Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02 Ran by Marcin_GW (administrator) on MARCIN_DOM on 13-01-2015 17:43:51 Running from D:\Programy\diagnostyka\frst Loaded Profile: Marcin_GW (Available profiles: Marcin_GW & UpdatusUser) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) D:\Programy\Hamachi\hamachi-2.exe (LogMeIn, Inc.) D:\Programy\Hamachi\LMIGuardianSvc.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Valve Corporation) D:\gry\steam\Steam.exe (Valve Corporation) D:\gry\steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) D:\gry\steam\bin\steamwebhelper.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor) HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-10] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated) HKU\S-1-5-21-2390189086-3348412821-3457465990-1000\...\Run: [Google Update] => C:\Users\Marcin_GW\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-17] (Google Inc.) HKU\S-1-5-21-2390189086-3348412821-3457465990-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation) HKU\S-1-5-21-2390189086-3348412821-3457465990-1000\...\Run: [Opos] => [X] ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Marcin_GW\AppData\Roaming\Mozilla\Firefox\Profiles\5vvnts7o.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2390189086-3348412821-3457465990-1000: @emusic.com/eMusicPlugin DLM6 -> D:\eMusic Download Manager 6\npEMusic603.dll (eMusic.com) FF Plugin HKU\S-1-5-21-2390189086-3348412821-3457465990-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Marcin_GW\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKU\S-1-5-21-2390189086-3348412821-3457465990-1000: @talk.google.com/O1DPlugin -> C:\Users\Marcin_GW\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKU\S-1-5-21-2390189086-3348412821-3457465990-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Marcin_GW\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-2390189086-3348412821-3457465990-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Marcin_GW\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-2390189086-3348412821-3457465990-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marcin_GW\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2390189086-3348412821-3457465990-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin ProgramFiles/Appdata: C:\Users\Marcin_GW\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Marcin_GW\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF Extension: British English Dictionary (Updated) - C:\Users\Marcin_GW\AppData\Roaming\Mozilla\Firefox\Profiles\5vvnts7o.default\Extensions\en-gb@flyingtophat.co.uk [2015-01-06] FF Extension: Enhanced Steam - C:\Users\Marcin_GW\AppData\Roaming\Mozilla\Firefox\Profiles\5vvnts7o.default\Extensions\jid0-SmvlvxGpvCyG252KbVMqIKR79Uc@jetpack.xpi [2014-12-20] FF Extension: Adblock Plus - C:\Users\Marcin_GW\AppData\Roaming\Mozilla\Firefox\Profiles\5vvnts7o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-14] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-12-09] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-12-09] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-09] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-05-16] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR Profile: C:\Users\Marcin_GW\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Marcin_GW\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-21] CHR Extension: (Szukaj w Google) - C:\Users\Marcin_GW\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-21] CHR Extension: (Twitch.tv Europe Lag Fix) - C:\Users\Marcin_GW\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkoehmlkhjgaboegkondkciclminpjof [2013-11-06] CHR Extension: (Ghostery) - C:\Users\Marcin_GW\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-10-12] CHR Extension: (Google Wallet) - C:\Users\Marcin_GW\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Gmail) - C:\Users\Marcin_GW\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-21] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-12] CHR StartMenuInternet: Google Chrome - C:\Users\Marcin_GW\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-12] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-12] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-12] (Avast Software) S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2013-11-19] (BitRaider, LLC) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S3 DAUpdaterSvc; D:\gry\steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-06-05] (BioWare) R2 Hamachi2Svc; D:\Programy\Hamachi\hamachi-2.exe [2530640 2014-12-13] (LogMeIn Inc.) S3 Origin Client Service; D:\Origin\OriginClientService.exe [1900400 2014-11-27] (Electronic Arts) S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed] S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-12] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-12] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-12] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-12] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-12] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-12] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-12] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-12] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-12] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-05-28] () S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-11-13] (BitRaider) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-05-28] () R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-12] (Avast Software) S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X] S3 cpuz138; \??\C:\Users\MARCIN~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-13 17:43 - 2015-01-13 17:43 - 00000000 ____D () C:\FRST 2015-01-13 17:42 - 2015-01-13 17:42 - 02124288 _____ (Farbar) C:\Users\Marcin_GW\Downloads\FRST64.exe 2015-01-13 15:20 - 2015-01-13 15:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-01-13 15:20 - 2015-01-13 15:20 - 00002043 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2015-01-13 15:00 - 2015-01-13 15:00 - 00000197 _____ () C:\Windows\system32\2015-01-13-14-00-24.023-AvastVBoxSVC.exe-2860.log 2015-01-12 15:06 - 2015-01-12 15:06 - 00000197 _____ () C:\Windows\system32\2015-01-12-14-06-02.081-AvastVBoxSVC.exe-3328.log 2015-01-11 09:14 - 2015-01-11 09:14 - 00000197 _____ () C:\Windows\system32\2015-01-11-08-14-34.098-AvastVBoxSVC.exe-2956.log 2015-01-10 08:52 - 2015-01-10 08:52 - 00000197 _____ () C:\Windows\system32\2015-01-10-07-52-16.027-AvastVBoxSVC.exe-2612.log 2015-01-09 08:16 - 2015-01-09 08:17 - 00000197 _____ () C:\Windows\system32\2015-01-09-07-16-25.028-AvastVBoxSVC.exe-2700.log 2015-01-08 08:14 - 2015-01-08 08:15 - 00000197 _____ () C:\Windows\system32\2015-01-08-07-14-41.018-AvastVBoxSVC.exe-2540.log 2015-01-07 07:17 - 2015-01-07 07:17 - 00000197 _____ () C:\Windows\system32\2015-01-07-06-17-14.050-AvastVBoxSVC.exe-3700.log 2015-01-06 07:53 - 2015-01-06 07:53 - 00000197 _____ () C:\Windows\system32\2015-01-06-06-53-13.052-AvastVBoxSVC.exe-2760.log 2015-01-04 12:19 - 2015-01-04 12:19 - 00000883 _____ () C:\Users\Marcin_GW\Desktop\HWMonitor_x64 — skrót.lnk 2015-01-04 08:11 - 2015-01-04 08:11 - 00000197 _____ () C:\Windows\system32\2015-01-04-07-11-10.053-AvastVBoxSVC.exe-3144.log 2015-01-03 14:55 - 2015-01-03 14:56 - 00000197 _____ () C:\Windows\system32\2015-01-03-13-55-47.090-AvastVBoxSVC.exe-3152.log 2015-01-02 15:44 - 2015-01-02 15:44 - 00000197 _____ () C:\Windows\system32\2015-01-02-14-44-15.043-AvastVBoxSVC.exe-3600.log 2015-01-02 13:29 - 2015-01-02 13:29 - 00000000 ____D () C:\Users\Marcin_GW\AppData\Local\Criterion Games 2015-01-02 09:16 - 2015-01-02 09:16 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2015-01-01 07:57 - 2015-01-01 07:57 - 00000197 _____ () C:\Windows\system32\2015-01-01-06-57-01.006-AvastVBoxSVC.exe-2880.log 2014-12-31 18:37 - 2015-01-12 15:16 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-12-31 18:36 - 2014-12-31 18:36 - 00001130 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-12-31 18:36 - 2014-12-31 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-12-31 18:36 - 2014-12-31 18:36 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-12-31 18:36 - 2014-12-31 18:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-12-31 18:36 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-12-31 18:36 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-12-31 18:36 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-12-31 17:00 - 2014-12-31 17:01 - 00000197 _____ () C:\Windows\system32\2014-12-31-16-00-30.089-AvastVBoxSVC.exe-3084.log 2014-12-30 18:07 - 2014-12-30 18:07 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-12-30 18:07 - 2014-12-30 18:07 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-12-30 18:07 - 2014-12-30 18:07 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-12-30 18:07 - 2014-12-30 18:07 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-12-30 18:07 - 2014-12-30 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-12-30 15:09 - 2014-12-30 15:09 - 00000197 _____ () C:\Windows\system32\2014-12-30-14-09-10.006-AvastVBoxSVC.exe-2756.log 2014-12-29 15:11 - 2014-12-29 15:11 - 00000197 _____ () C:\Windows\system32\2014-12-29-14-11-06.002-AvastVBoxSVC.exe-3004.log 2014-12-28 07:34 - 2014-12-28 07:34 - 00000197 _____ () C:\Windows\system32\2014-12-28-06-34-36.081-AvastVBoxSVC.exe-3972.log 2014-12-27 08:12 - 2014-12-27 08:12 - 00000197 _____ () C:\Windows\system32\2014-12-27-07-12-17.091-AvastVBoxSVC.exe-2712.log 2014-12-26 11:40 - 2014-12-26 11:40 - 00000000 ____D () C:\Users\Marcin_GW\Documents\Egosoft 2014-12-26 08:22 - 2014-12-26 08:22 - 00000197 _____ () C:\Windows\system32\2014-12-26-07-22-27.011-AvastVBoxSVC.exe-3660.log 2014-12-25 08:21 - 2014-12-25 08:21 - 00000197 _____ () C:\Windows\system32\2014-12-25-07-21-50.090-AvastVBoxSVC.exe-2948.log 2014-12-24 14:29 - 2014-12-24 14:29 - 00000000 ____D () C:\Users\Marcin_GW\Documents\NIGORO 2014-12-23 17:26 - 2014-12-23 17:26 - 00000197 _____ () C:\Windows\system32\2014-12-23-16-26-03.002-AvastVBoxSVC.exe-2700.log 2014-12-23 13:21 - 2014-12-23 13:21 - 00000197 _____ () C:\Windows\system32\2014-12-23-12-21-57.030-AvastVBoxSVC.exe-3708.log 2014-12-23 13:00 - 2014-12-23 13:00 - 00000197 _____ () C:\Windows\system32\2014-12-23-12-00-38.065-AvastVBoxSVC.exe-220.log 2014-12-22 08:59 - 2014-12-22 09:00 - 00000197 _____ () C:\Windows\system32\2014-12-22-07-59-56.016-AvastVBoxSVC.exe-3304.log 2014-12-21 08:11 - 2014-12-21 08:12 - 00000197 _____ () C:\Windows\system32\2014-12-21-07-11-50.011-AvastVBoxSVC.exe-4652.log 2014-12-20 12:31 - 2014-12-20 12:32 - 00000000 ____D () C:\Users\Marcin_GW\Documents\Giana Sisters - Twisted Dreams 2014-12-20 10:46 - 2014-12-20 10:46 - 00000000 ____D () C:\Users\Marcin_GW\Documents\Korra 2014-12-19 18:13 - 2014-12-19 18:13 - 00000197 _____ () C:\Windows\system32\2014-12-19-17-13-17.030-AvastVBoxSVC.exe-3972.log 2014-12-18 18:08 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-18 18:08 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-12-18 18:04 - 2014-12-18 18:04 - 00000197 _____ () C:\Windows\system32\2014-12-18-17-04-09.023-AvastVBoxSVC.exe-3648.log 2014-12-17 18:11 - 2014-12-17 18:12 - 00000197 _____ () C:\Windows\system32\2014-12-17-17-11-52.013-AvastVBoxSVC.exe-2852.log 2014-12-16 18:59 - 2014-12-16 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-12-16 18:58 - 2014-12-16 18:58 - 00000197 _____ () C:\Windows\system32\2014-12-16-17-58-31.048-AvastVBoxSVC.exe-2984.log 2014-12-15 15:11 - 2014-12-15 15:12 - 00000197 _____ () C:\Windows\system32\2014-12-15-14-11-30.068-AvastVBoxSVC.exe-3492.log 2014-12-14 09:31 - 2014-12-14 09:31 - 00000197 _____ () C:\Windows\system32\2014-12-14-08-31-31.082-AvastVBoxSVC.exe-2368.log ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-13 17:42 - 2012-06-21 14:58 - 00001074 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2390189086-3348412821-3457465990-1000UA.job 2015-01-13 17:18 - 2012-05-16 15:31 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-13 17:11 - 2012-05-16 15:12 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-13 16:42 - 2012-06-21 14:57 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2390189086-3348412821-3457465990-1000Core.job 2015-01-13 15:20 - 2012-05-18 10:35 - 00000000 ____D () C:\ProgramData\Adobe 2015-01-13 15:20 - 2012-05-18 10:35 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-01-13 15:12 - 2012-05-16 21:06 - 01216042 _____ () C:\Windows\WindowsUpdate.log 2015-01-13 15:06 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-13 15:06 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-13 15:00 - 2012-07-04 14:30 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-01-13 14:59 - 2012-11-17 22:30 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-13 14:59 - 2012-05-16 15:31 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-13 14:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-13 14:59 - 2009-07-14 05:51 - 00115355 _____ () C:\Windows\setupact.log 2015-01-12 15:05 - 2013-05-08 21:03 - 00000000 ____D () C:\Users\Marcin_GW\AppData\Local\LogMeIn Hamachi 2015-01-10 12:26 - 2012-10-06 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-01-05 08:00 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-01-04 22:30 - 2012-10-06 14:20 - 00000000 ____D () C:\Users\Marcin_GW\AppData\Local\GOG.com 2015-01-02 15:43 - 2013-12-27 16:13 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2015-01-02 09:16 - 2012-05-16 15:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-01-01 09:16 - 2012-10-07 19:07 - 00000000 ____D () C:\Users\Marcin_GW\Documents\SavedGames 2015-01-01 07:54 - 2010-11-21 04:47 - 00316052 _____ () C:\Windows\PFRO.log 2014-12-30 18:09 - 2013-12-20 08:15 - 00000000 ____D () C:\ProgramData\Oracle 2014-12-27 10:47 - 2012-05-19 10:52 - 00000000 ____D () C:\Users\Marcin_GW\Documents\My Games 2014-12-26 19:58 - 2012-06-28 18:48 - 00000000 ____D () C:\Users\Marcin_GW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-12-24 10:48 - 2012-05-16 15:00 - 00000000 ____D () C:\Users\Marcin_GW 2014-12-23 15:18 - 2013-10-17 09:52 - 00000000 ____D () C:\Users\Marcin_GW\AppData\Local\Battle.net 2014-12-17 18:18 - 2014-06-28 15:32 - 00000000 ____D () C:\Users\Marcin_GW\AppData\Local\Adobe 2014-12-17 18:17 - 2012-05-16 15:12 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-12-17 18:17 - 2012-05-16 15:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-12-17 18:17 - 2012-05-16 15:12 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater Some content of TEMP: ==================== C:\Users\Marcin_GW\AppData\Local\Temp\ggdrive-menu.exe C:\Users\Marcin_GW\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\Marcin_GW\AppData\Local\Temp\installstats.exe C:\Users\Marcin_GW\AppData\Local\Temp\install_reader11_pl_mssd_awb_aih.exe C:\Users\Marcin_GW\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Marcin_GW\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Marcin_GW\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe C:\Users\Marcin_GW\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Marcin_GW\AppData\Local\Temp\sfamcc00001.dll C:\Users\Marcin_GW\AppData\Local\Temp\sfamcc00002.dll C:\Users\Marcin_GW\AppData\Local\Temp\sfareca00001.dll C:\Users\Marcin_GW\AppData\Local\Temp\sfareca00002.dll C:\Users\Marcin_GW\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-05 03:02 ==================== End Of Log ============================