OTL logfile created on: 2015-04-21 17:33:07 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bakoma\Documents\FRST Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17728) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,48 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 34,99% Memory free 6,96 Gb Paging File | 4,12 Gb Available in Paging File | 59,15% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 931,41 Gb Total Space | 35,83 Gb Free Space | 3,85% Space Free | Partition Type: NTFS Drive D: | 170,34 Gb Total Space | 170,19 Gb Free Space | 99,91% Space Free | Partition Type: NTFS Drive E: | 29,32 Gb Total Space | 14,87 Gb Free Space | 50,71% Space Free | Partition Type: NTFS Drive F: | 931,50 Gb Total Space | 761,40 Gb Free Space | 81,74% Space Free | Partition Type: NTFS Drive J: | 8,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive L: | 98,42 Gb Total Space | 5,99 Gb Free Space | 6,08% Space Free | Partition Type: NTFS Computer Name: BAKOMA-KOMPUTER | User Name: Bakoma | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2015-04-21 17:32:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bakoma\Documents\FRST\OTL.exe PRC - [2015-04-21 17:28:17 | 001,139,200 | ---- | M] (Farbar) -- C:\Users\Bakoma\Documents\FRST\FRST.exe PRC - [2015-04-13 23:55:42 | 000,812,872 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2015-03-28 05:45:04 | 002,673,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2015-03-28 05:45:01 | 001,878,672 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2015-03-28 05:45:00 | 020,696,720 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe PRC - [2015-03-28 05:45:00 | 005,984,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe PRC - [2015-03-28 05:45:00 | 000,918,160 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe PRC - [2015-03-17 06:14:08 | 001,080,120 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe PRC - [2015-03-17 06:14:06 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe PRC - [2015-03-17 06:14:00 | 006,212,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe PRC - [2015-03-13 17:57:35 | 001,818,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2015-03-13 17:57:35 | 000,973,456 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2015-03-13 17:29:26 | 000,411,848 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2014-12-19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2014-12-15 13:29:58 | 005,426,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe PRC - [2014-11-26 09:16:46 | 001,388,888 | ---- | M] (BitTorrent Inc.) -- C:\Users\Bakoma\AppData\Roaming\BitTorrent\BitTorrent.exe PRC - [2014-10-02 18:02:30 | 000,333,008 | ---- | M] (Unified Intents AB) -- C:\Program Files\Unified Remote\RemoteServer.exe PRC - [2014-06-14 06:30:40 | 000,310,064 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe PRC - [2013-08-02 02:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2013-05-14 18:50:44 | 000,140,936 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe PRC - [2012-11-23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012-06-28 17:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2007-12-06 22:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2015-04-15 03:10:38 | 019,546,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\64332cd6b4758f531823348eaa12ce22\System.ServiceModel.ni.dll MOD - [2015-04-13 23:55:40 | 001,252,680 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\42.0.2311.90\libglesv2.dll MOD - [2015-04-13 23:55:39 | 000,080,712 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\42.0.2311.90\libegl.dll MOD - [2015-03-28 05:45:04 | 000,011,920 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll MOD - [2015-02-14 04:19:51 | 010,069,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll MOD - [2015-02-14 04:06:26 | 007,386,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\20aaf6bbc4e93d10d6a2ce3c0193b859\System.Data.ni.dll MOD - [2015-02-14 04:06:18 | 012,895,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\d8223c30928e02bc7ed5b8b81effa7b5\System.Windows.Forms.ni.dll MOD - [2015-02-14 04:06:11 | 002,855,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll MOD - [2015-02-14 04:06:11 | 001,642,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd2f9ea99ac0f984b9dc430824638c9f\System.Drawing.ni.dll MOD - [2015-02-14 04:05:48 | 007,793,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6ee4ffbd9a86ac1e7b01800b6fe9c7\System.Xml.ni.dll MOD - [2015-02-14 04:05:44 | 000,972,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5a977e1f055b4f8f41da5d9142a1913c\System.Configuration.ni.dll MOD - [2015-02-14 04:04:58 | 007,002,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\23d1162d1943c1b1d6c4fd7c6d8512d4\System.Core.ni.dll MOD - [2015-02-14 04:04:49 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2015-04-15 00:04:22 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2015-03-28 05:45:01 | 001,878,672 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2015-03-28 05:45:00 | 020,696,720 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV - [2015-03-28 05:45:00 | 000,918,160 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService) SRV - [2015-03-17 06:14:08 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2015-03-17 06:14:06 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2015-03-13 17:29:26 | 000,411,848 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2015-03-13 05:16:24 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2015-03-12 10:53:36 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2015-02-07 20:36:28 | 001,910,128 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files\Origin\OriginClientService.exe -- (Origin Client Service) SRV - [2014-12-19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2014-12-15 13:29:58 | 005,426,448 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\TeamViewer_Service.exe -- (TeamViewer) SRV - [2014-12-11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2014-09-18 12:37:10 | 002,191,648 | ---- | M] (GOG.com) [On_Demand | Stopped] -- C:\Program Files\GalaxyClient\GalaxyService.exe -- (GalaxyService) SRV - [2014-02-25 23:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013-11-06 19:30:44 | 000,758,224 | ---- | M] (Tunngle.net GmbH) [Disabled | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2013-05-27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013-05-14 18:50:44 | 000,140,936 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2013-01-18 04:02:26 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2007-12-06 22:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0) SRV - [2007-05-31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | Auto | Stopped] -- C:\PROGRA~1\YTDOWN~1\sbmntr.sys -- (sbmntr) DRV - [2015-04-21 17:19:22 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV - [2015-03-28 05:45:00 | 000,018,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms) DRV - [2015-03-17 06:15:36 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl) DRV - [2015-03-17 06:15:22 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2015-03-13 21:43:34 | 008,454,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2014-12-30 09:02:10 | 000,013,824 | ---- | M] (Scott) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBDrv.sys -- (usbUDisc) DRV - [2014-11-22 12:46:30 | 000,032,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible) DRV - [2014-10-09 19:02:40 | 000,161,424 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2014-06-16 08:01:38 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) DRV - [2014-06-16 08:01:38 | 000,089,856 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) DRV - [2014-04-11 10:39:20 | 000,153,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2014-04-11 10:39:20 | 000,136,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) DRV - [2014-04-11 10:39:20 | 000,017,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2014-04-11 10:39:12 | 000,153,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2014-04-11 10:39:12 | 000,136,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) DRV - [2014-04-11 10:39:12 | 000,032,064 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2014-04-11 10:39:12 | 000,017,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2014-03-27 13:25:22 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2014-02-24 11:10:06 | 000,018,432 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\uvhid.sys -- (uvhid) DRV - [2014-02-07 15:25:44 | 000,974,264 | ---- | M] (PassMark Software) [Kernel | On_Demand | Stopped] -- C:\Program Files\OSFMount\OSFMount.sys -- (OSFMount) DRV - [2013-11-29 10:31:26 | 000,014,448 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\ampa.sys -- (ampa) DRV - [2013-08-22 14:40:22 | 000,035,288 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901) DRV - [2013-07-04 21:42:42 | 000,279,712 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2013-03-07 09:49:20 | 000,014,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv) DRV - [2013-03-07 09:49:20 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2013-02-24 01:11:43 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2013-01-17 04:00:54 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-10-19 23:33:40 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI) DRV - [2009-09-16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) DRV - [2009-07-14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2003-04-19 00:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tandpl.sys -- (tandpl) DRV - [2003-03-02 17:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\enodpl.sys -- (enodpl) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) [2013-01-16 22:05:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bakoma\AppData\Roaming\mozilla\Extensions [2015-03-31 10:23:10 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Error reading preferences file CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\2.0.2_0\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.12_1\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.38_0\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkkaeplhmblkfaoedlooopoindcnekof\1.0.4.6_1\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.3.0_0\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_1\ CHR - Extension: No name found = C:\Users\Bakoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ O1 HOSTS File: ([2014-05-16 03:18:07 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4 - HKLM..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat" File not found O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKLM..\Run: [YTDownloader] "C:\Program Files\YTDownloader\YTDownloader.exe" /boot File not found O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [GoogleChromeAutoLaunch_D8F0070EFF92FAE7BE2DDA05A6DE1446] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKCU..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart File not found O4 - HKCU..\Run: [Unified Remote v2] C:\Program Files\Unified Remote\RemoteServer.exe (Unified Intents AB) O4 - HKCU..\Run: [YTDownloader] "C:\Program Files\YTDownloader\YTDownloader.exe" /boot File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Clip Image - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found O8 - Extra context menu item: Clip selection - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found O8 - Extra context menu item: Clip this page - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found O8 - Extra context menu item: Clip URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: New Note - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html () O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Lync — kliknij, aby połączyć - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lync — kliknij, aby połączyć - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html () O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html () O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3472DCD9-E3D4-4148-BF6F-49E09488FFAE}: DhcpNameServer = 194.204.159.1 194.204.152.34 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3472DCD9-E3D4-4148-BF6F-49E09488FFAE}: NameServer = 194.204.152.34,194.204.159.1 O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [1999-12-12 01:00:00 | 000,000,068 | R--- | M] () - J:\autorun.inf -- [ UDF ] O33 - MountPoints2\{dae172e2-6db5-11e2-9fa4-902b3478e835}\Shell - "" = AutoRun O33 - MountPoints2\{dae172e2-6db5-11e2-9fa4-902b3478e835}\Shell\AutoRun\command - "" = J:\setup.exe -- [1999-12-12 01:00:00 | 006,148,707 | R--- | M] ( ) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2015-04-21 17:29:04 | 000,000,000 | ---D | C] -- C:\FRST [2015-04-21 17:28:47 | 000,000,000 | ---D | C] -- C:\Users\Bakoma\Documents\FRST [2015-04-21 17:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs [2015-04-21 17:08:39 | 000,017,344 | ---- | C] (Dll-Files.com) -- C:\Windows\System32\roboot.exe [2015-04-17 03:03:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2015-04-15 03:25:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\appraiser [2015-04-15 03:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2015-04-15 03:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2015-04-15 03:04:42 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2015-04-14 22:48:33 | 001,167,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitstatic.exe [2015-04-14 22:48:33 | 000,896,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll [2015-04-14 22:48:33 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll [2015-04-14 22:48:33 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll [2015-04-14 22:48:33 | 000,576,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll [2015-04-14 22:48:33 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll [2015-04-14 22:48:33 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll [2015-04-14 22:48:33 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll [2015-04-14 22:48:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll [2015-04-14 22:38:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll [2015-04-14 22:38:43 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2015-04-14 22:38:43 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2015-04-14 22:38:43 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll [2015-04-14 22:38:43 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll [2015-04-14 22:38:43 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe [2015-04-14 22:38:43 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2015-04-14 22:38:43 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll [2015-04-14 22:38:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll [2015-04-14 22:38:43 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe [2015-04-14 22:38:43 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2015-04-14 22:38:43 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll [2015-04-14 22:38:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll [2015-04-14 22:34:52 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2015-04-14 22:34:52 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe [2015-04-14 22:34:52 | 000,342,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2015-04-14 22:34:52 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe [2015-04-14 22:34:52 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [2015-04-14 22:34:52 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll [2015-04-14 22:34:52 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2015-04-14 22:34:51 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2015-04-14 22:34:51 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2015-04-14 22:34:51 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2015-04-14 22:34:51 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2015-04-14 22:34:51 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll [2015-04-14 22:34:51 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2015-04-14 22:34:51 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2015-04-14 22:34:51 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2015-04-14 22:34:51 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2015-04-14 22:34:51 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2015-04-14 22:34:50 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2015-04-14 22:34:50 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2015-04-14 22:34:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll [2015-04-14 22:34:49 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2015-04-14 22:34:48 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll [2015-04-14 22:34:48 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll [2015-04-14 22:34:47 | 004,305,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2015-04-14 22:33:36 | 003,088,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2015-04-14 22:33:36 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2015-04-14 22:33:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2015-04-14 22:33:36 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2015-04-14 22:33:36 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll [2015-04-14 22:33:36 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2015-04-14 22:33:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2015-04-14 22:33:36 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2015-04-14 22:33:36 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll [2015-04-14 22:30:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2015-04-08 03:00:25 | 000,000,000 | --SD | C] -- C:\Windows\System32\GWX [2015-03-31 18:28:38 | 000,623,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe [2015-03-31 18:26:45 | 024,775,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2015-03-31 18:26:45 | 020,465,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2015-03-31 18:26:45 | 010,776,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll [2015-03-31 18:26:45 | 010,714,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2015-03-31 18:26:45 | 008,454,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2015-03-31 18:26:45 | 003,248,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2015-03-31 18:26:45 | 001,048,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3234788.dll [2015-03-31 18:26:45 | 000,931,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll [2015-03-31 18:26:45 | 000,912,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3234788.dll [2015-03-31 18:26:45 | 000,909,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll [2015-03-31 18:26:45 | 000,908,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco3220103.dll [2015-03-31 18:26:45 | 000,878,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll [2015-03-31 18:26:45 | 000,399,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvEncodeAPI.dll [2015-03-31 18:26:45 | 000,345,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFROpenGL.dll [2015-03-31 18:26:45 | 000,305,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglshim32.dll [2015-03-31 18:26:45 | 000,164,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll [9 C:\*.tmp files -> C:\*.tmp -> ] [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2015-04-21 17:31:17 | 000,019,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2015-04-21 17:31:17 | 000,019,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2015-04-21 17:19:22 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-04-21 17:18:13 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2015-04-21 17:18:11 | 000,001,338 | ---- | M] () -- C:\Windows\tasks\BBHJ.job [2015-04-21 17:17:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2015-04-21 17:17:43 | 2802,806,784 | -HS- | M] () -- C:\hiberfil.sys [2015-04-21 17:04:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2015-04-21 17:00:58 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2015-04-17 14:27:06 | 000,016,384 | ---- | M] () -- C:\Users\Bakoma\Documents\rom-0 [2015-04-15 05:02:18 | 000,002,135 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2015-04-15 03:34:30 | 000,743,744 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2015-04-15 03:34:30 | 000,657,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2015-04-15 03:34:30 | 000,157,344 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2015-04-15 03:34:30 | 000,123,008 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2015-04-15 03:04:43 | 000,002,687 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2015-04-15 00:04:19 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2015-04-15 00:04:19 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2015-04-02 01:49:48 | 000,342,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2015-03-31 18:19:32 | 000,001,335 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk [2015-03-31 18:05:58 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2015-03-28 05:44:01 | 001,316,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvspcap.dll [2015-03-28 05:44:01 | 001,316,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvspbridge.dll [2015-03-25 05:00:57 | 003,088,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2015-03-25 05:00:57 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2015-03-25 05:00:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2015-03-25 05:00:57 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2015-03-25 05:00:57 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2015-03-25 05:00:57 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2015-03-25 05:00:27 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll [2015-03-25 05:00:18 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll [2015-03-25 05:00:15 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2015-03-23 05:06:47 | 000,576,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll [2015-03-23 05:06:32 | 000,630,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll [2015-03-23 05:06:26 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll [2015-03-23 05:06:22 | 000,860,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll [2015-03-23 05:06:21 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll [2015-03-23 05:06:21 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll [2015-03-23 05:06:21 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll [2015-03-23 04:59:03 | 000,896,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll [9 C:\*.tmp files -> C:\*.tmp -> ] [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2015-04-17 14:27:11 | 000,016,384 | ---- | C] () -- C:\Users\Bakoma\Documents\rom-0 [2015-04-14 22:34:50 | 000,016,303 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2014-12-12 20:35:53 | 011,203,766 | ---- | C] () -- C:\Windows\System32\Studio-eM_Foto-eM_uninstaller.exe [2014-10-27 18:54:34 | 000,000,072 | ---- | C] () -- C:\Windows\Edcg.INI [2014-09-01 10:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Bakoma\AppData\Roaming\BBHJ [2014-07-21 14:09:33 | 000,004,608 | ---- | C] () -- C:\Users\Bakoma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-05-22 15:29:11 | 001,573,488 | ---- | C] () -- C:\Windows\ampa.exe [2014-05-22 15:29:11 | 000,014,448 | ---- | C] () -- C:\Windows\System32\ampa.sys [2014-05-03 17:11:07 | 002,499,656 | ---- | C] () -- C:\Windows\System32\BootMan.exe [2014-05-03 17:11:07 | 000,087,112 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe [2014-05-03 17:11:07 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll [2014-05-03 17:11:07 | 000,014,920 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys [2014-05-03 17:11:07 | 000,009,160 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys [2014-04-30 19:47:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2014-03-14 02:18:28 | 000,000,600 | ---- | C] () -- C:\Users\Bakoma\AppData\Roaming\winscp.rnd [2014-01-23 19:31:08 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2014-01-23 19:31:08 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2014-01-23 19:31:08 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2014-01-23 19:31:08 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2014-01-06 06:19:27 | 000,000,097 | ---- | C] () -- C:\Windows\System32\Userdata.ini [2013-12-29 21:55:06 | 004,246,327 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2013-10-09 20:35:48 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl27.dat.temp [2013-06-23 18:48:27 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\enodpl.sys [2013-06-23 18:48:27 | 000,004,736 | ---- | C] () -- C:\Windows\System32\drivers\tandpl.sys [2013-01-24 16:58:30 | 000,138,056 | ---- | C] () -- C:\Users\Bakoma\AppData\Roaming\PnkBstrK.sys [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2015-02-13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >