Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2014
Ran by Grzesiek (administrator) on GRZESIEKXD on 05-09-2014 15:46:18
Running from C:\Users\Grzesiek\Desktop
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) G:\Advanced SystemCare 6\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Windows\System32\hale.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(PixArt Imaging Incorporation) C:\Windows\Pixart\Pac7302\Monitor.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() F:\RocketDock\RocketDock.exe
(Akamai Technologies, Inc.) C:\Users\Grzesiek\AppData\Local\Akamai\netsession_win.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files\Hotspot Shield\bin\hsswd.exe
(Akamai Technologies, Inc.) C:\Users\Grzesiek\AppData\Local\Akamai\netsession_win.exe
(Razer Inc.) H:\Razer Game Booster\RzKLService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Users\Grzesiek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Grzesiek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Grzesiek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Grzesiek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Grzesiek\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\SmarterPower\bin\utilSmarterPower.exe
() C:\Program Files\SmarterPower\bin\SmarterPower.PurBrowse.exe
() C:\Program Files\SmarterPower\bin\SmarterPower.BrowserAdapter.exe
() C:\Program Files\SmarterPower\updateSmarterPower.exe
(Google Inc.) C:\Users\Grzesiek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Grzesiek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Grzesiek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Grzesiek\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11487848 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [Chew7Hale] => C:\Windows\System32\hale.exe [2169856 2012-06-28] ()
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Aeria Ignite] => C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKU\S-1-5-21-3397978267-1128441615-3336433578-1000\...\Run: [RocketDock] => F:\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3397978267-1128441615-3336433578-1000\...\Run: [DAEMON Tools Lite] => G:\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-3397978267-1128441615-3336433578-1000\...\Run: [Google Update] => C:\Users\Grzesiek\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-29] (Google Inc.)
HKU\S-1-5-21-3397978267-1128441615-3336433578-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-09] ()
HKU\S-1-5-21-3397978267-1128441615-3336433578-1000\...\Run: [MarbleStation] => [X]
HKU\S-1-5-21-3397978267-1128441615-3336433578-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Grzesiek\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1406818087&from=smt&uid=SAMSUNGXSP1654N_S0GEJ10L317166
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.istartsurf.com/?type=hp&ts=1406818087&from=smt&uid=SAMSUNGXSP1654N_S0GEJ10L317166
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1406818087&from=smt&uid=SAMSUNGXSP1654N_S0GEJ10L317166&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1406818087&from=smt&uid=SAMSUNGXSP1654N_S0GEJ10L317166
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1406818087&from=smt&uid=SAMSUNGXSP1654N_S0GEJ10L317166
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1406818087&from=smt&uid=SAMSUNGXSP1654N_S0GEJ10L317166&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1406818087&from=smt&uid=SAMSUNGXSP1654N_S0GEJ10L317166
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - DefaultScope {C33946FC-C759-4842-BAC0-1A899E00F368} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
SearchScopes: HKCU - {C33946FC-C759-4842-BAC0-1A899E00F368} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO: SmarterPower -> {bd7c9b62-a7d9-4405-be51-7fd633f08791} -> C:\Program Files\SmarterPower\SmarterPowerbho.dll (SmarterPower)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{3CB10C66-3360-4ABD-B4FF-667903B3CB51}: [NameServer] 220.67.222.222,208.67.220.220

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> H:\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @live.heroesandgenerals.com/npretox -> H:\Heroes & Generals\live\npretoxlive.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @perfectworld.com/npArcPlayNowPlugin -> D:\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @vividas.com/npVividasPlayer -> G:\Player\npVividasPlayer.dll ( )
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Grzesiek\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Grzesiek\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Grzesiek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-15]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=128
CHR StartupUrls: Default -> "hxxp://bing.pl/"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchProvider: Default -> Bing
CHR DefaultSearchURL: Default -> https://mail.google.com/mail/?extsrc=mailto&url=%s
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab?setmkt=pl-PL
CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}
CHR CustomProfile: C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dysk Google) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-20]
CHR Extension: (YouTube) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-08]
CHR Extension: (Adblock Plus) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-03]
CHR Extension: (Szukaj w Google) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-08]
CHR Extension: (Battlefield Play4Free) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei [2012-07-25]
CHR Extension: (AdBlock) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-03]
CHR Extension: (Google Wallet) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Battlefield Play4Free) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2013-04-26]
CHR Extension: (Gmail) - C:\Users\Grzesiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-08]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Grzesiek\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-09-20]
CHR StartMenuInternet: Google Chrome - C:\Users\Grzesiek\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService6; G:\Advanced SystemCare 6\ASCService.exe [465216 2013-01-15] (IObit)
S3 ArcService; D:\Arc\ArcService.exe [88400 2014-07-24] (Perfect World Entertainment Inc)
R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed]
S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [694784 2014-07-31] (Cherished Technololgy LIMITED) [File not signed]
S3 npggsvc; C:\Windows\system32\GameMon.des [5131672 2013-12-02] (INCA Internet Co., Ltd.)
R2 RzKLService; H:\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Update SmarterPower; C:\Program Files\SmarterPower\updateSmarterPower.exe [323320 2014-09-05] ()
R2 Util SmarterPower; C:\Program Files\SmarterPower\bin\utilSmarterPower.exe [323320 2014-09-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-06-16] (DT Soft Ltd)
R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-14] (VIA Technologies, Inc.              )
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [39624 2014-05-17] (AnchorFree Inc.)
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.)
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.)
R3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2014-05-17] (Anchorfree Inc.)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex) [File not signed]
R1 {5eeb83d0-96ea-4249-942c-beead6847053}Gw; C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw.sys [52376 2014-09-04] (StdLib)
R1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw; C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw.sys [52920 2014-07-09] (StdLib)
S3 dump_wmimmc; \??\G:\Yulgang2EN\GameGuard\dump_wmimmc.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
U3 kxddrfow; \??\C:\Users\Grzesiek\AppData\Local\Temp\kxddrfow.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-05 15:46 - 2014-09-05 15:46 - 00019322 _____ () C:\Users\Grzesiek\Desktop\FRST.txt
2014-09-05 15:45 - 2014-09-05 15:46 - 00000000 ____D () C:\FRST
2014-09-05 15:44 - 2014-09-05 15:45 - 01096704 _____ (Farbar) C:\Users\Grzesiek\Desktop\FRST.exe
2014-09-05 15:42 - 2014-09-05 15:44 - 00049201 _____ () C:\Users\Grzesiek\Desktop\GMER.txt
2014-09-05 14:54 - 2014-09-05 14:54 - 00380416 _____ () C:\Users\Grzesiek\Desktop\8z3d2rev.exe
2014-09-04 22:12 - 2014-09-04 22:12 - 00402562 _____ () C:\Users\Grzesiek\Desktop\OTL.Txt
2014-09-04 21:44 - 2014-09-04 21:45 - 00602112 _____ (OldTimer Tools) C:\Users\Grzesiek\Desktop\OTL.exe
2014-09-04 21:33 - 2014-09-04 21:33 - 00000000 ____D () C:\ProgramData\IObit
2014-09-04 20:58 - 2014-09-04 09:20 - 00052376 _____ (StdLib) C:\Windows\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw.sys
2014-09-04 20:57 - 2014-09-04 20:57 - 00001065 _____ () C:\Users\Public\Desktop\Removal Tool.lnk
2014-09-04 20:56 - 2014-09-04 21:32 - 00000000 ____D () C:\Program Files\SmarterPower
2014-09-04 20:56 - 2014-09-04 20:56 - 00000000 ____D () C:\Program Files\9-lab
2014-08-31 11:02 - 2014-08-31 11:02 - 00143120 _____ () C:\Windows\Minidump\083114-18766-01.dmp
2014-08-29 12:21 - 2014-08-29 12:21 - 00000000 ____D () C:\Program Files\LG Electronics
2014-08-26 16:19 - 2014-08-26 16:19 - 00143168 _____ () C:\Windows\Minidump\082614-20872-01.dmp
2014-08-25 20:42 - 2014-08-25 20:43 - 00002432 _____ () C:\Users\Grzesiek\AppData\Local\TempSE5380.html
2014-08-25 13:19 - 2014-08-25 13:29 - 00002432 _____ () C:\Users\Grzesiek\AppData\Local\Tempoj5704.html
2014-08-15 18:37 - 2014-08-15 18:37 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-08-15 18:37 - 2013-12-02 00:43 - 05131672 _____ (INCA Internet Co., Ltd.) C:\Windows\system32\GameMon.des
2014-08-15 18:36 - 2014-08-15 18:36 - 00000000 ____D () C:\Cubizone
2014-08-14 21:32 - 2014-08-15 18:37 - 00000615 _____ () C:\Users\Grzesiek\Desktop\Yulgang2.lnk
2014-08-12 02:08 - 2014-08-12 02:08 - 00143120 _____ () C:\Windows\Minidump\081214-19406-01.dmp
2014-08-12 00:46 - 2014-08-12 00:46 - 00143120 _____ () C:\Windows\Minidump\081214-19812-01.dmp
2014-08-11 14:38 - 2014-08-11 14:38 - 00143120 _____ () C:\Windows\Minidump\081114-22698-01.dmp
2014-08-11 14:08 - 2014-08-11 14:08 - 00143120 _____ () C:\Windows\Minidump\081114-20576-01.dmp
2014-08-11 13:52 - 2014-08-11 13:52 - 00143120 _____ () C:\Windows\Minidump\081114-20373-01.dmp
2014-08-09 18:12 - 2014-08-09 18:12 - 00000000 ____D () C:\Users\Grzesiek\Downloads\ChomikBox
2014-08-09 18:11 - 2014-08-10 23:19 - 00000000 ____D () C:\Users\Grzesiek\AppData\Local\ChomikBox
2014-08-09 18:11 - 2014-08-10 23:19 - 00000000 ____D () C:\Program Files\ChomikBox
2014-08-07 15:14 - 2014-08-07 15:14 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-06 21:27 - 2014-08-29 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-06 21:27 - 2014-08-07 15:14 - 00000000 ___RD () C:\Program Files\Skype
2014-08-06 21:27 - 2014-08-06 21:27 - 00000000 ____D () C:\Users\Grzesiek\AppData\Local\Skype
2014-08-06 12:44 - 2014-08-06 12:44 - 00143120 _____ () C:\Windows\Minidump\080614-20217-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-05 15:46 - 2014-09-05 15:46 - 00019322 _____ () C:\Users\Grzesiek\Desktop\FRST.txt
2014-09-05 15:46 - 2014-09-05 15:45 - 00000000 ____D () C:\FRST
2014-09-05 15:45 - 2014-09-05 15:44 - 01096704 _____ (Farbar) C:\Users\Grzesiek\Desktop\FRST.exe
2014-09-05 15:44 - 2014-09-05 15:42 - 00049201 _____ () C:\Users\Grzesiek\Desktop\GMER.txt
2014-09-05 15:32 - 2013-09-20 16:49 - 00001040 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-05 15:20 - 2012-10-06 22:59 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-05 15:19 - 2012-11-29 19:14 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3397978267-1128441615-3336433578-1000UA.job
2014-09-05 14:54 - 2014-09-05 14:54 - 00380416 _____ () C:\Users\Grzesiek\Desktop\8z3d2rev.exe
2014-09-05 14:29 - 2012-12-09 12:04 - 00000000 ____D () C:\Users\Grzesiek\AppData\Local\PMB Files
2014-09-05 14:10 - 2009-07-14 04:04 - 00001036 _____ () C:\Windows\win.ini
2014-09-05 14:02 - 2012-03-08 20:54 - 01747294 _____ () C:\Windows\WindowsUpdate.log
2014-09-05 13:59 - 2013-09-20 16:49 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-05 13:59 - 2013-06-08 20:47 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-09-05 13:59 - 2013-06-03 12:50 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-09-05 13:58 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-05 13:58 - 2009-07-14 06:39 - 00306101 _____ () C:\Windows\setupact.log
2014-09-04 22:12 - 2014-09-04 22:12 - 00402562 _____ () C:\Users\Grzesiek\Desktop\OTL.Txt
2014-09-04 21:45 - 2014-09-04 21:44 - 00602112 _____ (OldTimer Tools) C:\Users\Grzesiek\Desktop\OTL.exe
2014-09-04 21:33 - 2014-09-04 21:33 - 00000000 ____D () C:\ProgramData\IObit
2014-09-04 21:32 - 2014-09-04 20:56 - 00000000 ____D () C:\Program Files\SmarterPower
2014-09-04 20:57 - 2014-09-04 20:57 - 00001065 _____ () C:\Users\Public\Desktop\Removal Tool.lnk
2014-09-04 20:56 - 2014-09-04 20:56 - 00000000 ____D () C:\Program Files\9-lab
2014-09-04 20:55 - 2014-07-11 14:27 - 07828120 _____ () C:\Users\Grzesiek\Downloads\rmtool-setup-x86.exe
2014-09-04 20:47 - 2012-03-08 20:55 - 00000000 ____D () C:\Users\Grzesiek
2014-09-04 20:36 - 2014-07-31 16:49 - 00000000 ____D () C:\Program Files\SupTab
2014-09-04 19:19 - 2012-11-29 19:14 - 00001018 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3397978267-1128441615-3336433578-1000Core.job
2014-09-04 09:20 - 2014-09-04 20:58 - 00052376 _____ (StdLib) C:\Windows\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw.sys
2014-09-03 14:41 - 2014-01-20 16:50 - 00003860 _____ () C:\Windows\windefendam.log
2014-09-03 14:41 - 2014-01-20 16:50 - 00000020 _____ () C:\Windows\capsys184523.log
2014-09-02 23:01 - 2013-01-05 12:07 - 00000000 ____D () C:\Users\Grzesiek\.gimp-2.6
2014-09-02 19:47 - 2014-04-14 22:21 - 00000000 ____D () C:\ProgramData\whoislive
2014-09-02 19:46 - 2013-05-17 16:23 - 00000000 ____D () C:\Program Files\Audioblast
2014-09-02 19:46 - 2012-08-07 09:33 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-08-31 11:02 - 2014-08-31 11:02 - 00143120 _____ () C:\Windows\Minidump\083114-18766-01.dmp
2014-08-31 11:02 - 2014-05-18 15:08 - 1669521076 _____ () C:\Windows\MEMORY.DMP
2014-08-31 11:02 - 2012-08-04 20:41 - 00000000 ____D () C:\Windows\Minidump
2014-08-30 12:02 - 2014-03-09 10:10 - 00032098 _____ () C:\Users\Grzesiek\Desktop\Playlista.asx
2014-08-29 21:56 - 2014-08-06 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-29 15:06 - 2014-01-05 10:08 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-08-29 13:13 - 2014-04-08 22:05 - 00000000 ____D () C:\Users\Grzesiek\AppData\Roaming\Audacity
2014-08-29 12:21 - 2014-08-29 12:21 - 00000000 ____D () C:\Program Files\LG Electronics
2014-08-27 12:50 - 2012-03-08 21:02 - 00000000 ____D () C:\Users\Grzesiek\AppData\Local\WMTools Downloaded Files
2014-08-27 12:37 - 2012-03-08 21:01 - 00016896 _____ () C:\Users\Grzesiek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-26 16:19 - 2014-08-26 16:19 - 00143168 _____ () C:\Windows\Minidump\082614-20872-01.dmp
2014-08-26 14:23 - 2009-07-14 06:34 - 00010128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-26 14:23 - 2009-07-14 06:34 - 00010128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-25 20:43 - 2014-08-25 20:42 - 00002432 _____ () C:\Users\Grzesiek\AppData\Local\TempSE5380.html
2014-08-25 13:29 - 2014-08-25 13:19 - 00002432 _____ () C:\Users\Grzesiek\AppData\Local\Tempoj5704.html
2014-08-24 22:57 - 2009-07-14 06:53 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-24 21:04 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-08-22 11:12 - 2014-02-22 15:54 - 00000000 ____D () C:\Users\Grzesiek\AppData\Local\Battle.net
2014-08-22 10:52 - 2014-04-28 18:23 - 00000000 ____D () C:\Program Files\Battle.net
2014-08-17 15:39 - 2013-09-20 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-16 12:58 - 2014-02-22 15:54 - 00000000 ____D () C:\Users\Grzesiek\AppData\Roaming\Battle.net
2014-08-15 18:37 - 2014-08-15 18:37 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-08-15 18:37 - 2014-08-14 21:32 - 00000615 _____ () C:\Users\Grzesiek\Desktop\Yulgang2.lnk
2014-08-15 18:36 - 2014-08-15 18:36 - 00000000 ____D () C:\Cubizone
2014-08-15 16:40 - 2012-03-09 19:16 - 00696050 _____ () C:\Windows\PFRO.log
2014-08-15 15:59 - 2012-07-01 12:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 20:49 - 2012-03-08 20:59 - 01679202 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-14 20:49 - 2009-07-14 10:07 - 00743770 _____ () C:\Windows\system32\perfh015.dat
2014-08-14 20:49 - 2009-07-14 10:07 - 00157252 _____ () C:\Windows\system32\perfc015.dat
2014-08-12 19:28 - 2012-03-29 16:27 - 00000000 ____D () C:\Users\Grzesiek\AppData\Roaming\Skype
2014-08-12 02:08 - 2014-08-12 02:08 - 00143120 _____ () C:\Windows\Minidump\081214-19406-01.dmp
2014-08-12 00:46 - 2014-08-12 00:46 - 00143120 _____ () C:\Windows\Minidump\081214-19812-01.dmp
2014-08-11 14:38 - 2014-08-11 14:38 - 00143120 _____ () C:\Windows\Minidump\081114-22698-01.dmp
2014-08-11 14:08 - 2014-08-11 14:08 - 00143120 _____ () C:\Windows\Minidump\081114-20576-01.dmp
2014-08-11 13:52 - 2014-08-11 13:52 - 00143120 _____ () C:\Windows\Minidump\081114-20373-01.dmp
2014-08-10 23:20 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-08-10 23:19 - 2014-08-09 18:11 - 00000000 ____D () C:\Users\Grzesiek\AppData\Local\ChomikBox
2014-08-10 23:19 - 2014-08-09 18:11 - 00000000 ____D () C:\Program Files\ChomikBox
2014-08-10 23:19 - 2014-07-31 21:13 - 00000000 ____D () C:\Users\Grzesiek\AppData\Roaming\Arc
2014-08-10 23:19 - 2013-06-25 09:09 - 00000000 ____D () C:\Users\Grzesiek\AppData\Local\Akamai
2014-08-10 23:19 - 2012-05-13 08:25 - 00000000 ____D () C:\Users\Grzesiek\AppData\Roaming\GRETECH
2014-08-10 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-08-09 21:21 - 2014-02-05 15:06 - 00000000 ____D () C:\Users\Grzesiek\.gstreamer-0.10
2014-08-09 18:12 - 2014-08-09 18:12 - 00000000 ____D () C:\Users\Grzesiek\Downloads\ChomikBox
2014-08-07 15:14 - 2014-08-07 15:14 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-07 15:14 - 2014-08-06 21:27 - 00000000 ___RD () C:\Program Files\Skype
2014-08-07 15:14 - 2012-03-29 16:27 - 00000000 ____D () C:\ProgramData\Skype
2014-08-06 21:27 - 2014-08-06 21:27 - 00000000 ____D () C:\Users\Grzesiek\AppData\Local\Skype
2014-08-06 12:44 - 2014-08-06 12:44 - 00143120 _____ () C:\Windows\Minidump\080614-20217-01.dmp

Some content of TEMP:
====================
C:\Users\Grzesiek\AppData\Local\temp\3993uninstall.exe
C:\Users\Grzesiek\AppData\Local\temp\AskSLib.dll
C:\Users\Grzesiek\AppData\Local\temp\DivXSetup.exe
C:\Users\Grzesiek\AppData\Local\temp\ede29fff03c251215c13790aff0f5883.dll
C:\Users\Grzesiek\AppData\Local\temp\gg10.upgr.exe
C:\Users\Grzesiek\AppData\Local\temp\GLF8E54.tmp.dll
C:\Users\Grzesiek\AppData\Local\temp\GLFE326.tmp.dll
C:\Users\Grzesiek\AppData\Local\temp\GomEncDnInstaller.exe
C:\Users\Grzesiek\AppData\Local\temp\htmlayout.dll
C:\Users\Grzesiek\AppData\Local\temp\install_flashplayer11x32axau_mssa_aih_1.exe
C:\Users\Grzesiek\AppData\Local\temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Grzesiek\AppData\Local\temp\mgsqlite3.dll
C:\Users\Grzesiek\AppData\Local\temp\NGMDll.dll
C:\Users\Grzesiek\AppData\Local\temp\NGMResource.dll
C:\Users\Grzesiek\AppData\Local\temp\Quarantine.exe
C:\Users\Grzesiek\AppData\Local\temp\setup_new.exe
C:\Users\Grzesiek\AppData\Local\temp\Shortcut_bundlesweetimsetup.exe
C:\Users\Grzesiek\AppData\Local\temp\SIMEEIInstaller.exe
C:\Users\Grzesiek\AppData\Local\temp\SkypeSetup.exe
C:\Users\Grzesiek\AppData\Local\temp\smt_istartsurf.exe
C:\Users\Grzesiek\AppData\Local\temp\SQLite.dll
C:\Users\Grzesiek\AppData\Local\temp\Sqlite3.dll
C:\Users\Grzesiek\AppData\Local\temp\SRLDetectionLibrary5499159675222933561.dll
C:\Users\Grzesiek\AppData\Local\temp\swt-win32-3740.dll
C:\Users\Grzesiek\AppData\Local\temp\tmp3E08.exe
C:\Users\Grzesiek\AppData\Local\temp\toolbar127733.exe
C:\Users\Grzesiek\AppData\Local\temp\toolbar128076.exe
C:\Users\Grzesiek\AppData\Local\temp\toolbar27445021.exe
C:\Users\Grzesiek\AppData\Local\temp\ubiAB1E.tmp.exe
C:\Users\Grzesiek\AppData\Local\temp\unicows.dll
C:\Users\Grzesiek\AppData\Local\temp\uninst1.exe
C:\Users\Grzesiek\AppData\Local\temp\uninstall140229.exe
C:\Users\Grzesiek\AppData\Local\temp\uninstall145938.exe
C:\Users\Grzesiek\AppData\Local\temp\uninstall4066197.exe
C:\Users\Grzesiek\AppData\Local\temp\uninstall4074683.exe
C:\Users\Grzesiek\AppData\Local\temp\uninstall4074714.exe
C:\Users\Grzesiek\AppData\Local\temp\update56565.exe
C:\Users\Grzesiek\AppData\Local\temp\update75925.exe
C:\Users\Grzesiek\AppData\Local\temp\vcredist_x86_80.exe
C:\Users\Grzesiek\AppData\Local\temp\vcredist_x86_90.exe
C:\Users\Grzesiek\AppData\Local\temp\vReveal-1.0.1-setup.exe
C:\Users\Grzesiek\AppData\Local\temp\{10D61A96-8C79-453A-9E46-A7B1F0D39608}-34.0.1847.131_34.0.1847.116_chrome_updater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe
[2014-05-14 14:58] - [2014-03-04 11:17] - 0285696 ____A (Microsoft Corporation) 1562571D6B1541098E677C3BB78709A0

C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2012-03-11 09:42] - [2012-04-17 15:44] - 0811520 ____A (Microsoft Corporation) B189A238B879FC36EF79E05D322FB2C2

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-14 10:04

==================== End Of Log ============================