebash\Downloads\OTL.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Alexander Roshal) C:\Program Files (x86)\WinRAR\WinRAR.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sebash\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-04] (Synaptics Incorporated) HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-01-29] (Check Point Software Technologies LTD) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-2332736896-710271178-982757965-1001\...\MountPoints2: E - E:\setup.exe AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation) AppInit_DLLs-x32: , C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation) IFEO\openmuihelp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" IFEO\teco.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" IFEO\tempro.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" IFEO\todisc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" IFEO\toshibaregistration.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" IFEO\tosramutil.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" IFEO\tpchviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\user2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Sebash\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Sebash\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Sebash\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebash\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebash\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebash\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebash\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Sebash\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Sebash\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Sebash\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebash\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebash\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebash\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebash\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {09B23A7B-C8E9-471D-9D24-C4FDB9D7FBBD} URL = http://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms} SearchScopes: HKCU - {09B23A7B-C8E9-471D-9D24-C4FDB9D7FBBD} URL = http://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms} SearchScopes: HKCU - {96BA212B-ECA7-4814-BEBB-13987DC335B8} URL = SearchScopes: HKCU - {A2A5EB50-AD98-4334-B4B4-39EBE3AB150E} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2 BHO: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG) BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll () Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Sebash\AppData\Roaming\Mozilla\Firefox\Profiles\waf9jm0u.default FF DefaultSearchEngine: omiga-plus FF SelectedSearchEngine: omiga-plus FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nexon.com/NxGame - C:\ProgramData\Nexon\NGM\npnxgame.dll No File FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - null\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sebash\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sebash\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Users\Sebash\Downloads\null\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\omiga-plus.xml FF Extension: Widget context - C:\Users\Sebash\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-06-25] FF Extension: Zotero Word for Windows Integration - C:\Users\Sebash\AppData\Roaming\Mozilla\Firefox\Profiles\waf9jm0u.default\Extensions\zoteroWinWordIntegration@zotero.org [2014-02-20] FF Extension: No Name - C:\Users\Sebash\AppData\Roaming\Mozilla\Firefox\Profiles\waf9jm0u.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-11-30] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-05-15] Chrome: ======= CHR HomePage: CHR Plugin: (Shockwave Flash) - C:\Users\Sebash\AppData\Local\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Sebash\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Sebash\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (ArcPlugin) - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll No File CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon) CHR Plugin: (Google Update) - C:\Users\Sebash\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File CHR Plugin: (Pando Web Plugin) - C:\Users\Sebash\Downloads\null\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\windows\SysWOW64\npDeployJava1.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File CHR Extension: (Dokumenty Google) - C:\Users\Sebash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-21] CHR Extension: (Dysk Google) - C:\Users\Sebash\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-21] CHR Extension: (YouTube) - C:\Users\Sebash\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-21] CHR Extension: (Adblock Plus) - C:\Users\Sebash\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-24] CHR Extension: (Szukaj w Google) - C:\Users\Sebash\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-21] CHR Extension: (Zotero Connector) - C:\Users\Sebash\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2013-11-30] CHR Extension: (Transferuj.pl) - C:\Users\Sebash\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamjcgdmfcciglelnlngnknalhbhmkif [2014-06-23] CHR Extension: (AdBlock) - C:\Users\Sebash\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-24] CHR Extension: (Facebook Unseen) - C:\Users\Sebash\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop [2014-02-18] CHR Extension: (Auto Replay for YouTube™) - C:\Users\Sebash\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2013-08-25] CHR Extension: (Google Wallet) - C:\Users\Sebash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Gmail) - C:\Users\Sebash\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-21] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed] S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S4 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [828072 2012-11-22] (Check Point Software Technologies) S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation) S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S4 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH) R2 Thpsrv; C:\windows\system32\ThpSrv.exe [526848 2010-12-24] (TOSHIBA Corporation) [File not signed] R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software) S2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2447888 2013-01-29] (Check Point Software Technologies LTD) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-25] (Disc Soft Ltd) R3 hidusbf; C:\Windows\System32\DRIVERS\hidusbf.sys [8064 2012-12-31] (SweetLow) R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33712 2012-11-22] (Check Point Software Technologies) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89432 2012-11-15] (Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [611160 2012-11-15] (Kaspersky Lab) S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.) R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC) S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [29696 2012-10-11] (ManyCam LLC) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-25] (Duplex Secure Ltd.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software) S3 V0700Vid; C:\Windows\System32\DRIVERS\V0700Vid.sys [393920 2011-09-07] (Creative Technology Ltd.) R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450136 2012-12-13] (Check Point Software Technologies LTD) S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org) U3 a4oquhr6; C:\Windows\System32\Drivers\a4oquhr6.sys [0 ] (Intel Corporation) S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X] U0 KL1; ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-01 10:45 - 2014-08-01 10:45 - 00380416 _____ () C:\Users\Sebash\Downloads\p1g7sup2.exe 2014-08-01 10:43 - 2014-08-01 10:44 - 00000000 ____D () C:\Users\Sebash\Downloads\frsts 2014-08-01 10:43 - 2014-08-01 10:44 - 00000000 ____D () C:\FRST 2014-08-01 10:40 - 2014-08-01 10:40 - 03218358 _____ () C:\Users\Sebash\Downloads\Raport kondycji systemu.html 2014-08-01 10:30 - 2014-08-01 10:30 - 00000932 _____ () C:\Users\Sebash\Desktop\shellexview.txt 2014-08-01 10:30 - 2014-08-01 10:28 - 03218358 _____ () C:\Users\Sebash\Desktop\Raport kondycji systemu.html 2014-08-01 10:29 - 2014-08-01 10:29 - 00066149 _____ () C:\Users\Sebash\Downloads\shexview.zip 2014-08-01 10:29 - 2014-08-01 10:29 - 00002757 _____ () C:\Users\Sebash\Downloads\shexview_polish.zip 2014-08-01 10:26 - 2014-08-01 10:26 - 00101276 _____ () C:\Users\Sebash\Desktop\Extras.Txt 2014-08-01 10:25 - 2014-08-01 10:25 - 04953431 _____ () C:\Users\Sebash\Desktop\Pełne Dzienniki zdarzeń.rar 2014-08-01 10:25 - 2014-08-01 10:25 - 00128194 _____ () C:\Users\Sebash\Desktop\OTL.Txt 2014-08-01 10:18 - 2014-08-01 10:19 - 00103554 _____ () C:\Users\Sebash\Desktop\AutoRuns.txt 2014-08-01 10:18 - 2014-08-01 10:18 - 00000000 ____D () C:\Users\Sebash\Downloads\Autoruns 2014-08-01 10:17 - 2014-08-01 10:17 - 00511782 _____ () C:\Users\Sebash\Downloads\Autoruns.zip 2014-08-01 10:16 - 2014-08-01 10:16 - 00602112 _____ (OldTimer Tools) C:\Users\Sebash\Downloads\OTL.exe 2014-08-01 09:11 - 2014-08-01 09:11 - 00000000 ___SD () C:\ComboFix 2014-08-01 09:11 - 2014-08-01 09:11 - 00000000 ____D () C:\windows\ERDNT 2014-08-01 09:10 - 2014-08-01 09:11 - 00000000 ____D () C:\Qoobox 2014-08-01 08:55 - 2014-08-01 08:55 - 00000375 _____ () C:\windows\system32\Drivers\etc\hosts.ics 2014-08-01 08:33 - 2014-08-01 08:33 - 00000000 ____D () C:\ProgramData\TP-LINK 2014-08-01 08:33 - 2010-05-13 09:58 - 00007484 _____ () C:\windows\system32\athurextx.cat 2014-08-01 08:33 - 2010-01-05 19:23 - 01847296 ____R (Atheros Communications, Inc.) C:\windows\system32\athurx.sys 2014-08-01 08:33 - 2010-01-05 19:23 - 01847296 _____ (Atheros Communications, Inc.) C:\windows\system32\Drivers\athurx.sys 2014-08-01 08:11 - 2014-08-01 08:11 - 00008652 _____ () C:\Users\Sebash\Downloads\[kickass.to]torchlight.ii.v1.2552.crack.only.skidrow.torrent 2014-08-01 07:53 - 2014-08-01 08:52 - 00000840 _____ () C:\windows\setupact.log 2014-08-01 07:53 - 2014-08-01 07:53 - 00000000 _____ () C:\windows\setuperr.log 2014-07-31 18:39 - 2014-07-31 18:39 - 00214270 _____ () C:\Users\Sebash\Desktop\dziiiiiiiiiiiiiisss.reg 2014-07-31 17:41 - 2014-07-31 17:41 - 00001580 _____ () C:\Users\Sebash\Desktop\Play Outlast.lnk 2014-07-31 17:26 - 2014-07-31 17:26 - 00000000 ____D () C:\Users\Sebash\Downloads\Outlast.MULTi9-PROPHET [EN_FR_DE_IT_ES_PL_RU_HU_PT-BR] 2014-07-31 14:16 - 2014-07-31 14:22 - 00000000 ____D () C:\Users\Sebash\Downloads\----NEW GAMES-- 2014-07-31 13:31 - 2014-07-31 13:31 - 00000856 _____ () C:\Users\Sebash\Desktop\--RAPSY--.lnk 2014-07-31 01:19 - 2014-07-31 01:19 - 00000758 _____ () C:\Users\Sebash\Desktop\2014 FILMY - TATA — skrót.lnk 2014-07-26 18:37 - 2014-07-29 23:06 - 00000000 ____D () C:\Users\Sebash\Desktop\1muza 2014-07-18 01:28 - 2014-07-18 01:28 - 00000000 ____D () C:\ProgramData\Riot Games 2014-07-15 20:38 - 2014-07-15 20:41 - 00000000 ____D () C:\Users\Sebash\Desktop\Naj Najnowsze -Rozwój 2014-07-15 20:32 - 2014-07-15 20:32 - 00001018 _____ () C:\Users\Sebash\Desktop\--KognI i Domówki ALL — skrót.lnk 2014-07-09 20:28 - 2014-07-10 21:05 - 00000668 _____ () C:\Users\Sebash\Desktop\nlp sekret.txt 2014-07-08 02:18 - 2014-07-10 19:18 - 00010620 _____ () C:\Users\Sebash\Desktop\new playlist.fpl 2014-07-07 17:18 - 2014-07-31 13:35 - 00000000 ____D () C:\Users\Sebash\Desktop\PS madafaka jpgs 2014-07-06 01:15 - 2014-07-06 21:54 - 00000000 ____D () C:\Users\Sebash\Downloads\Californication Season 7 Complete 720p ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-01 10:45 - 2014-08-01 10:45 - 00380416 _____ () C:\Users\Sebash\Downloads\p1g7sup2.exe 2014-08-01 10:44 - 2014-08-01 10:43 - 00000000 ____D () C:\Users\Sebash\Downloads\frsts 2014-08-01 10:44 - 2014-08-01 10:43 - 00000000 ____D () C:\FRST 2014-08-01 10:40 - 2014-08-01 10:40 - 03218358 _____ () C:\Users\Sebash\Downloads\Raport kondycji systemu.html 2014-08-01 10:30 - 2014-08-01 10:30 - 00000932 _____ () C:\Users\Sebash\Desktop\shellexview.txt 2014-08-01 10:29 - 2014-08-01 10:29 - 00066149 _____ () C:\Users\Sebash\Downloads\shexview.zip 2014-08-01 10:29 - 2014-08-01 10:29 - 00002757 _____ () C:\Users\Sebash\Downloads\shexview_polish.zip 2014-08-01 10:28 - 2014-08-01 10:30 - 03218358 _____ () C:\Users\Sebash\Desktop\Raport kondycji systemu.html 2014-08-01 10:26 - 2014-08-01 10:26 - 00101276 _____ () C:\Users\Sebash\Desktop\Extras.Txt 2014-08-01 10:25 - 2014-08-01 10:25 - 04953431 _____ () C:\Users\Sebash\Desktop\Pełne Dzienniki zdarzeń.rar 2014-08-01 10:25 - 2014-08-01 10:25 - 00128194 _____ () C:\Users\Sebash\Desktop\OTL.Txt 2014-08-01 10:19 - 2014-08-01 10:18 - 00103554 _____ () C:\Users\Sebash\Desktop\AutoRuns.txt 2014-08-01 10:18 - 2014-08-01 10:18 - 00000000 ____D () C:\Users\Sebash\Downloads\Autoruns 2014-08-01 10:17 - 2014-08-01 10:17 - 00511782 _____ () C:\Users\Sebash\Downloads\Autoruns.zip 2014-08-01 10:16 - 2014-08-01 10:16 - 00602112 _____ (OldTimer Tools) C:\Users\Sebash\Downloads\OTL.exe 2014-08-01 09:52 - 2012-09-05 17:39 - 00001062 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2332736896-710271178-982757965-1001UA.job 2014-08-01 09:33 - 2009-07-14 06:45 - 00025120 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-01 09:33 - 2009-07-14 06:45 - 00025120 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-01 09:30 - 2013-02-20 15:45 - 13001216 ___SH () C:\Users\Sebash\Desktop\Thumbs.db 2014-08-01 09:23 - 2014-05-10 16:47 - 01015676 _____ () C:\windows\WindowsUpdate.log 2014-08-01 09:14 - 2013-05-09 15:09 - 00000000 ____D () C:\---Photoshop--- 2014-08-01 09:12 - 2012-10-20 00:37 - 00000000 ____D () C:\Users\Sebash\AppData\Roaming\uTorrent 2014-08-01 09:11 - 2014-08-01 09:11 - 00000000 ___SD () C:\ComboFix 2014-08-01 09:11 - 2014-08-01 09:11 - 00000000 ____D () C:\windows\ERDNT 2014-08-01 09:11 - 2014-08-01 09:10 - 00000000 ____D () C:\Qoobox 2014-08-01 08:59 - 2011-02-14 11:01 - 00744036 _____ () C:\windows\system32\perfh015.dat 2014-08-01 08:59 - 2011-02-14 11:01 - 00157486 _____ () C:\windows\system32\perfc015.dat 2014-08-01 08:59 - 2009-07-14 07:13 - 01679274 _____ () C:\windows\system32\PerfStringBackup.INI 2014-08-01 08:55 - 2014-08-01 08:55 - 00000375 _____ () C:\windows\system32\Drivers\etc\hosts.ics 2014-08-01 08:52 - 2014-08-01 07:53 - 00000840 _____ () C:\windows\setupact.log 2014-08-01 08:52 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-08-01 08:38 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF 2014-08-01 08:33 - 2014-08-01 08:33 - 00000000 ____D () C:\ProgramData\TP-LINK 2014-08-01 08:33 - 2011-04-17 18:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-08-01 08:29 - 2012-10-06 20:08 - 00000000 ____D () C:\Users\Sebash\AppData\Roaming\foobar2000 2014-08-01 08:12 - 2014-06-25 18:54 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-08-01 08:12 - 2014-06-25 02:49 - 00000000 ____D () C:\Program Files (x86)\Torchlight II 2014-08-01 08:12 - 2012-11-02 13:03 - 00000000 ____D () C:\Users\Sebash\Documents\My Games 2014-08-01 08:12 - 2012-10-06 15:01 - 00000000 ____D () C:\Users\Sebash\AppData\Roaming\DAEMON Tools Lite 2014-08-01 08:11 - 2014-08-01 08:11 - 00008652 _____ () C:\Users\Sebash\Downloads\[kickass.to]torchlight.ii.v1.2552.crack.only.skidrow.torrent 2014-08-01 07:58 - 2012-10-06 14:16 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2014-08-01 07:58 - 2012-10-06 14:16 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-01 07:53 - 2014-08-01 07:53 - 00000000 _____ () C:\windows\setuperr.log 2014-08-01 01:28 - 2012-11-01 17:08 - 00000000 ____D () C:\Users\Sebash\AppData\Roaming\vlc 2014-07-31 18:39 - 2014-07-31 18:39 - 00214270 _____ () C:\Users\Sebash\Desktop\dziiiiiiiiiiiiiisss.reg 2014-07-31 17:53 - 2013-11-30 18:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-31 17:41 - 2014-07-31 17:41 - 00001580 _____ () C:\Users\Sebash\Desktop\Play Outlast.lnk 2014-07-31 17:32 - 2013-05-25 19:02 - 00000000 ____D () C:\Games 2014-07-31 17:26 - 2014-07-31 17:26 - 00000000 ____D () C:\Users\Sebash\Downloads\Outlast.MULTi9-PROPHET [EN_FR_DE_IT_ES_PL_RU_HU_PT-BR] 2014-07-31 17:22 - 2013-12-08 04:30 - 00000000 ____D () C:\Outlast 2014-07-31 17:21 - 2013-12-08 04:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast PL [BDIP] 2014-07-31 14:24 - 2012-12-30 20:37 - 00000000 ____D () C:\Users\Sebash\Desktop\Foty 2014-07-31 14:22 - 2014-07-31 14:16 - 00000000 ____D () C:\Users\Sebash\Downloads\----NEW GAMES-- 2014-07-31 14:18 - 2013-05-10 17:48 - 00000000 ____D () C:\====NEW FILMY=== 2014-07-31 13:35 - 2014-07-07 17:18 - 00000000 ____D () C:\Users\Sebash\Desktop\PS madafaka jpgs 2014-07-31 13:31 - 2014-07-31 13:31 - 00000856 _____ () C:\Users\Sebash\Desktop\--RAPSY--.lnk 2014-07-31 13:31 - 2013-12-20 19:55 - 00000000 ____D () C:\Users\Sebash\Downloads\-HIP HOP RAPSY- 2014-07-31 01:52 - 2012-09-05 17:39 - 00001010 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2332736896-710271178-982757965-1001Core.job 2014-07-31 01:19 - 2014-07-31 01:19 - 00000758 _____ () C:\Users\Sebash\Desktop\2014 FILMY - TATA — skrót.lnk 2014-07-29 23:06 - 2014-07-26 18:37 - 00000000 ____D () C:\Users\Sebash\Desktop\1muza 2014-07-18 21:59 - 2012-09-05 17:43 - 00002390 _____ () C:\Users\Sebash\Desktop\Google Chrome.lnk 2014-07-18 01:28 - 2014-07-18 01:28 - 00000000 ____D () C:\ProgramData\Riot Games 2014-07-15 21:01 - 2012-12-22 22:11 - 00000017 _____ () C:\Users\Sebash\Desktop\ping 8.8.8.8.bat 2014-07-15 20:41 - 2014-07-15 20:38 - 00000000 ____D () C:\Users\Sebash\Desktop\Naj Najnowsze -Rozwój 2014-07-15 20:41 - 2014-06-15 17:16 - 00000000 ____D () C:\Users\Sebash\Desktop\Na sesje notatki all i wgl 2014-07-15 20:32 - 2014-07-15 20:32 - 00001018 _____ () C:\Users\Sebash\Desktop\--KognI i Domówki ALL — skrót.lnk 2014-07-14 23:47 - 2012-10-06 15:16 - 00000000 ___RD () C:\Users\Sebash\Desktop\Aplikacje 2014-07-13 11:34 - 2014-06-26 14:04 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-10 21:05 - 2014-07-09 20:28 - 00000668 _____ () C:\Users\Sebash\Desktop\nlp sekret.txt 2014-07-10 19:18 - 2014-07-08 02:18 - 00010620 _____ () C:\Users\Sebash\Desktop\new playlist.fpl 2014-07-08 01:42 - 2014-04-23 00:44 - 00000000 ____D () C:\Users\Sebash\Desktop\~new tXt z pulpitu~ 2014-07-07 19:59 - 2013-05-09 15:14 - 00000132 _____ () C:\Users\Sebash\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG 2014-07-07 14:20 - 2013-09-27 17:09 - 00000000 ___RD () C:\Users\Sebash\Desktop\~KOGNITYWISTYKA KOMUNIKACJI~ 2014-07-06 21:54 - 2014-07-06 01:15 - 00000000 ____D () C:\Users\Sebash\Downloads\Californication Season 7 Complete 720p 2014-07-04 17:40 - 2014-06-27 01:11 - 00000000 ____D () C:\Users\Sebash\AppData\Local\Adobe 2014-07-03 15:20 - 2009-07-14 07:32 - 00000000 ____D () C:\windows\Performance 2014-07-02 14:43 - 2014-05-27 23:21 - 00000000 ____D () C:\Users\Sebash\Desktop\Games ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION! LastRegBack: 2014-07-28 12:18 ==================== End Of Log ============================