Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013 ([color=red]ATTENTION: ====> FRST version is 230 days old and could be outdated[/color]) Ran by Robson (administrator) on ROBERT on 12-07-2014 05:56:36 Running from C:\Users\Robson\Desktop\WIRUS Windows 8.1 (X64) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe () C:\Program Files (x86)\iSafe\ipcdl.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE (Dropbox, Inc.) C:\Users\Robson\AppData\Roaming\Dropbox\bin\Dropbox.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe () C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation) HKLM\...\Run: [DolbyTrayApp] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.) HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [OnekeyStudio] - C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo) HKLM\...\Run: [Energy Manager] - C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-11-07] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] - C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe [80368 2013-11-07] (Lenovo(beijing) Limited) HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2013-08-30] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-07-04] (IDT, Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [ALLUpdate] - C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3510704 2014-04-17] (ALLPlayer Group Ltd.) HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro) HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-26] (AVAST Software) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) AppInit_DLLs: C:\Windows\System32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation) Startup: C:\Users\Robson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Robson\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Robson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PCCDisabled () Startup: C:\Users\Robson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Torpedo.lnk ShortcutTarget: Torpedo.lnk -> C:\Users\Robson\AppData\Local\Torpedo\Torpedo.exe (No File) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1394139867&from=cor&uid=ST1000LM014-1EJ164_W380HJH0XXXXW380HJH0&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1394139867&from=cor&uid=ST1000LM014-1EJ164_W380HJH0XXXXW380HJH0&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1394139867&from=cor&uid=ST1000LM014-1EJ164_W380HJH0XXXXW380HJH0&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1394139867&from=cor&uid=ST1000LM014-1EJ164_W380HJH0XXXXW380HJH0&q={searchTerms} SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1394139867&from=cor&uid=ST1000LM014-1EJ164_W380HJH0XXXXW380HJH0&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1394139867&from=cor&uid=ST1000LM014-1EJ164_W380HJH0XXXXW380HJH0&q={searchTerms} SearchScopes: HKLM - {9C3C2B9F-8503-44E7-B369-1C08E93A8A38} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 - {9C3C2B9F-8503-44E7-B369-1C08E93A8A38} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear SearchScopes: HKCU - {9C3C2B9F-8503-44E7-B369-1C08E93A8A38} URL = BHO: No Name - {11111111-1111-1111-1111-110511111108} - No File BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: No Name - {11111111-1111-1111-1111-110511111108} - No File BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: No Name - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - No File BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Robson\AppData\Roaming\Mozilla\Firefox\Profiles\amvi5yu5.default FF user.js: detected! => C:\Users\Robson\AppData\Roaming\Mozilla\Firefox\Profiles\amvi5yu5.default\user.js FF Homepage: https://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @mail.ru/GameCenter - C:\Users\Robson\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll No File FF SearchPlugin: C:\Users\Robson\AppData\Roaming\Mozilla\Firefox\Profiles\amvi5yu5.default\searchplugins\buenosearch.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wolnelektury-pl.xml FF Extension: Plus-HD-8.1 - C:\Users\Robson\AppData\Roaming\Mozilla\Firefox\Profiles\amvi5yu5.default\Extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com FF Extension: Site Finder - C:\Users\Robson\AppData\Roaming\Mozilla\Firefox\Profiles\amvi5yu5.default\Extensions\sitefinder@sitefinder.com FF Extension: SaveSense - C:\Users\Robson\AppData\Roaming\Mozilla\Firefox\Profiles\amvi5yu5.default\Extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} FF Extension: translator - C:\Users\Robson\AppData\Roaming\Mozilla\Firefox\Profiles\amvi5yu5.default\Extensions\translator@zoli.bod.xpi FF Extension: translator - C:\Users\Robson\AppData\Roaming\Mozilla\Firefox\Profiles\amvi5yu5.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi FF Extension: speeddial - C:\Users\Robson\AppData\Roaming\Mozilla\Firefox\Profiles\amvi5yu5.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi FF Extension: Adblock Plus - C:\Users\Robson\AppData\Roaming\Mozilla\Firefox\Profiles\amvi5yu5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: dta - C:\Users\Robson\AppData\Roaming\Mozilla\Firefox\Profiles\amvi5yu5.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.7.598 FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home33.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home33\ff Chrome: ======= CHR Extension: (Google Docs) - C:\Users\Robson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_1 CHR Extension: (Google Drive) - C:\Users\Robson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1 CHR Extension: (YouTube) - C:\Users\Robson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1 CHR Extension: (Google Search) - C:\Users\Robson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1 CHR Extension: (avast! Online Security) - C:\Users\Robson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2021.112_1 CHR Extension: (Google Wallet) - C:\Users\Robson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1 CHR Extension: (Gmail) - C:\Users\Robson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2 CHR HKLM-x32\...\Chrome\Extension: [fepnoffmjfmnnjalnipoalomnmcmmhon] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home33\ch\MediaWatchV1home33.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-26] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-03-14] () R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-05-28] (Intel) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156104 2013-06-04] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation) R2 PnkBstrA; C:\WINDOWS\SysWow64\PnkBstrA.exe [76888 2014-03-22] () R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-11-07] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation) R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [x] S2 Update Surftastic; "C:\Program Files (x86)\Surftastic\updateSurftastic.exe" [x] S2 Util Surftastic; "C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe" [x] S2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [x] ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-26] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-26] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-26] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-26] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-26] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-26] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-26] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-26] () R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-06-12] (AVG Technologies) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-04] (Intel Corporation) R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [100184 2013-04-09] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-02-21] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-02-21] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-30] (Synaptics Incorporated) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-05-28] (Windows (R) Win 7 DDK provider) R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1064704 2013-05-31] (Vimicro Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [x] S1 iSafeKrnl; \??\C:\Program Files (x86)\iSafe\iSafeKrnl.sys [x] S1 iSafeKrnlKit; \??\C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys [x] R1 iSafeKrnlR3; \??\C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys [x] R1 iSafeNetFilter; \??\C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-12 05:56 - 2014-07-12 05:56 - 00000000 ____D C:\FRST 2014-07-11 17:21 - 2014-07-12 05:56 - 00000000 ____D C:\Users\Robson\Desktop\WIRUS 2014-07-11 15:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll 2014-07-11 15:02 - 2014-07-11 15:04 - 00000000 ____D C:\AdwCleaner 2014-07-10 14:46 - 2014-07-10 16:22 - 00000000 ____D C:\Users\Robson\AppData\Roaming\.csrvlauncher 2014-07-10 12:19 - 2014-07-10 12:19 - 01726855 _____ C:\Users\Robson\Downloads\The-Resident-Evil-Mod-1.7.2.rar 2014-07-10 06:11 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2014-07-10 01:02 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe 2014-07-10 01:02 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe 2014-07-10 01:02 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-07-10 01:01 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-07-10 01:01 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-07-10 01:01 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-07-10 01:01 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-07-10 01:01 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-07-10 01:01 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2014-07-10 01:01 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-07-10 01:01 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-07-10 01:01 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-07-10 01:01 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2014-07-10 01:01 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2014-07-10 01:01 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-07-10 01:00 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-07-10 01:00 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-07-10 01:00 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-07-10 01:00 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-07-10 01:00 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-07-10 01:00 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-07-10 01:00 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-07-10 01:00 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-07-10 01:00 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-07-10 01:00 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-07-10 01:00 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-07-10 01:00 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-07-10 01:00 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-07-10 01:00 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-07-10 01:00 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-07-10 01:00 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-07-10 01:00 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-07-10 01:00 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-07-10 01:00 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-07-10 01:00 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-07-10 01:00 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-07-10 01:00 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-07-10 01:00 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2014-07-10 01:00 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2014-07-10 01:00 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-07-10 01:00 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2014-07-10 01:00 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-07-10 01:00 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-07-10 01:00 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-10 01:00 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-07-10 01:00 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-07-10 01:00 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-10 01:00 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-07-10 01:00 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-07-10 01:00 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-07-10 01:00 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2014-07-10 01:00 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-07-10 01:00 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2014-07-10 01:00 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-07-10 00:56 - 2014-07-10 00:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2014-07-09 23:24 - 2014-07-09 23:33 - 00000000 ____D C:\Users\Robson\Downloads\Modpak 2014-07-09 20:15 - 2014-07-09 20:15 - 02474161 _____ C:\Users\Robson\Desktop\CraftserveLauncher.exe 2014-07-09 19:28 - 2014-07-09 19:28 - 00000000 ____D C:\Users\Robson\AppData\Roaming\eCyber 2014-07-09 19:27 - 2014-07-11 15:30 - 00000000 ____D C:\Program Files (x86)\iSafe 2014-07-09 19:27 - 2014-07-11 14:59 - 00000000 ____D C:\Users\Robson\AppData\Roaming\iSafe 2014-07-09 19:27 - 2014-07-09 19:27 - 00000000 ____D C:\WINDOWS\system32\log 2014-07-09 19:27 - 2014-06-27 11:54 - 00044544 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeKrnlBoot.sys 2014-07-09 19:16 - 2014-07-09 19:16 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2014-07-09 19:16 - 2014-07-09 19:16 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2014-07-09 19:16 - 2014-07-09 19:16 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2014-07-09 19:16 - 2014-07-09 19:16 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-07-08 12:00 - 2014-07-11 00:31 - 00001888 _____ C:\WINDOWS\PFRO.log 2014-07-08 11:53 - 2014-07-11 14:39 - 00000000 __RDO C:\Users\Robson\OneDrive 2014-07-07 08:56 - 2014-07-07 09:02 - 00000000 ____D C:\Users\Robson\Desktop\Produkt key 2014-07-06 08:27 - 2014-07-06 08:34 - 00000000 ____D C:\Users\Robson\AppData\Roaming\.myhpspl 2014-07-05 18:18 - 2014-07-05 18:37 - 00000000 ____D C:\Users\Robson\Downloads\3096.dni.2013.PL.BDRip.XviD-BiDA [roberto92r] 2014-07-05 13:17 - 2014-07-05 15:41 - 00000000 ____D C:\Users\Robson\Downloads\[ NAJNOWSZE-TORRENTY.PL ] Haunter.2013.PL.BRRip.XviD-GHW 2014-07-05 13:15 - 2014-07-05 18:18 - 00000000 ____D C:\Users\Robson\Downloads\[ NETEMX.PL ] Miss.Zombie.2013.PLSUBBED.DVDRip.XviD-GHW 2014-07-03 16:06 - 2014-07-03 16:06 - 00024504 _____ C:\Users\Robson\Desktop\hs_err_pid6612.log 2014-07-03 07:56 - 2014-07-03 07:56 - 00024490 _____ C:\Users\Robson\Desktop\hs_err_pid4684.log 2014-07-02 05:55 - 2014-07-02 05:55 - 00000000 ____D C:\Users\Robson\Desktop\pliki test 2014-07-01 15:11 - 2014-07-01 15:11 - 00000000 ____D C:\Program Files (x86)\Odkurzacz 2014-07-01 09:17 - 2014-07-01 09:17 - 01152512 _____ (ProLay) C:\Users\Robson\Desktop\Minecraft Na Modach.exe 2014-06-30 05:03 - 2014-07-05 22:06 - 00000000 ____D C:\Users\Robson\Downloads\[Maxi-Torrents.Pl] Zimowa opowiesc - Winters Tale (2014) [BRRip] [XviD-BiDA] [Lektor PL] 2014-06-30 04:56 - 2014-06-30 05:33 - 00000000 ____D C:\Users\Robson\Downloads\[BEST-TORRENTS.NET] X-Men.Days.of.Future.Past.2014.PLSUBBED.HDTS.XViD-MiNS [Aress] 2014-06-30 04:54 - 2014-06-30 05:14 - 00000000 ____D C:\Users\Robson\Downloads\Kapitan Ameryka 2014-06-29 11:56 - 2014-07-11 15:01 - 00000000 ____D C:\Users\Robson\Desktop\ZRZUTY 2014-06-29 11:24 - 2014-06-29 11:24 - 00000000 ____D C:\Users\Robson\Desktop\Apokalipsa 2014-06-26 22:48 - 2014-06-26 22:48 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-06-26 22:48 - 2014-06-26 22:48 - 00028184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2014-06-23 05:41 - 2014-06-23 05:42 - 00000000 ____D C:\Users\Robson\Desktop\McPixelMod 2014-06-22 13:20 - 2014-06-22 13:20 - 00000000 ____D C:\Users\Robson\Desktop\DivineRPG 2014-06-21 23:48 - 2014-06-22 21:11 - 00000000 ____D C:\Users\Robson\Desktop\mods 2014-06-21 20:25 - 2014-06-21 20:25 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-06-21 20:25 - 2014-06-21 20:25 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-06-21 20:25 - 2014-06-21 20:25 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-06-21 20:25 - 2014-06-21 20:25 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2014-06-21 20:25 - 2014-06-21 20:25 - 00000000 ____D C:\Program Files\Java 2014-06-20 07:08 - 2014-06-20 07:08 - 00000000 ____D C:\Users\Robson\AppData\Local\Adobe 2014-06-19 18:28 - 2014-07-01 15:30 - 00000000 ____D C:\Users\Robson\Downloads\World War Z hq 480p ac3 pl 2013 2014-06-19 09:42 - 2014-06-19 12:45 - 00017350 _____ C:\Users\Robson\Desktop\starmall.cfg 2014-06-19 07:16 - 2014-06-19 07:16 - 00016431 _____ C:\Users\Robson\Desktop\Nowy dokument tekstowy (3).txt 2014-06-18 19:52 - 2014-06-18 19:52 - 00000000 ____D C:\Users\Robson\Desktop\saves 2014-06-18 19:33 - 2014-06-18 19:33 - 714456887 _____ C:\Users\Robson\Downloads\Ważne dane - PRYWATNE.zip 2014-06-18 19:27 - 2014-07-01 15:30 - 00000000 ____D C:\Users\Robson\Downloads\Jack Strong hq 480p ac3 pl 2014 2014-06-18 16:53 - 2014-06-18 16:52 - 00000030 _____ C:\AVScanner.ini 2014-06-14 00:31 - 2014-06-14 00:31 - 00025441 _____ C:\Users\Robson\Desktop\MyBB-Style_Usernames-master.zip 2014-06-12 22:57 - 2014-06-12 22:57 - 00160359 _____ C:\Users\Robson\Desktop\89_greenblack.zip ==================== One Month Modified Files and Folders ======= 2014-07-12 05:56 - 2014-07-12 05:56 - 00000000 ____D C:\FRST 2014-07-12 05:56 - 2014-07-11 17:21 - 00000000 ____D C:\Users\Robson\Desktop\WIRUS 2014-07-12 05:46 - 2014-03-19 16:15 - 00003980 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9A67EC58-CFE3-4F4C-A906-F530612B35BE} 2014-07-12 05:29 - 2014-03-04 00:29 - 00001524 _____ C:\WINDOWS\Tasks\Plus-HD-8.1-updater.job 2014-07-12 05:29 - 2014-03-04 00:29 - 00001480 _____ C:\WINDOWS\Tasks\Plus-HD-8.1-codedownloader.job 2014-07-12 05:09 - 2014-03-21 08:46 - 00001062 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-12 05:07 - 2014-02-20 00:28 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-07-12 05:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru 2014-07-11 19:12 - 2014-02-21 02:05 - 01483773 _____ C:\WINDOWS\WindowsUpdate.log 2014-07-11 15:30 - 2014-07-09 19:27 - 00000000 ____D C:\Program Files (x86)\iSafe 2014-07-11 15:26 - 2014-02-19 21:15 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3458812967-2985060026-3582185073-1002 2014-07-11 15:04 - 2014-07-11 15:02 - 00000000 ____D C:\AdwCleaner 2014-07-11 15:01 - 2014-06-29 11:56 - 00000000 ____D C:\Users\Robson\Desktop\ZRZUTY 2014-07-11 14:59 - 2014-07-09 19:27 - 00000000 ____D C:\Users\Robson\AppData\Roaming\iSafe 2014-07-11 14:46 - 2014-05-11 21:17 - 00000000 ____D C:\Users\Robson\AppData\Roaming\.minecraft 2014-07-11 14:39 - 2014-07-08 11:53 - 00000000 __RDO C:\Users\Robson\OneDrive 2014-07-11 14:39 - 2014-03-21 08:48 - 00002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2014-07-11 14:39 - 2014-03-21 08:46 - 00001058 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-11 14:39 - 2014-03-11 02:53 - 00000000 ___RD C:\Users\Robson\Dropbox 2014-07-11 14:39 - 2014-03-11 02:52 - 00000000 ____D C:\Users\Robson\AppData\Roaming\DropboxMaster 2014-07-11 14:39 - 2014-03-11 02:51 - 00000000 ____D C:\Users\Robson\AppData\Roaming\Dropbox 2014-07-11 14:38 - 2014-04-21 16:30 - 00000388 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0414c_rmv.job 2014-07-11 14:38 - 2014-04-21 16:30 - 00000388 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0414c_rel.job 2014-07-11 01:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2014-07-11 00:37 - 2013-11-14 09:33 - 01828496 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2014-07-11 00:37 - 2013-11-14 09:13 - 00808198 _____ C:\WINDOWS\system32\perfh015.dat 2014-07-11 00:37 - 2013-11-14 09:13 - 00164014 _____ C:\WINDOWS\system32\perfc015.dat 2014-07-11 00:32 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2014-07-11 00:32 - 2013-08-22 16:44 - 00337840 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2014-07-11 00:31 - 2014-07-08 12:00 - 00001888 _____ C:\WINDOWS\PFRO.log 2014-07-10 23:21 - 2013-11-07 21:16 - 00004608 _____ C:\WINDOWS\system32\VfService.trf 2014-07-10 23:21 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2014-07-10 23:20 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2014-07-10 23:20 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-10 23:20 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-10 23:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore 2014-07-10 16:22 - 2014-07-10 14:46 - 00000000 ____D C:\Users\Robson\AppData\Roaming\.csrvlauncher 2014-07-10 15:06 - 2014-02-20 20:50 - 00000000 ____D C:\Users\Robson\AppData\Roaming\FileZilla 2014-07-10 14:39 - 2014-05-22 22:17 - 00000000 ____D C:\Users\Robson\AppData\Roaming\.McNMd 2014-07-10 12:19 - 2014-07-10 12:19 - 01726855 _____ C:\Users\Robson\Downloads\The-Resident-Evil-Mod-1.7.2.rar 2014-07-10 08:51 - 2014-03-01 20:59 - 00000000 ____D C:\GRY I SERWERY MINECRAFT 2014-07-10 06:15 - 2014-02-19 22:28 - 00000000 ____D C:\WINDOWS\system32\MRT 2014-07-10 06:12 - 2014-02-19 22:28 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-07-10 06:12 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2014-07-10 06:11 - 2013-11-14 09:16 - 00000000 ____D C:\Program Files\Windows Journal 2014-07-10 00:56 - 2014-07-10 00:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2014-07-09 23:33 - 2014-07-09 23:24 - 00000000 ____D C:\Users\Robson\Downloads\Modpak 2014-07-09 20:53 - 2014-05-23 18:40 - 00000000 ____D C:\Users\Robson\AppData\Local\ftblauncher 2014-07-09 20:42 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2014-07-09 20:35 - 2014-04-21 12:35 - 00000000 ____D C:\Users\Robson\AppData\Roaming\ftblauncher 2014-07-09 20:34 - 2014-04-28 00:52 - 00000000 ____D C:\Users\Robson\Downloads\Pliki FTB 2014-07-09 20:34 - 2014-04-21 12:34 - 04978786 _____ () C:\Users\Robson\Desktop\launcher^FTB_Launcher.exe 2014-07-09 20:15 - 2014-07-09 20:15 - 02474161 _____ C:\Users\Robson\Desktop\CraftserveLauncher.exe 2014-07-09 19:28 - 2014-07-09 19:28 - 00000000 ____D C:\Users\Robson\AppData\Roaming\eCyber 2014-07-09 19:27 - 2014-07-09 19:27 - 00000000 ____D C:\WINDOWS\system32\log 2014-07-09 19:16 - 2014-07-09 19:16 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2014-07-09 19:16 - 2014-07-09 19:16 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2014-07-09 19:16 - 2014-07-09 19:16 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2014-07-09 19:16 - 2014-07-09 19:16 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-07-09 09:24 - 2014-02-19 23:49 - 00000000 ____D C:\Users\Robson\AppData\Roaming\GG 2014-07-08 19:07 - 2014-02-20 00:28 - 00003818 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-07-08 13:59 - 2014-04-30 20:44 - 00008696 _____ C:\WINDOWS\setupact.log 2014-07-08 11:53 - 2014-02-21 02:11 - 00000000 ____D C:\Users\Robson 2014-07-07 10:36 - 2014-03-26 02:44 - 00000000 ____D C:\Users\Robson\Desktop\DayZ 2014-07-07 09:02 - 2014-07-07 08:56 - 00000000 ____D C:\Users\Robson\Desktop\Produkt key 2014-07-07 01:34 - 2014-05-18 12:28 - 00000710 _____ C:\Users\Robson\Desktop\Nowy dokument tekstowy (2).txt 2014-07-06 08:34 - 2014-07-06 08:27 - 00000000 ____D C:\Users\Robson\AppData\Roaming\.myhpspl 2014-07-05 22:06 - 2014-06-30 05:03 - 00000000 ____D C:\Users\Robson\Downloads\[Maxi-Torrents.Pl] Zimowa opowiesc - Winters Tale (2014) [BRRip] [XviD-BiDA] [Lektor PL] 2014-07-05 20:57 - 2014-03-02 23:48 - 00000000 ____D C:\Users\Robson\AppData\Roaming\BitTorrent 2014-07-05 18:37 - 2014-07-05 18:18 - 00000000 ____D C:\Users\Robson\Downloads\3096.dni.2013.PL.BDRip.XviD-BiDA [roberto92r] 2014-07-05 18:18 - 2014-07-05 13:15 - 00000000 ____D C:\Users\Robson\Downloads\[ NETEMX.PL ] Miss.Zombie.2013.PLSUBBED.DVDRip.XviD-GHW 2014-07-05 15:41 - 2014-07-05 13:17 - 00000000 ____D C:\Users\Robson\Downloads\[ NAJNOWSZE-TORRENTY.PL ] Haunter.2013.PL.BRRip.XviD-GHW 2014-07-04 10:48 - 2014-02-20 18:57 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2014-07-03 16:06 - 2014-07-03 16:06 - 00024504 _____ C:\Users\Robson\Desktop\hs_err_pid6612.log 2014-07-03 07:56 - 2014-07-03 07:56 - 00024490 _____ C:\Users\Robson\Desktop\hs_err_pid4684.log 2014-07-03 00:35 - 2014-02-21 03:10 - 00000000 ____D C:\Users\Robson\AppData\Local\Dino_Chiesa 2014-07-02 05:55 - 2014-07-02 05:55 - 00000000 ____D C:\Users\Robson\Desktop\pliki test 2014-07-01 20:34 - 2014-05-02 22:21 - 00000000 ____D C:\Users\Robson\Downloads\Style pod forum 2014-07-01 15:30 - 2014-06-19 18:28 - 00000000 ____D C:\Users\Robson\Downloads\World War Z hq 480p ac3 pl 2013 2014-07-01 15:30 - 2014-06-18 19:27 - 00000000 ____D C:\Users\Robson\Downloads\Jack Strong hq 480p ac3 pl 2014 2014-07-01 15:30 - 2014-04-26 07:55 - 00000000 ____D C:\Users\Robson\Downloads\POD KOPUŁĄ 2014-07-01 15:11 - 2014-07-01 15:11 - 00000000 ____D C:\Program Files (x86)\Odkurzacz 2014-07-01 15:11 - 2014-05-02 01:34 - 00003362 _____ C:\WINDOWS\System32\Tasks\Odkurzacz 2014-07-01 15:11 - 2014-05-02 01:34 - 00001086 _____ C:\Users\Robson\Desktop\Odkurzacz.lnk 2014-07-01 09:17 - 2014-07-01 09:17 - 01152512 _____ (ProLay) C:\Users\Robson\Desktop\Minecraft Na Modach.exe 2014-06-30 05:33 - 2014-06-30 04:56 - 00000000 ____D C:\Users\Robson\Downloads\[BEST-TORRENTS.NET] X-Men.Days.of.Future.Past.2014.PLSUBBED.HDTS.XViD-MiNS [Aress] 2014-06-30 05:14 - 2014-06-30 04:54 - 00000000 ____D C:\Users\Robson\Downloads\Kapitan Ameryka 2014-06-29 11:24 - 2014-06-29 11:24 - 00000000 ____D C:\Users\Robson\Desktop\Apokalipsa 2014-06-27 11:54 - 2014-07-09 19:27 - 00044544 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeKrnlBoot.sys 2014-06-27 07:33 - 2014-02-19 23:39 - 01592398 _____ (TeamExtreme) C:\Users\Robson\Desktop\Minecraft.exe 2014-06-26 22:55 - 2013-08-22 17:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-06-26 22:55 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-26 22:48 - 2014-06-26 22:48 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-06-26 22:48 - 2014-06-26 22:48 - 00028184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2014-06-26 22:48 - 2014-04-30 07:28 - 00029208 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys 2014-06-26 22:48 - 2014-02-20 18:57 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2014-06-26 22:48 - 2014-02-20 18:57 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2014-06-26 22:48 - 2014-02-20 18:57 - 00224896 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys 2014-06-26 22:48 - 2014-02-20 18:57 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2014-06-26 22:48 - 2014-02-20 18:57 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys 2014-06-26 22:48 - 2014-02-20 18:57 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2014-06-26 22:48 - 2014-02-20 18:57 - 00065776 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys 2014-06-26 22:48 - 2014-02-20 18:57 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2014-06-26 15:36 - 2014-02-19 23:49 - 00000000 ____D C:\Users\Robson\AppData\Local\GG 2014-06-23 05:42 - 2014-06-23 05:41 - 00000000 ____D C:\Users\Robson\Desktop\McPixelMod 2014-06-22 22:00 - 2014-05-15 06:59 - 00000000 ____D C:\Users\Robson\Desktop\Nowy folder (2) 2014-06-22 21:11 - 2014-06-21 23:48 - 00000000 ____D C:\Users\Robson\Desktop\mods 2014-06-22 13:20 - 2014-06-22 13:20 - 00000000 ____D C:\Users\Robson\Desktop\DivineRPG 2014-06-21 20:25 - 2014-06-21 20:25 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-06-21 20:25 - 2014-06-21 20:25 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-06-21 20:25 - 2014-06-21 20:25 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-06-21 20:25 - 2014-06-21 20:25 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2014-06-21 20:25 - 2014-06-21 20:25 - 00000000 ____D C:\Program Files\Java 2014-06-20 07:08 - 2014-06-20 07:08 - 00000000 ____D C:\Users\Robson\AppData\Local\Adobe 2014-06-19 13:04 - 2014-03-21 08:46 - 00004034 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-19 13:04 - 2014-03-21 08:46 - 00003798 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-19 12:45 - 2014-06-19 09:42 - 00017350 _____ C:\Users\Robson\Desktop\starmall.cfg 2014-06-19 07:16 - 2014-06-19 07:16 - 00016431 _____ C:\Users\Robson\Desktop\Nowy dokument tekstowy (3).txt 2014-06-19 03:39 - 2014-07-10 01:01 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-06-19 02:48 - 2014-07-10 01:00 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-06-19 02:16 - 2014-07-10 01:01 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-06-19 02:09 - 2014-07-10 01:00 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-06-19 01:51 - 2014-07-10 01:01 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-06-19 01:50 - 2014-07-10 01:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-06-19 01:48 - 2014-07-10 01:00 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-06-19 01:46 - 2014-07-10 01:01 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-06-19 01:39 - 2014-07-10 01:00 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-06-19 01:33 - 2014-07-10 01:00 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-06-19 01:32 - 2014-07-10 01:00 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-06-19 01:27 - 2014-07-10 01:00 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-06-19 01:12 - 2014-07-10 01:00 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-06-19 00:59 - 2014-07-10 01:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-06-19 00:58 - 2014-07-10 01:00 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-06-19 00:58 - 2014-07-10 01:00 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-06-19 00:57 - 2014-07-10 01:01 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-06-19 00:52 - 2014-07-10 01:00 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-06-19 00:51 - 2014-07-10 01:00 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-06-19 00:49 - 2014-07-10 01:00 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-06-19 00:45 - 2014-07-10 01:00 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-06-19 00:35 - 2014-07-10 01:00 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-06-19 00:34 - 2014-07-10 01:00 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-06-19 00:15 - 2014-07-10 01:00 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-06-19 00:13 - 2014-07-10 01:00 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-06-19 00:09 - 2014-07-10 01:00 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-06-19 00:07 - 2014-07-10 01:00 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-06-18 19:52 - 2014-06-18 19:52 - 00000000 ____D C:\Users\Robson\Desktop\saves 2014-06-18 19:33 - 2014-06-18 19:33 - 714456887 _____ C:\Users\Robson\Downloads\Ważne dane - PRYWATNE.zip 2014-06-18 16:52 - 2014-06-18 16:53 - 00000030 _____ C:\AVScanner.ini 2014-06-18 16:43 - 2014-06-04 15:50 - 00003866 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1398987162 2014-06-18 16:43 - 2014-05-02 01:32 - 00000000 ____D C:\Program Files (x86)\Opera 2014-06-17 00:26 - 2014-07-10 01:02 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe 2014-06-17 00:24 - 2014-07-10 01:02 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe 2014-06-14 00:31 - 2014-06-14 00:31 - 00025441 _____ C:\Users\Robson\Desktop\MyBB-Style_Usernames-master.zip 2014-06-12 22:57 - 2014-06-12 22:57 - 00160359 _____ C:\Users\Robson\Desktop\89_greenblack.zip 2014-06-12 08:54 - 2014-04-30 07:37 - 00000000 ____D C:\Program Files\AVG SafeGuard toolbar 2014-06-12 08:54 - 2014-02-20 04:41 - 00050464 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys 2014-06-12 08:54 - 2014-02-20 04:41 - 00003747 _____ C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml 2014-06-12 08:54 - 2014-02-19 21:09 - 00000000 ___RD C:\Users\Robson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-06-12 08:54 - 2014-02-19 21:09 - 00000000 ___RD C:\Users\Robson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-06-12 08:52 - 2014-02-19 23:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-12 00:31 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2014-06-12 00:31 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe Some content of TEMP: ==================== C:\Users\Robson\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpde1oij.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe [2014-04-29 15:09] - [2014-02-22 11:45] - 0562176 ____A (Microsoft Corporation) 306EB21E5B480AE9065EA55AC8C35936 C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe [2014-04-29 15:17] - [2014-03-04 14:25] - 2373784 ____A (Microsoft Corporation) 81394C91B7B5A7C799E249AE82491F13 C:\Windows\SysWOW64\explorer.exe [2014-04-29 15:17] - [2014-03-04 13:16] - 2088160 ____A (Microsoft Corporation) 119E091B5386379BC5AA598BE9440C75 C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe [2014-06-11 13:21] - [2014-03-28 17:58] - 0407016 ____A (Microsoft Corporation) 067CB90C277DB4A737D5DEABA3055972 C:\Windows\System32\User32.dll [2014-04-29 15:09] - [2014-02-22 18:59] - 1519520 ____A (Microsoft Corporation) CEB069C882A0DFEDBE5C1590D44B1052 C:\Windows\SysWOW64\User32.dll [2014-04-29 15:09] - [2014-02-22 11:25] - 1361408 ____A (Microsoft Corporation) C7099D6A46B880EE194F7A4473D71E10 C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys [2014-06-11 13:21] - [2014-03-06 14:42] - 0310616 ___AC (Microsoft Corporation) 4BB9BC49DEE1A319EC58274A7BBED663 LastRegBack: 2014-07-11 06:15 ==================== End Of Log ============================