Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 03 Ran by Marek (administrator) on MAREK-DOMOWY on 17-01-2014 10:22:16 Running from I:\Nasze dokumenty\MOJE DOKUMENTY\SYSTEMOWE UŻYTKI\Anty-Vir-Spy\FRST64 Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G Data_2014\TotalProtection\AVK\AVKWCtlx64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G Data_2014\TotalProtection\AVK\AVKService.exe (G Data Software AG) C:\Program Files (x86)\G Data_2014\TotalProtection\AVKBackup\AVKBackupService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (G Data Software AG) C:\Program Files (x86)\G Data_2014\TotalProtection\Firewall\GDFwSvcx64.exe (G Data Software AG) C:\Program Files (x86)\G Data_2014\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG) C:\Program Files (x86)\G Data_2014\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) E:\Office2003\OFFICE11\OUTLOOK.EXE (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_0_1_ActiveX.exe ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data_2014\TotalProtection\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG) HKLM-x32\...\Run: [GDFirewallTray] - C:\Program Files (x86)\G Data_2014\TotalProtection\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG) HKLM-x32\...\Run: [G Data ASM] - C:\Program Files (x86)\G Data_2014\TotalProtection\DelayLoader\AutorunDelayLoader.exe [472016 2013-02-25] (G Data Software AG) HKCU\...\Run: [] - [x] HKCU\...\Policies\system: [LogonHoursAction] 2 HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 MountPoints2: {97bc2fbc-fb89-11e2-9d66-0019db68be01} - M:\autorun.exe MountPoints2: {dfbfead4-4e21-11e2-a824-0019db68be01} - M:\NokiaPCIA_Autorun.exe HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119357&tt=gc_&babsrc=SP_ss&mntrId=44090019DB68BE01 BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - E:\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - E:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - E:\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206 ==================== Services (Whitelisted) ================= R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G Data_2014\TotalProtection\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G Data_2014\TotalProtection\AVK\AVKWCtlx64.exe [2562208 2013-10-15] (G Data Software AG) R2 GDBackupSvc; C:\Program Files (x86)\G Data_2014\TotalProtection\AVKBackup\AVKBackupService.exe [1947768 2013-08-21] (G Data Software AG) R3 GDFwSvc; C:\Program Files (x86)\G Data_2014\TotalProtection\Firewall\GDFwSvcx64.exe [2942808 2013-10-17] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG) S3 GDTunerSvc; C:\Program Files (x86)\G Data_2014\TotalProtection\AVKTuner\AVKTunerService.exe [1711568 2013-02-25] (G Data Software AG) R2 hpqcxs08; E:\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) R2 hpqddsvc; E:\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) R2 HPSLPSVC; E:\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation) S3 SkypeUpdate; E:\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies) S3 TSNxGService; C:\Program Files (x86)\G Data_2014\TotalProtection\TSNxG\TSNxGService.exe [255608 2013-09-23] (G Data Software) ==================== Drivers (Whitelisted) ==================== R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-10-02] (G Data Software AG) R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [79704 2013-12-09] (G Data Software AG) R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [59736 2013-12-09] (G Data Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-10-02] (G Data Software AG) R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [63320 2013-10-02] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-12-09] (G Data Software AG) S1 GLogin; No ImagePath R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2013-10-30] (G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-10-02] (G Data Software AG) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation) R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2013-12-09] (G Data Software) S3 GMSIPCI; \??\L:\INSTALL\GMSIPCI.SYS [x] S3 IT9135BDA; System32\Drivers\IT9135BDA.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-17 10:21 - 2014-01-17 10:21 - 00000000 ____D C:\FRST 2014-01-15 11:55 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 11:55 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 11:55 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 11:55 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 11:55 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 11:55 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 11:55 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 11:55 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 11:55 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-11 12:10 - 2014-01-11 12:11 - 00000000 ____D C:\Users\Marek\Desktop\DANKA_ANGLIA 2014-01-11 11:59 - 2014-01-17 08:10 - 00003323 _____ C:\Windows\setupact.log 2014-01-11 11:59 - 2014-01-11 11:59 - 00000000 _____ C:\Windows\setuperr.log 2014-01-08 18:31 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-01-08 18:31 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-01-08 18:29 - 2014-01-17 08:10 - 00000000 ____D C:\ProgramData\NVIDIA 2014-01-08 18:29 - 2013-12-19 19:53 - 06671648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-01-08 18:29 - 2013-12-19 19:53 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-01-08 18:29 - 2013-12-19 19:53 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-01-08 18:29 - 2013-12-19 19:53 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-01-08 18:29 - 2013-12-19 19:53 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-01-08 18:29 - 2013-12-19 19:53 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-01-08 18:29 - 2013-12-19 06:01 - 03539040 _____ C:\Windows\system32\nvcoproc.bin 2014-01-08 18:28 - 2013-12-19 21:33 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-01-08 18:28 - 2013-12-19 21:33 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-01-08 18:25 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-01-08 18:25 - 2013-12-19 21:33 - 00023754 _____ C:\Windows\system32\nvinfo.pb 2014-01-08 18:25 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-01-08 18:25 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2014-01-08 18:25 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-01-08 18:25 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2014-01-08 18:25 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2014-01-08 18:25 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2014-01-08 18:07 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-01-08 18:07 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2014-01-08 18:07 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-01-08 18:07 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-01-08 18:07 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-01-08 18:07 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-01-02 11:09 - 2014-01-02 11:09 - 00000869 _____ C:\spam.log 2013-12-19 12:20 - 2013-12-19 12:20 - 00590112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe ==================== One Month Modified Files and Folders ======= 2014-01-17 10:21 - 2014-01-17 10:21 - 00000000 ____D C:\FRST 2014-01-17 10:09 - 2011-08-31 19:53 - 01537745 _____ C:\Windows\WindowsUpdate.log 2014-01-17 09:39 - 2013-08-05 07:39 - 00000286 _____ C:\Windows\Tasks\DSite.job 2014-01-17 08:17 - 2009-07-14 05:45 - 00015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-17 08:17 - 2009-07-14 05:45 - 00015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-17 08:10 - 2014-01-11 11:59 - 00003323 _____ C:\Windows\setupact.log 2014-01-17 08:10 - 2014-01-08 18:29 - 00000000 ____D C:\ProgramData\NVIDIA 2014-01-17 08:10 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-16 19:39 - 2011-04-17 10:32 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Skype 2014-01-16 09:14 - 2009-07-14 18:55 - 00740438 _____ C:\Windows\system32\perfh015.dat 2014-01-16 09:14 - 2009-07-14 18:55 - 00156012 _____ C:\Windows\system32\perfc015.dat 2014-01-16 09:14 - 2009-07-14 06:13 - 01670590 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-15 19:30 - 2013-06-17 08:26 - 00000000 ____D C:\Users\Marek\AppData\Roaming\GG 2014-01-15 12:33 - 2013-06-10 06:37 - 00288728 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-15 12:00 - 2013-07-12 19:30 - 00000000 ____D C:\Windows\system32\MRT 2014-01-15 12:00 - 2009-07-14 03:34 - 00000534 _____ C:\Windows\win.ini 2014-01-15 11:55 - 2011-04-16 21:45 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-15 11:44 - 2009-07-14 06:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2014-01-13 13:47 - 2011-05-28 05:42 - 00000811 _____ C:\Users\Marek\intlname.ols 2014-01-11 12:11 - 2014-01-11 12:10 - 00000000 ____D C:\Users\Marek\Desktop\DANKA_ANGLIA 2014-01-11 11:59 - 2014-01-11 11:59 - 00000000 _____ C:\Windows\setuperr.log 2014-01-08 18:31 - 2013-10-22 08:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2014-01-08 18:31 - 2011-04-16 21:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2014-01-08 18:31 - 2011-04-16 21:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2014-01-08 18:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help 2014-01-07 18:38 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2014-01-02 11:09 - 2014-01-02 11:09 - 00000869 _____ C:\spam.log 2013-12-29 20:11 - 2011-04-17 11:54 - 00001042 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-27 10:50 - 2013-11-14 12:57 - 00000000 ____D C:\Users\Marek\AppData\Roaming\ipla 2013-12-27 10:50 - 2013-09-17 08:39 - 00000000 __SHD C:\#GDATA.Trash.Store# 2013-12-27 10:30 - 2011-04-17 11:54 - 00004054 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-12-27 10:30 - 2011-04-17 11:54 - 00003802 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-12-27 10:30 - 2011-04-17 11:54 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-27 10:30 - 2011-04-16 22:02 - 00003546 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask 2013-12-19 21:33 - 2014-01-08 18:28 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2013-12-19 21:33 - 2014-01-08 18:28 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-12-19 21:33 - 2014-01-08 18:25 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-12-19 21:33 - 2014-01-08 18:25 - 00023754 _____ C:\Windows\system32\nvinfo.pb 2013-12-19 19:53 - 2014-01-08 18:29 - 06671648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-12-19 19:53 - 2014-01-08 18:29 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-12-19 19:53 - 2014-01-08 18:29 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-12-19 19:53 - 2014-01-08 18:29 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-12-19 19:53 - 2014-01-08 18:29 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-12-19 19:53 - 2014-01-08 18:29 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-12-19 12:20 - 2013-12-19 12:20 - 00590112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-12-19 06:01 - 2014-01-08 18:29 - 03539040 _____ C:\Windows\system32\nvcoproc.bin 2013-12-18 11:17 - 2011-08-11 19:09 - 00414368 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-09 16:58 ==================== End Of Log ============================