Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Marcin (administrator) on MARCIN-KOMPUTER on 06-11-2013 21:29:17
Running from C:\Users\Marcin\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Autodata Limited) C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(SPEEDbit) C:\PROGRA~2\SpeedBit Video Accelerator\VideoAcceleratorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(SPEEDbit) C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUsb\XFastUsb.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [THXCfg64] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [TNOD UP] - "C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe" /i
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Monitor] - C:\Windows\PixArt\Pac207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [2716216 2013-01-11] (ESET)
HKCU\...\Run: [ASRockXTU] - [x]
HKCU\...\Run: [zASRockInstantBoot] - [x]
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [147456 2007-01-15] (Nero AG)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [SpeedBitVideoAccelerator] - C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe [512517 2013-04-05] (SPEEDbit)
MountPoints2: {689e2b1c-0ed0-11e1-baaf-002522f9355d} - G:\setup.exe
HKLM-x32\...\Run: [XFastUsb] - C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4942336 2011-11-13] (FNet Co., Ltd.)
HKLM-x32\...\Run: [THX TruStudio NB Settings] - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\Updreg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-10-26] (Nullsoft, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [CloneCDTray] - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2004-12-09] (SlySoft, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\bitcomet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Winsock: Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Winsock: Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Winsock: Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Winsock: Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Winsock: Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Winsock: Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Winsock: Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Winsock: Catalog9 09 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Winsock: Catalog9 10 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Winsock: Catalog9 11 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Winsock: Catalog9 23 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\1z0dt0qd.default
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - E:\GRY\hawx2\orbit\npuplaypc.dll No File
FF Extension: Canadian English Dictionary - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\1z0dt0qd.default\Extensions\en-CA@dictionaries.addons.mozilla.org
FF Extension: Iplex to ALLPlayer - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\1z0dt0qd.default\Extensions\IplextoALL@ALLPlayer.org
FF Extension: IplextoALL - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\1z0dt0qd.default\Extensions\IplextoALL@ALLPlayer.org.xpi
FF Extension: jid1-93WyvpgvxzGATw - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\1z0dt0qd.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi
FF Extension: p24ext - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\1z0dt0qd.default\Extensions\p24ext@przelewy24.pl.xpi
FF Extension: Adblock Plus - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\1z0dt0qd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

==================== Services (Whitelisted) =================

R2 Autodata Limited License Service; C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [69120 2012-04-12] (Autodata Limited)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [23296 2009-09-11] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [735960 2009-09-11] (ESET)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] ()
R2 VideoAcceleratorService; C:\PROGRA~2\SpeedBit Video Accelerator\VideoAcceleratorService.exe [298152 2013-10-23] (SPEEDbit)
S2 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [x]

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-06-30] ()
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.)
R3 BlueletAudio; C:\Windows\SysWow64\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\SysWow64\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [25360 2007-03-05] (IVT Corporation.)
R3 BT; C:\Windows\SysWow64\DRIVERS\btnetdrv.sys [25360 2007-03-05] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [44688 2007-05-09] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\SysWow64\Drivers\btcusb.sys [44688 2007-05-09] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\SysWow64\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\SysWow64\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] ()
R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [144824 2009-09-11] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [136584 2009-09-11] (ESET)
S3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [26240 2004-08-31] (SlySoft, Inc.)
R2 ElbyCDIO; C:\Windows\SysWow64\Drivers\ElbyCDIO.sys [9856 2004-07-21] (Elaborate Bytes AG)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [168544 2009-09-11] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [33608 2009-06-19] (ESET)
R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [44944 2009-09-11] (ESET)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2011-11-23] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2011-11-13] (FNet Co., Ltd.)
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
S2 Kmm4xNT; C:\Windows\SysWow64\Drivers\Kmm4xNT.sys [95484 2002-04-26] (DATOM Dariusz Cielebąk)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-06-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [573952 2007-05-14] (PixArt Imaging Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-18] (Duplex Secure Ltd.)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
R3 VComm; C:\Windows\SysWow64\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\SysWow64\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.)
U3 aknqtpjr; C:\Windows\System32\Drivers\aknqtpjr.sys [0 ] (Elaborate Bytes AG)
S3 BTCOM; system32\DRIVERS\btcomport.sys [x]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [x]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
U3 awrdrpoc; \??\C:\Users\Marcin\AppData\Local\Temp\awrdrpoc.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-06 21:28 - 2013-11-06 21:28 - 00000000 ____D C:\FRST
2013-11-06 21:27 - 2013-11-06 21:27 - 01957098 _____ (Farbar) C:\Users\Marcin\Desktop\FRST64.exe
2013-11-06 20:45 - 2013-11-06 20:45 - 00031252 _____ C:\Users\Marcin\Desktop\gmer.txt
2013-11-06 20:22 - 2013-11-06 20:22 - 00128478 _____ C:\Users\Marcin\Desktop\Extras.Txt
2013-11-06 20:21 - 2013-11-06 20:21 - 00138064 _____ C:\Users\Marcin\Desktop\OTL.Txt
2013-11-06 19:44 - 2013-11-06 20:25 - 00000656 _____ C:\Users\Marcin\Desktop\defogger_disable.log
2013-11-06 19:44 - 2013-11-06 19:44 - 00000188 _____ C:\Users\Marcin\defogger_reenable
2013-11-06 19:42 - 2013-11-06 19:42 - 00050477 _____ C:\Users\Marcin\Desktop\Defogger.exe
2013-11-06 18:52 - 2013-11-06 18:52 - 00602112 _____ (OldTimer Tools) C:\Users\Marcin\Desktop\OTL.exe
2013-11-06 14:49 - 2013-11-06 14:49 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Malwarebytes
2013-11-06 14:48 - 2013-11-06 14:48 - 00001131 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-06 14:48 - 2013-11-06 14:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-06 14:48 - 2013-11-06 14:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-06 14:48 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-06 14:45 - 2013-11-06 14:45 - 00377856 _____ C:\Users\Marcin\Desktop\nlhz26gz.exe
2013-11-06 12:35 - 2013-11-06 12:35 - 00000521 _____ C:\Users\Public\Desktop\Call of Duty Ghosts.lnk
2013-11-06 12:24 - 2013-11-06 12:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-04 11:24 - 2013-11-04 11:24 - 00817504 _____ C:\Windows\Minidump\110413-24024-01.dmp
2013-10-30 15:12 - 2013-10-30 15:12 - 00000591 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2013-10-29 23:09 - 2013-10-29 23:09 - 00000000 ____D C:\Users\Marcin\AppData\Local\NVIDIA
2013-10-29 23:08 - 2013-10-29 23:08 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-29 23:08 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-29 23:08 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-29 23:06 - 2013-10-29 23:06 - 00000020 ___SH C:\Users\UpdatusUser.Marcin-Komputer\ntuser.ini
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Ustawienia lokalne
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Szablony
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Moje dokumenty
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Menu Start
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Documents\Moje wideo
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Documents\Moje obrazy
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Documents\Moja muzyka
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Dane aplikacji
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\AppData\Local\Historia
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\AppData\Local\Dane aplikacji
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 ____D C:\Users\UpdatusUser.Marcin-Komputer
2013-10-29 23:06 - 2012-05-19 14:26 - 00000000 ____D C:\Users\UpdatusUser.Marcin-Komputer\AppData\Roaming\Macromedia
2013-10-29 23:06 - 2011-12-15 13:46 - 00000000 ____D C:\Users\UpdatusUser.Marcin-Komputer\AppData\Local\Microsoft Help
2013-10-29 23:06 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\UpdatusUser.Marcin-Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-29 23:06 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\UpdatusUser.Marcin-Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-29 23:04 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-29 23:04 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-29 23:04 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-29 23:04 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-10-29 23:04 - 2013-09-28 00:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-10-29 23:04 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-29 23:04 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-10-29 23:04 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-10-29 23:04 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-10-29 22:59 - 2013-10-29 23:12 - 00000000 ____D C:\Users\Marcin\Documents\Battlefield 4
2013-10-26 22:19 - 2013-10-26 22:19 - 00000000 ____D C:\Users\Marcin\Documents\WB Games
2013-10-26 22:13 - 2013-10-26 22:13 - 00000000 ____D C:\ProgramData\Oracle
2013-10-26 22:12 - 2013-10-26 22:12 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-26 11:58 - 2013-10-29 20:54 - 00000000 ____D C:\Users\Marcin\Desktop\dodatki
2013-10-26 11:44 - 2013-10-26 11:44 - 00000849 _____ C:\Users\Public\Desktop\Batman Arkham Origins.lnk
2013-10-25 22:09 - 2013-10-25 22:09 - 00001080 _____ C:\Users\UpdatusUser\Desktop\TKexe Kalender.lnk
2013-10-25 22:09 - 2013-10-25 22:09 - 00001080 _____ C:\Users\Marcin\Desktop\TKexe Kalender.lnk
2013-10-25 22:09 - 2013-10-25 22:09 - 00001080 _____ C:\Users\Administrator\Desktop\TKexe Kalender.lnk
2013-10-25 22:09 - 2013-10-25 22:09 - 00000000 ____D C:\Program Files (x86)\TKexeKalender
2013-10-25 22:09 - 2008-02-08 20:10 - 00303104 _____ () C:\Windows\Uninstall_tkexe.exe
2013-10-25 22:00 - 2013-10-25 22:00 - 00000000 ____D C:\ProgramData\{EDB36CDF-F92C-4397-8EEF-7716BA7E4655}
2013-10-23 20:24 - 2013-10-23 20:24 - 00172032 _____ (Jin Hui    E-mail: jinhui@jcomsoft.com   Web: http://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2013-10-23 20:24 - 2013-10-23 20:24 - 00002131 _____ C:\Users\UpdatusUser\Desktop\SpeedBit Video Accelerator.lnk
2013-10-23 20:24 - 2013-10-23 20:24 - 00002131 _____ C:\Users\Administrator\Desktop\SpeedBit Video Accelerator.lnk
2013-10-23 20:24 - 2013-10-23 20:24 - 00000000 ____D C:\Users\Public\Documents\Speedbit
2013-10-23 20:24 - 2013-10-23 20:24 - 00000000 ____D C:\Program Files (x86)\SpeedBit Video Accelerator
2013-10-23 09:22 - 2013-10-23 09:23 - 00000000 ____D C:\Users\Marcin\Documents\Masters of the world
2013-10-23 09:21 - 2011-05-30 14:42 - 00255488 _____ C:\Windows\system32\xvidvfw.dll
2013-10-23 09:21 - 2011-05-30 14:42 - 00240640 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-10-23 09:21 - 2011-05-23 10:52 - 00153088 _____ C:\Windows\SysWOW64\xvid.ax
2013-10-23 09:21 - 2011-05-23 08:49 - 00173568 _____ C:\Windows\system32\xvid.ax
2013-10-23 09:21 - 2011-05-23 08:46 - 00645632 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-10-23 09:21 - 2011-05-23 08:45 - 00696832 _____ C:\Windows\system32\xvidcore.dll
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-20 20:33 - 2013-10-21 21:06 - 00000000 ____D C:\Users\Marcin\AppData\Local\Game Dev Tycoon
2013-10-20 20:33 - 2013-10-20 20:33 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2013-10-20 20:33 - 2013-10-20 20:33 - 00000000 ____D C:\Program Files (x86)\1-click run
2013-10-17 10:21 - 2013-10-17 10:24 - 224976384 _____ C:\Users\Marcin\Desktop\Katastrofa w przestworzach - Błąd w Kokpicie (Cockpit Failure).avi
2013-10-16 22:15 - 2013-10-18 22:58 - 00000000 ____D C:\Users\Marcin\Desktop\urodzinki
2013-10-13 19:09 - 2013-10-13 19:09 - 00304160 _____ C:\PA207.DAT
2013-10-12 20:26 - 2013-10-28 14:18 - 00000000 ____D C:\Users\Marcin\Documents\FIFA 14
2013-10-12 15:49 - 2013-10-12 15:49 - 00000652 _____ C:\Users\Public\Desktop\Rollercoaster Tycoon 3 ZE.lnk
2013-10-12 15:38 - 2013-10-12 15:38 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\InstallShield
2013-10-12 14:56 - 2013-10-12 14:58 - 00000000 ____D C:\Users\Marcin\Documents\RCT3
2013-10-12 14:56 - 2013-10-12 14:56 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Atari
2013-10-09 20:57 - 2013-10-09 20:57 - 00000000 ____D C:\Users\Marcin\Documents\Gamepires
2013-10-08 10:13 - 2013-10-18 15:19 - 00000000 ____D C:\Users\Marcin\Desktop\kontrakt
2013-10-08 10:13 - 2013-10-08 10:13 - 01534573 _____ C:\Users\Marcin\Desktop\kontrakt.zip

==================== One Month Modified Files and Folders =======

2013-11-06 21:28 - 2013-11-06 21:28 - 00000000 ____D C:\FRST
2013-11-06 21:27 - 2013-11-06 21:27 - 01957098 _____ (Farbar) C:\Users\Marcin\Desktop\FRST64.exe
2013-11-06 20:45 - 2013-11-06 20:45 - 00031252 _____ C:\Users\Marcin\Desktop\gmer.txt
2013-11-06 20:25 - 2013-11-06 19:44 - 00000656 _____ C:\Users\Marcin\Desktop\defogger_disable.log
2013-11-06 20:22 - 2013-11-06 20:22 - 00128478 _____ C:\Users\Marcin\Desktop\Extras.Txt
2013-11-06 20:21 - 2013-11-06 20:21 - 00138064 _____ C:\Users\Marcin\Desktop\OTL.Txt
2013-11-06 19:59 - 2009-07-14 05:45 - 00022368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-06 19:59 - 2009-07-14 05:45 - 00022368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-06 19:58 - 2011-11-13 09:32 - 01345506 _____ C:\Windows\WindowsUpdate.log
2013-11-06 19:58 - 2009-07-14 18:55 - 00750578 _____ C:\Windows\system32\perfh015.dat
2013-11-06 19:58 - 2009-07-14 18:55 - 00159070 _____ C:\Windows\system32\perfc015.dat
2013-11-06 19:58 - 2009-07-14 06:13 - 01689968 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-06 19:54 - 2011-11-13 09:58 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-06 19:54 - 2009-07-14 05:51 - 00177046 _____ C:\Windows\setupact.log
2013-11-06 19:44 - 2013-11-06 19:44 - 00000188 _____ C:\Users\Marcin\defogger_reenable
2013-11-06 19:44 - 2011-11-13 09:34 - 00000000 ____D C:\Users\Marcin
2013-11-06 19:42 - 2013-11-06 19:42 - 00050477 _____ C:\Users\Marcin\Desktop\Defogger.exe
2013-11-06 18:52 - 2013-11-06 18:52 - 00602112 _____ (OldTimer Tools) C:\Users\Marcin\Desktop\OTL.exe
2013-11-06 18:18 - 2012-01-12 18:29 - 00000282 _____ C:\Windows\Tasks\AsrXTU.job
2013-11-06 18:17 - 2011-11-13 09:52 - 00297948 _____ C:\Windows\PFRO.log
2013-11-06 15:59 - 2012-07-18 10:21 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\uTorrent
2013-11-06 14:49 - 2013-11-06 14:49 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Malwarebytes
2013-11-06 14:48 - 2013-11-06 14:48 - 00001131 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-06 14:48 - 2013-11-06 14:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-06 14:48 - 2013-11-06 14:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-06 14:45 - 2013-11-06 14:45 - 00377856 _____ C:\Users\Marcin\Desktop\nlhz26gz.exe
2013-11-06 13:15 - 2012-04-28 16:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-06 13:10 - 2012-07-02 07:34 - 01639614 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-06 13:05 - 2011-11-14 16:19 - 01101009 _____ C:\Windows\DirectX.log
2013-11-06 12:35 - 2013-11-06 12:35 - 00000521 _____ C:\Users\Public\Desktop\Call of Duty Ghosts.lnk
2013-11-06 12:24 - 2013-11-06 12:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-06 12:01 - 2011-11-13 09:45 - 00000000 ____D C:\ProgramData\Adobe
2013-11-06 12:00 - 2011-11-13 09:45 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Adobe
2013-11-05 19:13 - 2011-11-16 10:58 - 00000000 ____D C:\Users\Marcin\AppData\Local\Adobe
2013-11-05 19:12 - 2011-11-13 09:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-05 16:12 - 2011-11-20 23:51 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Winamp
2013-11-05 12:29 - 2011-11-20 19:08 - 00000000 ____D C:\Users\Marcin\AppData\Local\CrashDumps
2013-11-04 17:39 - 2013-08-13 21:25 - 00000000 ____D C:\Users\Marcin\Documents\Adobe
2013-11-04 11:24 - 2013-11-04 11:24 - 00817504 _____ C:\Windows\Minidump\110413-24024-01.dmp
2013-11-04 11:24 - 2011-12-04 18:09 - 00000000 ____D C:\Windows\Minidump
2013-11-01 22:26 - 2013-07-06 23:22 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\DC++
2013-11-01 22:26 - 2013-07-06 23:22 - 00000000 ____D C:\Users\Marcin\AppData\Local\DC++
2013-10-30 15:12 - 2013-10-30 15:12 - 00000591 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2013-10-30 00:22 - 2013-08-31 17:10 - 00000000 ____D C:\Users\Marcin\AppData\Local\LogMeIn Hamachi
2013-10-29 23:12 - 2013-10-29 22:59 - 00000000 ____D C:\Users\Marcin\Documents\Battlefield 4
2013-10-29 23:09 - 2013-10-29 23:09 - 00000000 ____D C:\Users\Marcin\AppData\Local\NVIDIA
2013-10-29 23:08 - 2013-10-29 23:08 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-29 23:08 - 2011-11-15 00:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-29 23:08 - 2011-11-13 09:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-29 23:08 - 2011-11-13 09:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-29 23:06 - 2013-10-29 23:06 - 00000020 ___SH C:\Users\UpdatusUser.Marcin-Komputer\ntuser.ini
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Ustawienia lokalne
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Szablony
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Moje dokumenty
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Menu Start
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Documents\Moje wideo
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Documents\Moje obrazy
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Documents\Moja muzyka
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\Dane aplikacji
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\AppData\Local\Historia
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 _SHDL C:\Users\UpdatusUser.Marcin-Komputer\AppData\Local\Dane aplikacji
2013-10-29 23:06 - 2013-10-29 23:06 - 00000000 ____D C:\Users\UpdatusUser.Marcin-Komputer
2013-10-29 22:26 - 2013-10-05 19:50 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-10-29 22:26 - 2013-07-13 00:16 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-29 20:54 - 2013-10-26 11:58 - 00000000 ____D C:\Users\Marcin\Desktop\dodatki
2013-10-28 18:46 - 2013-09-28 18:03 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Skype
2013-10-28 18:28 - 2013-09-28 18:03 - 00002547 _____ C:\Users\Public\Desktop\Skype.lnk
2013-10-28 14:18 - 2013-10-12 20:26 - 00000000 ____D C:\Users\Marcin\Documents\FIFA 14
2013-10-26 22:19 - 2013-10-26 22:19 - 00000000 ____D C:\Users\Marcin\Documents\WB Games
2013-10-26 22:13 - 2013-10-26 22:13 - 00000000 ____D C:\ProgramData\Oracle
2013-10-26 22:12 - 2013-10-26 22:12 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-26 22:12 - 2013-06-20 22:25 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-26 22:12 - 2013-06-20 22:25 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-26 22:12 - 2013-06-20 22:25 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-26 22:12 - 2012-04-12 06:40 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-26 11:44 - 2013-10-26 11:44 - 00000849 _____ C:\Users\Public\Desktop\Batman Arkham Origins.lnk
2013-10-25 22:09 - 2013-10-25 22:09 - 00001080 _____ C:\Users\UpdatusUser\Desktop\TKexe Kalender.lnk
2013-10-25 22:09 - 2013-10-25 22:09 - 00001080 _____ C:\Users\Marcin\Desktop\TKexe Kalender.lnk
2013-10-25 22:09 - 2013-10-25 22:09 - 00001080 _____ C:\Users\Administrator\Desktop\TKexe Kalender.lnk
2013-10-25 22:09 - 2013-10-25 22:09 - 00000000 ____D C:\Program Files (x86)\TKexeKalender
2013-10-25 22:00 - 2013-10-25 22:00 - 00000000 ____D C:\ProgramData\{EDB36CDF-F92C-4397-8EEF-7716BA7E4655}
2013-10-25 22:00 - 2012-05-27 08:34 - 00000000 ____D C:\Windows\Downloaded Installations
2013-10-23 20:24 - 2013-10-23 20:24 - 00172032 _____ (Jin Hui    E-mail: jinhui@jcomsoft.com   Web: http://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2013-10-23 20:24 - 2013-10-23 20:24 - 00002131 _____ C:\Users\UpdatusUser\Desktop\SpeedBit Video Accelerator.lnk
2013-10-23 20:24 - 2013-10-23 20:24 - 00002131 _____ C:\Users\Administrator\Desktop\SpeedBit Video Accelerator.lnk
2013-10-23 20:24 - 2013-10-23 20:24 - 00000000 ____D C:\Users\Public\Documents\Speedbit
2013-10-23 20:24 - 2013-10-23 20:24 - 00000000 ____D C:\Program Files (x86)\SpeedBit Video Accelerator
2013-10-23 11:30 - 2013-10-29 23:04 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-23 11:30 - 2013-10-29 23:04 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-23 11:30 - 2013-10-29 23:04 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-23 11:30 - 2012-10-24 17:16 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-23 11:30 - 2012-10-24 17:16 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 11:30 - 2012-06-07 11:09 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-10-23 11:30 - 2011-11-13 09:57 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-23 11:30 - 2011-11-13 09:57 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-23 11:30 - 2011-11-13 09:57 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-23 11:30 - 2011-11-13 09:56 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-23 09:23 - 2013-10-23 09:22 - 00000000 ____D C:\Users\Marcin\Documents\Masters of the world
2013-10-23 09:21 - 2011-11-27 13:47 - 00000000 ____D C:\Program Files (x86)\XviD
2013-10-23 09:20 - 2012-06-07 11:10 - 03426956 _____ C:\Windows\system32\nvcoproc.bin
2013-10-23 09:20 - 2010-12-27 11:55 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-23 09:20 - 2010-12-27 11:54 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-23 09:20 - 2010-12-27 11:54 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-10-23 09:20 - 2010-12-27 11:54 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-23 09:20 - 2010-12-27 11:54 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-23 09:20 - 2010-12-27 11:54 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-21 21:06 - 2013-10-20 20:33 - 00000000 ____D C:\Users\Marcin\AppData\Local\Game Dev Tycoon
2013-10-20 20:33 - 2013-10-20 20:33 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2013-10-20 20:33 - 2013-10-20 20:33 - 00000000 ____D C:\Program Files (x86)\1-click run
2013-10-18 22:58 - 2013-10-16 22:15 - 00000000 ____D C:\Users\Marcin\Desktop\urodzinki
2013-10-18 15:19 - 2013-10-08 10:13 - 00000000 ____D C:\Users\Marcin\Desktop\kontrakt
2013-10-18 02:36 - 2013-10-29 23:08 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-18 02:36 - 2013-10-29 23:08 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-17 18:58 - 2013-09-28 18:03 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-17 18:58 - 2013-09-28 18:03 - 00000000 ____D C:\ProgramData\Skype
2013-10-17 10:24 - 2013-10-17 10:21 - 224976384 _____ C:\Users\Marcin\Desktop\Katastrofa w przestworzach - Błąd w Kokpicie (Cockpit Failure).avi
2013-10-13 19:09 - 2013-10-13 19:09 - 00304160 _____ C:\PA207.DAT
2013-10-12 15:49 - 2013-10-12 15:49 - 00000652 _____ C:\Users\Public\Desktop\Rollercoaster Tycoon 3 ZE.lnk
2013-10-12 15:39 - 2011-11-13 09:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-12 15:38 - 2013-10-12 15:38 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\InstallShield
2013-10-12 14:58 - 2013-10-12 14:56 - 00000000 ____D C:\Users\Marcin\Documents\RCT3
2013-10-12 14:56 - 2013-10-12 14:56 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Atari
2013-10-11 15:12 - 2009-07-14 03:34 - 00000982 _____ C:\Windows\win.ini
2013-10-11 11:02 - 2013-07-05 19:54 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-11 11:02 - 2012-07-25 14:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-11 11:02 - 2011-11-13 10:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 20:57 - 2013-10-09 20:57 - 00000000 ____D C:\Users\Marcin\Documents\Gamepires
2013-10-08 10:13 - 2013-10-08 10:13 - 01534573 _____ C:\Users\Marcin\Desktop\kontrakt.zip

Files to move or delete:
====================
C:\Users\Public\GameRangerSetup.exe
C:\Users\Public\UNO_Freeware.exe


Some content of TEMP:
====================
C:\Users\Marcin\AppData\Local\Temp\AutoRun.exe
C:\Users\Marcin\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Marcin\AppData\Local\Temp\binkw32.dll
C:\Users\Marcin\AppData\Local\Temp\cabex.dll
C:\Users\Marcin\AppData\Local\Temp\CH.dll
C:\Users\Marcin\AppData\Local\Temp\Copy.dll
C:\Users\Marcin\AppData\Local\Temp\d2l_Install.exe
C:\Users\Marcin\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\Marcin\AppData\Local\Temp\detectionui_r.exe
C:\Users\Marcin\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\Marcin\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\Marcin\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\Marcin\AppData\Local\Temp\eauninstall.exe
C:\Users\Marcin\AppData\Local\Temp\gbr3v9r4.dll
C:\Users\Marcin\AppData\Local\Temp\ggdrive-menu.exe
C:\Users\Marcin\AppData\Local\Temp\ggdrive-overlay.exe
C:\Users\Marcin\AppData\Local\Temp\haspdinst_x64.exe
C:\Users\Marcin\AppData\Local\Temp\installstats.exe
C:\Users\Marcin\AppData\Local\Temp\install_reader11_pl_mssd_aaa_aih_1.exe
C:\Users\Marcin\AppData\Local\Temp\iupdate.exe
C:\Users\Marcin\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Marcin\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Marcin\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Marcin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Marcin\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Marcin\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Marcin\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Marcin\AppData\Local\Temp\local.dll
C:\Users\Marcin\AppData\Local\Temp\MP3_Launcher_1_13_0_0.exe
C:\Users\Marcin\AppData\Local\Temp\msvcr80.dll
C:\Users\Marcin\AppData\Local\Temp\Need for Speed Underground 2_uninst.exe
C:\Users\Marcin\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Marcin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Marcin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Marcin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Marcin\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Marcin\AppData\Local\Temp\nvStInst.exe
C:\Users\Marcin\AppData\Local\Temp\SetupAssistant.exe
C:\Users\Marcin\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Marcin\AppData\Local\Temp\SimPack.exe
C:\Users\Marcin\AppData\Local\Temp\SkidRow.exe
C:\Users\Marcin\AppData\Local\Temp\sonarinst.exe
C:\Users\Marcin\AppData\Local\Temp\Super_Bros_3_Mario_Forever.exe
C:\Users\Marcin\AppData\Local\Temp\tmpD364.exe
C:\Users\Marcin\AppData\Local\Temp\ubi15A4.tmp.exe
C:\Users\Marcin\AppData\Local\Temp\ubi5A02.tmp.exe
C:\Users\Marcin\AppData\Local\Temp\ubi5C95.tmp.exe
C:\Users\Marcin\AppData\Local\Temp\ubi6894.tmp.exe
C:\Users\Marcin\AppData\Local\Temp\ubi6E4D.tmp.exe
C:\Users\Marcin\AppData\Local\Temp\ubi7FCC.tmp.exe
C:\Users\Marcin\AppData\Local\Temp\ubiF9BB.tmp.exe
C:\Users\Marcin\AppData\Local\Temp\unelevate.exe
C:\Users\Marcin\AppData\Local\Temp\Uninst.exe
C:\Users\Marcin\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Marcin\AppData\Local\Temp\zlib1.dll
C:\Users\Marcin\AppData\Local\Temp\_isA097.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-01-01 18:53

==================== End Of Log ============================