Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 Ran by user (administrator) on USER-PC on 27-10-2014 16:37:25 Running from C:\Users\user\Downloads Loaded Profile: user (Available profiles: user) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hp\HP UT LEDM\bin\hppusg.exe () C:\Program Files (x86)\MOTU\Audio\MFWAKeys.exe (Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (HP) C:\Program Files (x86)\Hp\HPLaserJetService\HPLaserJetService.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (HP) C:\Windows\System32\HPSIsvc.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (MOTU Inc.) C:\Program Files (x86)\MOTU\motuDNSResponder.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Farbar) C:\Users\user\Downloads\FRST64 (1).exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company) HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2013-10-17] (Synaptics Incorporated) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [489472 2013-11-26] (IDT, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-04] (NVIDIA Corporation) HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2727568 2014-09-12] () HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111488 2012-10-25] (Intel Corporation) HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-11] (PDF Complete Inc) HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11268096 2010-05-06] (Hewlett-Packard) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2013-10-17] (Intel Corporation) HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2010-02-25] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-07] (AVAST Software) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X] HKU\S-1-5-21-1593833016-2535897038-1932122431-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit) HKU\S-1-5-21-1593833016-2535897038-1932122431-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-04-23] (Samsung) HKU\S-1-5-21-1593833016-2535897038-1932122431-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-04-23] (Samsung) HKU\S-1-5-21-1593833016-2535897038-1932122431-1000\...\Run: [Browser Extensions] => "C:\Users\user\AppData\Roaming\Browser Extensions\CouponsHelper.exe" HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries) Lsa: [Notification Packages] DPPassFilter scecli Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MOTU Pedal Service.lnk ShortcutTarget: MOTU Pedal Service.lnk -> C:\Program Files (x86)\MOTU\Audio\MFWAKeys.exe () Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1F55FD2A4DCACE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {3023DAE5-E649-48B1-A0FF-5F2740EC6EC3} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard) BHO-x32: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-10-17] FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2014-05-20] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-18] Chrome: ======= CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Dokumenty Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-27] CHR Extension: (Dysk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-27] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-27] CHR Extension: (Szukaj w Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-27] CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-27] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-27] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-07] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-07] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R3 DEBridge; C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2010-02-01] (McAfee, Inc.) [File not signed] R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462160 2010-07-16] (DigitalPersona, Inc.) S3 FLCDLOCK; C:\Windows\SysWOW64\flcdlock.exe [362040 2011-10-07] (Hewlett-Packard Ltd) S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries) R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed] R2 HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [32768 2010-10-19] (Hewlett-Packard Development Company, L.P) [File not signed] R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-01] (McAfee, Inc.) R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [298496 2010-05-06] (Hewlett-Packard) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-04-01] (Hewlett-Packard Company) R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed] S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit) R2 MOTU_ZeroConf; C:\Program Files (x86)\MOTU\motuDNSResponder.exe [391472 2014-01-02] (MOTU Inc.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-04] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-04] (NVIDIA Corporation) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-11] (PDF Complete Inc) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-07] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-07] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-07] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-07] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-07] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-07] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-07] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-07] () S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2011-10-07] (Hewlett-Packard Development Company L.P.) S3 MFWAMIDI64; C:\Windows\System32\drivers\MFWAMIDI64.sys [34576 2014-01-02] (Mark of the Unicorn) S3 MFWAWAVE64; C:\Windows\System32\drivers\MFWAWAVE64.sys [84752 2014-01-02] (Mark of the Unicorn) R3 motubus; C:\Windows\System32\drivers\MotuBus64.sys [32016 2014-01-02] (Mark of the Unicorn) S3 MotuFWA64; C:\Windows\System32\drivers\Motufwa64.sys [656656 2014-01-02] (Mark of the Unicorn) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-04] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2010-02-01] (McAfee, Inc.) R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2010-02-01] (McAfee, Inc.) R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2010-02-01] () [File not signed] R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2010-02-01] (McAfee, Inc.) R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.) R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2010-02-01] (McAfee, Inc.) R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2010-02-01] (McAfee, Inc.) R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2010-02-01] (McAfee, Inc.) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit) S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803904 2010-06-03] () S3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH) S3 dgderdrv; System32\drivers\dgderdrv.sys [X] ========================== Drivers MD5 ======================= C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Accelerometer.sys 5C368F4B04ED2A923E6AFCA2D37BAFF5 C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9 C:\Windows\System32\DRIVERS\agrsm64.sys ==> MD5 is legit C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49 C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048 C:\Windows\System32\DRIVERS\AMPPAL.sys D46391F209DE0A98A97D1D1765F53438 C:\Windows\System32\DRIVERS\amppal.sys D46391F209DE0A98A97D1D1765F53438 C:\Windows\system32\drivers\appid.sys ==> MD5 is legit C:\Windows\system32\drivers\arc.sys ==> MD5 is legit C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit C:\Windows\system32\drivers\aswHwid.sys D95E64416A4A3ED6986E0F474DA934BD C:\Windows\system32\drivers\aswMonFlt.sys FF1E537A3632CBB9A0BF72B9FD0878D5 C:\Windows\system32\drivers\aswRdr2.sys A5757DE5F9C83AB40667A53D5126EA40 C:\Windows\System32\Drivers\aswRvrt.sys 645D97385F3F284FB5604F9B970F4D24 C:\Windows\system32\drivers\aswSnx.sys B8FDEDE963B82CFD23B3A53A3084666D C:\Windows\system32\drivers\aswSP.sys 0DEDC041DF594AEC2C3BD00417CFAF60 C:\Windows\system32\drivers\aswStm.sys 48DED912CDE54FC0923B9858512366E1 C:\Windows\System32\Drivers\aswVmm.sys 471A311745848B80339436688A8286E6 C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315 C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4 C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37 C:\Windows\System32\drivers\btwaudio.sys 4BDBDB86ABBA924E029FB2683BE7C505 C:\Windows\System32\DRIVERS\btwavdt.sys 5C849BD7C78791C5CEE9F4651D7FE38D C:\Windows\System32\DRIVERS\btwl2cap.sys 6149301DC3F81D6F9667A3FBAC410975 C:\Windows\System32\DRIVERS\btwrchid.sys 3E1991AFA851A36DC978B0A1B0535C8B C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706 C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit C:\Windows\System32\drivers\csc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\DAMDrv64.sys A8BA4DA23AC20BDA23CA15234D42A3FA C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ssudbus.sys 73BDD44A6088916964945886F9025409 C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\drivers\disk.sys ==> MD5 is legit C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415 C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868 C:\Windows\System32\DRIVERS\e1k62x64.sys 324FCD2DD8A4229DDEF3CC954FF12FA5 C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0 C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hpdskflt.sys 4E0BEC0F78096FFD6D3314B497FC49D3 C:\Windows\System32\DRIVERS\HpqKbFiltr.sys 9AF482D058BE59CC28BCE52E7C4B747C C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\iaStor.sys ABBF174CB394F5C437410A788B7E404A C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366 C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Impcd.sys 36FDF367A1DABFF903E2214023D71368 C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6 C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit C:\Windows\System32\drivers\MFWAMIDI64.sys AED684540679A00E741688945E781161 C:\Windows\System32\drivers\MFWAWAVE64.sys DC9F3D883C0F2DA771DC19532CFEAC84 C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\drivers\MotuBus64.sys 54527FF77E422A7DB5697DDCA01F711F C:\Windows\System32\drivers\Motufwa64.sys 1BD181AC93EA50BC470ABDB6629BF618 C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404 C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163 C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\Drivers\mvusbews.sys 705E9675014EB688BEDD967B1ABECF19 C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88 C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\NETwNs64.sys 50AD7F7040C22BB7CAA59A0880875A21 C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2 C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nusb3hub.sys 158AD24745BD85BA9BE3C51C38F48C32 C:\Windows\System32\DRIVERS\nusb3xhc.sys D40A13B2C0891E218F9523B376955DB6 C:\Windows\System32\drivers\nvhda64v.sys E366A5681C50785D4ED04FCFD65C3415 C:\Windows\System32\DRIVERS\nvlddmkm.sys FB0A1B5141B728D5355474BAC45B1052 C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys E8804B858EB4A18C0B386C58DBEBB7C8 C:\Windows\System32\drivers\nvvad64v.sys 1AF619620613869C07F9C147BC37520F C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C C:\Windows\System32\drivers\pci.sys ==> MD5 is legit C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\drivers\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34 C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41 C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932 C:\Windows\System32\DRIVERS\rimmpx64.sys 6FAF5B04BEDC66D300D9D233B2D222F0 C:\Windows\System32\DRIVERS\rimspx64.sys 67F50C31713106FD1B0F286F86AA2B2E C:\Windows\System32\DRIVERS\rixdpx64.sys 4D7EF3D46346EC4C58784DB964B365DE C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\System32\Drivers\RsvLock.sys 26E0D15FB1835F7ED638F157CCD2E04D C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit C:\Windows\System32\Drivers\SafeBoot.sys D41D8CD98F00B204E9800998ECF8427E C:\Windows\System32\Drivers\SbAlg.sys FD8714A36C4646DE22DDC7E36F6D09EF C:\Windows\System32\Drivers\SbFsLock.sys 43027F1996F3AC6BD54B8A871996B7B3 C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit C:\Windows\System32\Drivers\SCDEmu.sys 46942B6980B35FFDA6AFA40A8328938C C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0 C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit C:\Windows\system32\drivers\serial.sys ==> MD5 is legit C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit C:\Windows\System32\Drivers\SmartDefragDriver.sys E77CB3736A702D46A6FB15FB4A9894E3 C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\snp2uvc.sys 84E347359A28E9E544FF169FBDEA5F59 C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28 C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3 C:\Windows\System32\DRIVERS\ssudmdm.sys 5252D7BC56E5E0ED715AEA8FE173A455 C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\stwrt64.sys 96DF19A03D37F8568141612D31F0D035 C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\SynTP.sys D268D2A0DB2A2BBE963E688D0B039267 C:\Windows\System32\DRIVERS\synusb64.sys BCB6AA197267D3506BE2535342FC40E0 C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8 C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1 C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426 C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07 C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2 C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31 C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965 C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6 C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3 C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7 C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\drivers\volsnap.sys DF8126BD41180351A093A3AD2FC8903B C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\system32\drivers\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8 C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\WinUSB.sys FE88B288356E7B47B74B13372ADD906D C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-27 16:35 - 2014-10-27 16:36 - 00045993 _____ () C:\Users\user\Downloads\Addition.txt 2014-10-27 16:34 - 2014-10-27 16:37 - 00047064 _____ () C:\Users\user\Downloads\FRST.txt 2014-10-27 16:34 - 2014-10-27 16:37 - 00000000 ____D () C:\FRST 2014-10-27 16:34 - 2014-10-27 16:34 - 02113024 _____ (Farbar) C:\Users\user\Downloads\FRST64 (1).exe 2014-10-27 16:33 - 2014-10-27 16:33 - 01104896 _____ (Farbar) C:\Users\user\Downloads\FRST (1).exe 2014-10-27 16:26 - 2014-10-27 16:26 - 00000000 ____H () C:\ProgramData\cm-lock 2014-10-25 21:00 - 2014-10-25 21:00 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices 2014-10-25 20:04 - 2014-10-25 20:24 - 00117530 _____ () C:\Users\user\Desktop\Extras.Txt 2014-10-25 20:01 - 2014-10-25 20:04 - 02683560 _____ () C:\Users\user\Desktop\OTL.Txt 2014-10-25 19:52 - 2014-10-25 19:52 - 00504279 _____ () C:\Users\user\Desktop\Gmer full.log 2014-10-25 19:14 - 2014-10-25 19:14 - 00602112 _____ (OldTimer Tools) C:\Users\user\Downloads\OTL (1).exe 2014-10-25 19:13 - 2014-10-25 19:13 - 00602112 _____ (OldTimer Tools) C:\Users\user\Desktop\OTL.exe 2014-10-25 19:04 - 2014-10-25 19:04 - 00001198 _____ () C:\Users\user\Desktop\Gmer.log 2014-10-25 19:02 - 2014-10-25 19:02 - 00380416 _____ () C:\Users\user\Downloads\rlv4zczp.exe 2014-10-25 19:01 - 2014-10-25 19:01 - 02109495 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe 2014-10-25 19:01 - 2014-10-25 19:01 - 01104384 _____ (Farbar) C:\Users\user\Downloads\FRST.exe 2014-10-25 12:04 - 2014-10-25 12:04 - 01962496 _____ () C:\Users\user\Downloads\AdwCleaner.exe 2014-10-25 11:57 - 2014-10-25 12:00 - 00002122 _____ () C:\Users\user\Desktop\Rkill.txt 2014-10-25 09:58 - 2014-10-27 16:26 - 00001848 _____ () C:\Windows\setupact.log 2014-10-25 09:58 - 2014-10-25 18:36 - 00007646 _____ () C:\Windows\PFRO.log 2014-10-25 09:58 - 2014-10-25 09:58 - 00000000 _____ () C:\Windows\setuperr.log 2014-10-25 09:57 - 2014-10-25 09:57 - 00000000 _____ () C:\asc_rdflag 2014-10-22 21:39 - 2014-10-22 21:39 - 00017077 _____ () C:\Users\user\Downloads\masumi.odt 2014-10-22 00:41 - 2014-10-22 00:41 - 00039059 _____ () C:\Users\user\AppData\Local\recently-used.xbel 2014-10-21 13:36 - 2014-10-21 23:22 - 00020734 _____ () C:\Users\user\Desktop\New OpenDocument Dokument tekstowy (2).odt 2014-10-21 13:17 - 2014-10-21 23:17 - 00000000 ____D () C:\Users\user\Desktop\New folder (3) 2014-10-19 17:31 - 2014-10-19 17:31 - 00000000 ____D () C:\Users\user\Desktop\New folder (2) 2014-10-19 13:30 - 2014-10-19 13:32 - 20578280 _____ (Hewlett-Packard Company ) C:\Users\user\Downloads\HP_SDM_Setup.exe 2014-10-19 12:34 - 2014-09-11 15:36 - 03961833 _____ () C:\Windows\system32\nvcoproc.bin 2014-10-19 12:32 - 2014-09-12 12:56 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2014-10-19 12:32 - 2014-09-12 12:56 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 31514432 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 24199824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 22994240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 18628392 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 15294096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 14493448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 13913528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 13824960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 12882064 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-10-19 12:31 - 2014-09-12 12:56 - 11270000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 11207656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 04246848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 03987784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 01889096 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434084.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 01539728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434084.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 00943304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 00906952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 00901776 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 00869192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-10-19 12:31 - 2014-09-12 12:56 - 00026155 _____ () C:\Windows\system32\nvinfo.pb 2014-10-19 12:26 - 2014-10-19 12:28 - 221948176 _____ (NVIDIA Corporation) C:\Users\user\Downloads\340.84-quadro-grid-desktop-notebook-win8-win7-64bit-international-whql.exe 2014-10-19 00:20 - 2014-10-19 00:21 - 31766800 _____ (NVIDIA Corporation) C:\Users\user\Downloads\GeForce_Experience_v2.1.3.0.exe 2014-10-19 00:07 - 2014-10-19 00:07 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-10-19 00:06 - 2014-09-12 12:56 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-10-19 00:06 - 2014-09-12 12:56 - 00059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-10-19 00:06 - 2014-09-12 11:00 - 06783120 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-10-19 00:06 - 2014-09-12 11:00 - 03521224 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-10-19 00:06 - 2014-09-12 11:00 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-10-19 00:06 - 2014-09-12 11:00 - 00932040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-10-19 00:06 - 2014-09-12 11:00 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-10-19 00:06 - 2014-09-12 11:00 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-10-19 00:05 - 2014-09-12 12:56 - 17552560 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-10-19 00:05 - 2014-09-12 12:56 - 16124456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-10-19 00:05 - 2014-09-12 12:56 - 03196864 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-10-19 00:05 - 2014-09-12 12:56 - 02814704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-10-19 00:05 - 2013-11-14 12:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll 2014-10-19 00:05 - 2013-11-14 12:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll 2014-10-19 00:05 - 2013-11-14 12:58 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll 2014-10-19 00:04 - 2014-09-04 20:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-10-19 00:04 - 2014-09-04 20:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-10-18 23:57 - 2014-10-18 23:57 - 00638888 _____ (Oracle Corporation) C:\Users\user\Downloads\chromeinstall-8u25.exe 2014-10-17 17:35 - 2014-10-22 21:23 - 00017077 _____ () C:\Users\user\Desktop\masumi.odt 2014-10-17 00:40 - 2014-10-17 00:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET 2014-10-16 12:02 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-10-16 12:02 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-10-16 12:02 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-10-16 12:02 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-16 12:02 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-16 12:02 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-16 12:02 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-16 12:02 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-16 12:02 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-16 12:02 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-16 12:02 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-16 12:02 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-16 12:02 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-16 12:02 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-16 12:02 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-16 12:02 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-16 12:02 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-16 12:02 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-16 12:02 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-16 12:02 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-16 12:02 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-16 12:02 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-16 12:02 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-16 12:02 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-16 12:02 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-16 12:02 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-16 12:02 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-16 12:02 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-16 12:02 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-16 12:02 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-16 12:02 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-16 12:02 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-16 12:02 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-16 12:02 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-16 12:02 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-16 12:02 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-16 12:02 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-16 12:02 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-16 12:02 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-16 12:02 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-16 12:02 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-16 12:02 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-16 12:02 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-16 12:02 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-16 12:02 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-16 12:02 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-16 12:02 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-16 12:02 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-16 12:02 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-16 12:02 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-16 12:02 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-16 12:02 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-16 12:02 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-16 12:02 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-16 12:02 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-16 12:02 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-16 12:02 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-16 12:02 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-16 12:02 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-16 12:02 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-16 12:02 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-16 12:02 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-16 12:02 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-16 12:02 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-16 12:02 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-16 12:02 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-16 12:01 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-16 12:01 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-16 12:00 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-16 12:00 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-16 12:00 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-16 12:00 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-16 12:00 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-16 12:00 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-16 12:00 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-16 12:00 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-16 12:00 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-16 12:00 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-16 12:00 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-16 12:00 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-16 12:00 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-16 12:00 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-16 11:59 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-16 11:59 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-16 11:59 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-16 11:59 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-10 11:51 - 2014-10-10 11:51 - 00000000 ____D () C:\Users\user\AppData\Roaming\inkscape 2014-10-10 11:50 - 2014-10-10 11:50 - 00001055 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk 2014-10-10 11:50 - 2014-10-10 11:50 - 00001011 _____ () C:\Users\Public\Desktop\Inkscape.lnk 2014-10-10 11:47 - 2014-10-10 11:50 - 00000000 ____D () C:\Program Files (x86)\Inkscape 2014-10-10 11:46 - 2014-10-10 11:46 - 34573304 _____ (inkscape.org) C:\Users\user\Downloads\Inkscape-0.48.5-1-win32.exe 2014-10-10 01:45 - 2014-10-10 01:49 - 78273144 _____ () C:\Users\user\Desktop\Guitar.mp4 2014-10-10 01:04 - 2014-10-10 01:11 - 00000000 ____D () C:\Users\user\Desktop\New folder 2014-10-07 18:52 - 2014-10-07 18:52 - 00042040 _____ () C:\Users\user\Desktop\Włosy farbowanie.veg 2014-10-07 12:02 - 2014-10-07 18:37 - 00000000 ____D () C:\Users\user\Desktop\You tube 2014-10-05 11:33 - 2014-10-05 11:33 - 00000000 ____D () C:\Users\user\Documents\Splice 2014-10-05 11:32 - 2014-10-05 11:32 - 00000000 ____D () C:\Users\user\AppData\Local\IsolatedStorage 2014-10-05 11:32 - 2014-10-05 11:32 - 00000000 ____D () C:\Users\user\AppData\Local\HockeyCrashes 2014-10-05 11:31 - 2014-10-09 13:08 - 00000000 ____D () C:\Users\user\AppData\Local\Splice 2014-10-05 11:31 - 2014-10-05 11:31 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Splice 2014-10-02 22:18 - 2014-10-02 22:19 - 00536848 _____ () C:\Users\user\Downloads\install-splice.exe 2014-10-02 11:18 - 2014-10-02 12:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-10-01 11:21 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-01 11:21 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-30 16:00 - 2014-10-19 19:11 - 00000000 ____D () C:\Users\user\Desktop\masumi 2014-09-30 16:00 - 2014-09-30 16:00 - 00028925 _____ () C:\Users\user\Documents\masumi poprawione.odt 2014-09-30 10:05 - 2014-09-30 10:05 - 00000232 _____ () C:\Users\user\Downloads\list-247a2a-1.bin 2014-09-30 09:59 - 2014-09-28 20:59 - 03811112 _____ () C:\Users\user\Desktop\DO filmiku masumi.wav ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-27 16:36 - 2014-02-07 16:30 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe 2014-10-27 16:35 - 2009-07-14 05:45 - 00031504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-27 16:35 - 2009-07-14 05:45 - 00031504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-27 16:33 - 2009-07-14 06:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-27 16:32 - 2014-06-13 02:25 - 00003870 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1393249788 2014-10-27 16:32 - 2014-02-24 14:49 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-10-27 16:31 - 2013-10-03 08:05 - 01177884 _____ () C:\Windows\WindowsUpdate.log 2014-10-27 16:27 - 2014-04-19 19:54 - 00000068 __RSH () C:\Windows\system32\Drivers\wmiacpi.winsecurity 2014-10-27 16:27 - 2014-04-19 19:54 - 00000068 __RSH () C:\Windows\system32\Drivers\volmgr.winsecurity 2014-10-27 16:27 - 2013-11-21 21:49 - 00000000 ____D () C:\ProgramData\ProductData 2014-10-27 16:27 - 2013-10-17 01:50 - 00000000 ____D () C:\ProgramData\PDFC 2014-10-27 16:27 - 2013-10-17 01:50 - 00000000 ____D () C:\ProgramData\HPQLOG 2014-10-27 16:25 - 2013-10-16 13:39 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-27 16:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-26 20:05 - 2013-10-20 17:55 - 00000000 ____D () C:\Users\user\AppData\Roaming\AIMP3 2014-10-26 20:04 - 2014-02-07 16:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-26 19:25 - 2013-10-16 13:39 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-25 18:38 - 2013-11-13 00:57 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-10-25 13:47 - 2014-07-25 13:02 - 00000000 ____D () C:\Users\user\Desktop\pulpit 2014-10-25 12:07 - 2014-03-25 02:26 - 00000000 ____D () C:\AdwCleaner 2014-10-25 09:58 - 2014-02-11 02:36 - 75202560 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak 2014-10-25 09:57 - 2014-02-25 13:25 - 43937792 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak 2014-10-25 09:57 - 2014-02-11 02:36 - 00253952 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak 2014-10-25 09:57 - 2014-02-11 02:36 - 00065536 _____ () C:\Windows\system32\config\SAM.iodefrag.bak 2014-10-25 09:57 - 2014-02-11 02:36 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak 2014-10-24 23:12 - 2013-10-16 13:39 - 00000000 ____D () C:\Users\user\AppData\Local\Apps\2.0 2014-10-24 23:03 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2014-10-22 00:47 - 2014-07-24 23:38 - 00000000 ____D () C:\Users\user\.gimp-2.8 2014-10-22 00:36 - 2014-07-25 00:03 - 00000000 ____D () C:\Users\user\AppData\Local\gtk-2.0 2014-10-21 17:20 - 2013-10-16 13:39 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-10-21 17:20 - 2013-10-16 13:39 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-10-21 12:30 - 2014-08-31 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack 2014-10-21 12:30 - 2014-03-06 11:14 - 00000000 ____D () C:\Windows\Minidump 2014-10-19 13:37 - 2013-10-17 01:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools 2014-10-19 13:37 - 2013-10-03 08:19 - 00000000 ____D () C:\SWSetup 2014-10-19 12:40 - 2013-10-30 00:42 - 00000000 ____D () C:\Users\user\AppData\Local\NVIDIA 2014-10-19 12:35 - 2014-08-31 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-10-19 12:33 - 2013-10-16 10:08 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-10-19 00:25 - 2013-10-17 03:43 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-10-19 00:25 - 2013-10-16 10:09 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-10-19 00:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help 2014-10-18 23:58 - 2014-08-31 21:05 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-10-18 23:58 - 2013-10-21 11:37 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-18 23:58 - 2013-10-21 11:37 - 00000000 ____D () C:\Program Files (x86)\Java 2014-10-18 23:16 - 2014-09-15 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft ICE 2014-10-17 16:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-10-17 12:18 - 2014-08-03 14:00 - 00002170 _____ () C:\CCALib8WS.log 2014-10-17 12:13 - 2009-07-14 05:45 - 05044048 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-17 12:10 - 2014-04-30 15:29 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-10-17 00:40 - 2013-10-24 02:02 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-17 00:36 - 2013-10-24 02:02 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-13 10:14 - 2014-09-20 14:02 - 00000000 ____D () C:\Users\user\Desktop\Beats On 2014-10-10 23:06 - 2014-09-20 14:08 - 00000000 ____D () C:\Users\user\Desktop\RB 2014-10-10 01:52 - 2013-11-07 03:26 - 00000000 ____D () C:\Users\user\AppData\Roaming\vlc 2014-10-10 01:11 - 2013-10-16 09:53 - 00093824 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-09 13:04 - 2013-11-21 21:49 - 00000000 ____D () C:\ProgramData\IObit 2014-10-08 21:14 - 2013-10-16 13:39 - 00000000 ____D () C:\Users\user\AppData\Local\Deployment 2014-10-05 11:32 - 2014-02-08 18:55 - 00000000 ____D () C:\ProgramData\Package Cache 2014-10-04 07:35 - 2014-06-03 01:31 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2014-10-04 07:35 - 2013-10-30 00:44 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-10-04 07:34 - 2014-06-03 01:31 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2014-10-04 07:34 - 2013-10-30 00:44 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-10-02 14:53 - 2010-11-21 04:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-02 11:19 - 2014-07-10 22:17 - 00000000 ____D () C:\ProgramData\Adobe 2014-10-02 11:19 - 2013-10-16 13:29 - 00000000 ____D () C:\Users\user\AppData\Roaming\Adobe 2014-10-02 11:18 - 2014-07-10 22:42 - 00000000 ____D () C:\Program Files (x86)\Adobe Some content of TEMP: ==================== C:\Users\user\AppData\Local\Temp\Quarantine.exe C:\Users\user\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed ==================== BCD ================================ Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale en-US inherit {globalsettings} default {current} resumeobject {26e114de-2c45-11e3-be52-c4a7309fa608} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Windows Boot Loader ------------------- identifier {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale en-US inherit {bootloadersettings} recoverysequence {26e114e0-2c45-11e3-be52-c4a7309fa608} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {26e114de-2c45-11e3-be52-c4a7309fa608} nx OptIn Windows Boot Loader ------------------- identifier {26e114e0-2c45-11e3-be52-c4a7309fa608} device ramdisk=[C:]\Recovery\26e114e0-2c45-11e3-be52-c4a7309fa608\Winre.wim,{26e114e1-2c45-11e3-be52-c4a7309fa608} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\26e114e0-2c45-11e3-be52-c4a7309fa608\Winre.wim,{26e114e1-2c45-11e3-be52-c4a7309fa608} systemroot \windows nx OptIn winpe Yes Resume from Hibernate --------------------- identifier {26e114de-2c45-11e3-be52-c4a7309fa608} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale en-US inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems Yes Debugger Settings ----------------- identifier {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {26e114e1-2c45-11e3-be52-c4a7309fa608} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\26e114e0-2c45-11e3-be52-c4a7309fa608\boot.sdi LastRegBack: 2014-10-26 14:04 ==================== End Of Log ============================