Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Tomek K (administrator) on WINOMANCER on 25-03-2015 23:33:58 Running from C:\Users\Tomek K\Desktop Loaded Profiles: Tomek K (Available profiles: Tomek K) Platform: Windows 7 Ultimate (X64) OS Language: Polski (Polska) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Windows\System32\PnkBstrA.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe () C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Razer USA Ltd.) C:\Program Files (x86)\Razer\Arctosa\razerhid.exe () C:\Program Files (x86)\Razer\Copperhead\razerhid.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Razer Inc.) C:\Program Files (x86)\Razer\Copperhead\razerofa.exe (ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (cyberlink) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-01] (AVAST Software) HKLM-x32\...\Run: [Arctosa] => C:\Program Files (x86)\Razer\Arctosa\razerhid.exe [147456 2008-10-06] (Razer USA Ltd.) HKLM-x32\...\Run: [razer] => C:\Program Files (x86)\Razer\Copperhead\razerhid.exe [155648 2005-10-08] () HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-3497824697-1148303026-598220817-1000\...\Run: [ASRockXTU] => [X] HKU\S-1-5-21-3497824697-1148303026-598220817-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-3497824697-1148303026-598220817-1000\...\Run: [EADM] => e:\Program Files (x86)\Origin\Origin.exe [3632472 2015-03-25] (Electronic Arts) HKU\S-1-5-21-3497824697-1148303026-598220817-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation) HKU\S-1-5-21-3497824697-1148303026-598220817-1000\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [7887872 2014-01-15] () HKU\S-1-5-21-3497824697-1148303026-598220817-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => No File ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => No File ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => No File ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3497824697-1148303026-598220817-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3497824697-1148303026-598220817-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-01] (AVAST Software) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-01] (AVAST Software) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Tomek K\AppData\Roaming\Mozilla\Firefox\Profiles\aaqanr7m.default-1427320783786 FF Homepage: google.pl FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin HKU\S-1-5-21-3497824697-1148303026-598220817-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-03-05] () FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-15] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-01] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-01] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-02-01] (Avast Software) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink) S3 DAUpdaterSvc; e:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-03-04] (EasyAntiCheat Ltd) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-03-25] (Electronic Arts) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-15] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-13] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology) R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-01] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-02-01] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-01] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-01] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-01] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-01] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-01] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-01] () R3 CMUAC; C:\Windows\System32\DRIVERS\Headset6400x1.SYS [386560 2013-10-03] (A4Tech Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-15] (Disc Soft Ltd) S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2012-01-18] (http://libusb-win32.sourceforge.net) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-25] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-02-01] (Avast Software) R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited) S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X] S3 MSICDSetup; \??\H:\CDriver64.sys [X] ========================== Drivers MD5 ======================= C:\Windows\system32\DRIVERS\1394ohci.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys DB9D6C6B2CD95A9CA414D045B627422E C:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\atikmdag.sys A87FC6E3670DB55788184FE3A3808712 C:\Windows\System32\DRIVERS\atikmpag.sys 971F3B12C24BB83B48F8CCA2ED019906 C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdsata.sys 7A4B413614C055935567CF88A9734D38 C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\amdxata.sys ==> MD5 is legit C:\Windows\system32\drivers\appid.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\asahci64.sys EB6DC008A1F36DFD7999EB57E97EAACE C:\Windows\System32\DRIVERS\AsrRamDisk.sys 0C3F9E39C0B10D351026D580D9FF6F86 C:\Windows\system32\drivers\aswHwid.sys 9BE9F2B83DE80E2752B1405CC427E2EC C:\Windows\system32\drivers\aswMonFlt.sys 2DA1C1AEDF454F8E32A863A1AEACDD8C C:\Windows\system32\drivers\aswRdr2.sys 4750016EF9CC1DEC6DA3FE5AF9A7F095 C:\Windows\System32\Drivers\aswRvrt.sys 1323269A92645705DEFA053F3596829D C:\Windows\system32\drivers\aswSnx.sys E74FD717476B30E23F45354B8F3ACB30 C:\Windows\system32\drivers\aswSP.sys B1881A01E301990B671694CA1623F1B6 C:\Windows\system32\drivers\aswStm.sys 7509F07BA6F84C1E3B2C0D78A1F6F782 C:\Windows\System32\Drivers\aswVmm.sys 1A5BDDE65B648DC3AD48B6ECAA3AE9C8 C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit C:\Windows\System32\drivers\AtihdW76.sys 33497249626E7787AA5CEA99B226CCA6 C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Headset6400x1.SYS 0EFBD4449247B42870E7E659D3B5F942 C:\Windows\System32\Drivers\cng.sys CA7720B73446FDDEC5C69519C1174C98 C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lvbflt64.sys 59D203C3F46F3CA536ECAC0E084CD887 C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit C:\Windows\System32\drivers\csc.sys 4A6173C2279B498CD8F57CAE504564CB C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\dtsoftbus01.sys 33F90B202E9DD9B7D489EB59310FDC34 C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\Drivers\Fs_Rec.sys D3E3F93D67821A2DB2B3D9FAC2DC2064 C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\i8042prt.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\iaStorV.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit C:\Windows\System32\drivers\RTKVHD64.sys 6BDCC85422817FA53CD705ADE312CE6A C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\iusb3hcs.sys D596D915CF091DA1F8CE4BD38BB5D509 C:\Windows\System32\DRIVERS\iusb3hub.sys 023896E23B61543A15A230EED996D911 C:\Windows\System32\DRIVERS\iusb3xhc.sys 7FAEC13F1ADD619F4B5B2D2CBF841E8E C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys 4F4B5FDE429416877DE7143044582EB5 C:\Windows\System32\Drivers\ksecpkg.sys 6F40465A44ECDC1731BEFAFEC5BDD03C C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\libusb0.sys C7D21310EA0A644AA6394DE1E46E3D31 C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lvrs64.sys 0C85B2B6FB74B36A251792D45E0EF860 C:\Windows\System32\DRIVERS\lvuvc64.sys FF3A488924B0032B1A9CA6948C1FA9E8 C:\Windows\system32\drivers\mbam.sys CF12E148C6FC151335B7D7FE03F1C7A2 C:\Windows\system32\drivers\MBAMSwissArmy.sys E9CD058C79EA15B4AA93E259FA713B07 C:\Windows\system32\drivers\mwac.sys 0CE2F3E26C770CBAEB50787A2C1FD09E C:\Windows\System32\drivers\MBfilt64.sys 8FF2D95CBA49B405C5DE27039FF0BF35 C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mrxsmb10.sys F0067552F8F9B33D7C59403AB808A3CB C:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\msahci.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys 9A6089B056EA1B83B36424FC9D0A300E C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\nvraid.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\nvstor.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys 90061B1ACFE8CCAA5345750FFE08D8B8 C:\Windows\System32\DRIVERS\pci.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pciide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpdr.sys 9706B84DBABFC4B4CA46C5A82B14DFA3 C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\Drivers\RDPWD.sys 447DE7E3DEA39D422C1504F245B668B1 C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Rt64win7.sys 9140DB0911DE035FED0A9A77A2D156EA C:\Windows\system32\DRIVERS\vms3cap.sys 88AF6E02AB19DF7FD07ECDF9C91E9AF6 C:\Windows\system32\DRIVERS\sbp2port.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\srv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\srv2.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\srvnet.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vmstorfl.sys FFD7A6F15B14234B5B0E5D49E7961895 C:\Windows\system32\DRIVERS\storvsc.sys 8FCCBEFC5C440B3C23454656E551B09A C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit C:\Windows\System32\drivers\tcpip.sys 5CFB7AB8F9524D1A1E14369DE63B83CC C:\Windows\System32\DRIVERS\tcpip.sys 5CFB7AB8F9524D1A1E14369DE63B83CC C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\drivers\tdtcp.sys 7518F7BCFD4B308ABC9192BACAF6C970 C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit C:\Windows\System32\drivers\usbaudio.sys 77B01BC848298223A95D4EC23E1785A1 C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbehci.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\usbohci.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbser.sys 0F0C72A657C622286013788B886968AD C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit C:\Windows\system32\DRIVERS\usbuhci.sys ==> MD5 is legit C:\Windows\System32\Drivers\usbvideo.sys ==> MD5 is legit C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys 1352B215BDC5807A5641E7C143796DD7 C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\vhdmp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\vmbus.sys 1501699D7EDA984ABC4155A7DA5738D1 C:\Windows\system32\DRIVERS\VMBusHID.sys AE10C35761889E65A6F7176937C5592C C:\Windows\System32\DRIVERS\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\volsnap.sys 9E425AC5C9A5A973273D169F43B4F5E1 C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\WinUsb.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit C:\Windows\System32\drivers\xspltspk.sys 377F3E3467A8BFA3CDC921AD6425D513 ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== Three Months Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-25 23:01 - 2015-03-25 23:34 - 00028057 _____ () C:\Users\Tomek K\Desktop\FRST.txt 2015-03-25 23:01 - 2015-03-25 23:01 - 00042512 _____ () C:\Users\Tomek K\Desktop\Addition.txt 2015-03-25 22:59 - 2015-03-25 22:59 - 00000000 ____D () C:\Users\Tomek K\Desktop\Stare dane programu Firefox 2015-03-25 22:54 - 2015-03-25 23:33 - 00000000 ____D () C:\FRST 2015-03-25 22:53 - 2015-03-25 22:53 - 02095616 _____ (Farbar) C:\Users\Tomek K\Desktop\FRST64.exe 2015-03-25 22:38 - 2015-03-25 22:38 - 00135560 _____ () C:\Users\Tomek K\AppData\Local\GDIPFONTCACHEV1.DAT 2015-03-25 21:54 - 2015-03-25 21:54 - 00002798 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-03-25 21:54 - 2015-03-25 21:54 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-03-25 21:54 - 2015-03-25 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-03-25 21:54 - 2015-03-25 21:54 - 00000000 ____D () C:\Program Files\CCleaner 2015-03-25 21:52 - 2015-03-25 21:52 - 00000197 _____ () C:\Windows\system32\2015-03-25-20-52-32.057-AvastVBoxSVC.exe-2768.log 2015-03-25 21:47 - 2015-03-25 21:50 - 00000000 ____D () C:\AdwCleaner 2015-03-25 21:46 - 2015-03-25 21:46 - 02168320 _____ () C:\Users\Tomek K\Desktop\AdwCleaner.exe 2015-03-25 21:43 - 2015-03-25 21:43 - 00000197 _____ () C:\Windows\system32\2015-03-25-20-43-34.026-AvastVBoxSVC.exe-3004.log 2015-03-25 21:39 - 2015-03-25 21:39 - 00001076 _____ () C:\Windows\system32\.crusader 2015-03-25 21:32 - 2015-03-25 21:39 - 00000000 ____D () C:\ProgramData\HitmanPro 2015-03-25 21:32 - 2015-03-25 21:32 - 10995632 _____ (SurfRight B.V.) C:\Users\Tomek K\Desktop\HitmanPro_x64.exe 2015-03-25 21:14 - 2015-03-25 21:14 - 00000197 _____ () C:\Windows\system32\2015-03-25-20-14-17.099-AvastVBoxSVC.exe-3032.log 2015-03-25 21:02 - 2015-03-25 22:42 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-25 21:01 - 2015-03-25 21:01 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-03-25 21:01 - 2015-03-25 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-03-25 21:01 - 2015-03-25 21:01 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-25 21:01 - 2015-03-25 21:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-03-25 21:01 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-25 21:01 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-25 21:01 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-25 20:56 - 2015-03-25 20:56 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-03-25 20:56 - 2015-03-25 20:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-25 20:56 - 2015-03-25 20:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-25 20:55 - 2015-03-25 20:55 - 41793032 _____ () C:\Users\Tomek K\Downloads\Firefox%20Setup%2036.0.4.exe 2015-03-25 20:06 - 2015-03-25 20:06 - 00000197 _____ () C:\Windows\system32\2015-03-25-19-06-25.011-AvastVBoxSVC.exe-2580.log 2015-03-25 14:20 - 2015-03-25 14:20 - 00000197 _____ () C:\Windows\system32\2015-03-25-13-20-29.052-AvastVBoxSVC.exe-4680.log 2015-03-24 19:39 - 2015-03-24 19:39 - 00000222 _____ () C:\Users\Tomek K\Desktop\The Mighty Quest For Epic Loot.url 2015-03-24 10:10 - 2015-03-24 10:10 - 00000197 _____ () C:\Windows\system32\2015-03-24-09-10-32.062-AvastVBoxSVC.exe-3688.log 2015-03-23 16:35 - 2015-03-23 16:35 - 00000550 _____ () C:\Users\Tomek K\Desktop\eclipse.lnk 2015-03-23 16:34 - 2015-03-23 16:34 - 00000000 ____D () C:\Users\Tomek K\AppData\Local\Eclipse 2015-03-23 16:33 - 2015-03-23 16:34 - 00000000 ____D () C:\Java programy 2015-03-23 16:32 - 2015-03-23 16:33 - 00000000 ____D () C:\eclipse 2015-03-23 10:10 - 2015-03-23 10:11 - 00000197 _____ () C:\Windows\system32\2015-03-23-09-10-47.098-AvastVBoxSVC.exe-2768.log 2015-03-22 11:00 - 2015-03-22 11:01 - 00000197 _____ () C:\Windows\system32\2015-03-22-10-00-49.072-AvastVBoxSVC.exe-3788.log 2015-03-21 10:51 - 2015-03-21 10:51 - 00000197 _____ () C:\Windows\system32\2015-03-21-09-51-17.076-AvastVBoxSVC.exe-3668.log 2015-03-20 20:23 - 2015-03-20 20:26 - 00000000 ____D () C:\Users\Tomek K\Documents\Orcs Must Die 2015-03-20 12:24 - 2015-03-20 12:24 - 00000220 _____ () C:\Users\Tomek K\Desktop\Borderlands.url 2015-03-20 09:52 - 2015-03-20 09:52 - 00000222 _____ () C:\Users\Tomek K\Desktop\Disciples III Resurrection.url 2015-03-20 09:52 - 2015-03-20 09:52 - 00000221 _____ () C:\Users\Tomek K\Desktop\Disciples III Renaissance.url 2015-03-20 09:45 - 2015-03-20 09:45 - 00000221 _____ () C:\Users\Tomek K\Desktop\Star Wars Knights of the Old Republic.url 2015-03-20 09:37 - 2015-03-20 09:37 - 00000197 _____ () C:\Windows\system32\2015-03-20-08-37-11.055-AvastVBoxSVC.exe-2792.log 2015-03-19 23:58 - 2015-03-19 23:58 - 00000222 _____ () C:\Users\Tomek K\Desktop\Orcs Must Die!.url 2015-03-19 23:58 - 2015-03-19 23:58 - 00000222 _____ () C:\Users\Tomek K\Desktop\Galaxy on Fire 2 Full HD.url 2015-03-19 23:51 - 2015-03-19 23:51 - 00000221 _____ () C:\Users\Tomek K\Desktop\Might & Magic Clash of Heroes.url 2015-03-19 23:41 - 2015-03-19 23:41 - 00000221 _____ () C:\Users\Tomek K\Desktop\Fantasy Wars.url 2015-03-19 20:21 - 2015-03-19 20:21 - 00000197 _____ () C:\Windows\system32\2015-03-19-19-21-11.019-AvastVBoxSVC.exe-2652.log 2015-03-19 12:55 - 2015-03-19 12:57 - 00000000 ____D () C:\Users\Tomek K\Documents\Prototype 2015-03-19 12:20 - 2015-03-19 12:20 - 00000197 _____ () C:\Windows\system32\2015-03-19-11-20-08.096-AvastVBoxSVC.exe-2688.log 2015-03-18 22:27 - 2015-03-18 22:27 - 00000985 _____ () C:\Users\Tomek K\Desktop\Play PROTOTYPE.lnk 2015-03-18 17:56 - 2015-03-18 17:56 - 00000197 _____ () C:\Windows\system32\2015-03-18-16-56-17.052-AvastVBoxSVC.exe-3648.log 2015-03-18 16:50 - 2015-03-18 16:50 - 00000197 _____ () C:\Windows\system32\2015-03-18-15-50-47.091-AvastVBoxSVC.exe-2492.log 2015-03-18 15:59 - 2015-03-18 15:59 - 00000197 _____ () C:\Windows\system32\2015-03-18-14-59-02.062-AvastVBoxSVC.exe-2604.log 2015-03-18 12:51 - 2015-03-18 12:52 - 00000197 _____ () C:\Windows\system32\2015-03-18-11-51-46.030-AvastVBoxSVC.exe-2772.log 2015-03-17 11:53 - 2015-03-17 11:53 - 00000197 _____ () C:\Windows\system32\2015-03-17-10-53-26.080-AvastVBoxSVC.exe-2892.log 2015-03-17 01:18 - 2015-03-17 01:18 - 00000222 _____ () C:\Users\Tomek K\Desktop\Space Hack.url 2015-03-16 19:06 - 2015-03-16 19:06 - 00000222 _____ () C:\Users\Tomek K\Desktop\South Park The Stick of Truth.url 2015-03-16 11:18 - 2015-03-16 11:19 - 00000197 _____ () C:\Windows\system32\2015-03-16-10-18-44.017-AvastVBoxSVC.exe-2904.log 2015-03-15 17:28 - 2015-03-15 17:28 - 00000197 _____ () C:\Windows\system32\2015-03-15-16-28-01.039-AvastVBoxSVC.exe-1688.log 2015-03-14 11:27 - 2015-03-14 11:30 - 00000000 ____D () C:\Users\Tomek K\AppData\Roaming\Winamp 2015-03-14 10:55 - 2015-03-14 10:55 - 00000197 _____ () C:\Windows\system32\2015-03-14-09-55-07.027-AvastVBoxSVC.exe-2724.log 2015-03-13 23:03 - 2015-03-13 23:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA 2015-03-13 10:22 - 2015-03-13 10:22 - 00000197 _____ () C:\Windows\system32\2015-03-13-09-22-19.036-AvastVBoxSVC.exe-2404.log 2015-03-12 20:15 - 2015-03-12 20:15 - 00000197 _____ () C:\Windows\system32\2015-03-12-19-15-35.004-AvastVBoxSVC.exe-3032.log 2015-03-12 19:10 - 2015-03-12 19:10 - 00000197 _____ () C:\Windows\system32\2015-03-12-18-10-09.023-AvastVBoxSVC.exe-2556.log 2015-03-12 12:59 - 2015-03-12 12:59 - 00000197 _____ () C:\Windows\system32\2015-03-12-11-59-34.011-AvastVBoxSVC.exe-2604.log 2015-03-12 09:29 - 2015-03-12 09:29 - 00000197 _____ () C:\Windows\system32\2015-03-12-08-29-33.027-AvastVBoxSVC.exe-2552.log 2015-03-11 22:07 - 2015-03-11 22:07 - 00000874 _____ () C:\Users\Tomek K\Desktop\Darkest.lnk 2015-03-11 18:12 - 2015-03-11 18:12 - 00157249 _____ () C:\Users\Tomek K\Desktop\Szablon plakatu pracy dyplomowej.pptx 2015-03-11 16:04 - 2015-03-11 16:04 - 00000197 _____ () C:\Windows\system32\2015-03-11-15-04-04.009-AvastVBoxSVC.exe-2616.log 2015-03-11 12:18 - 2015-03-11 12:18 - 00000197 _____ () C:\Windows\system32\2015-03-11-11-18-28.032-AvastVBoxSVC.exe-2632.log 2015-03-10 16:33 - 2015-03-10 16:33 - 00000000 ____D () C:\Users\Tomek K\AppData\Local\SplitmediaLabs 2015-03-10 16:26 - 2015-03-10 16:26 - 00001218 _____ () C:\Users\Public\Desktop\XSplit Gamecaster.lnk 2015-03-10 16:26 - 2015-03-10 16:26 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2015-03-10 16:26 - 2015-03-10 16:26 - 00000000 ____D () C:\ProgramData\SplitMediaLabs 2015-03-10 16:26 - 2015-03-10 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit 2015-03-10 16:26 - 2015-03-10 16:26 - 00000000 ____D () C:\Program Files (x86)\SplitmediaLabs 2015-03-10 16:25 - 2015-03-10 16:25 - 00000000 ____D () C:\Users\Tomek K\AppData\Roaming\SplitmediaLabs 2015-03-10 10:12 - 2015-03-10 10:12 - 00000197 _____ () C:\Windows\system32\2015-03-10-09-12-31.018-AvastVBoxSVC.exe-2636.log 2015-03-09 19:18 - 2015-03-09 19:18 - 00000197 _____ () C:\Windows\system32\2015-03-09-18-18-07.098-AvastVBoxSVC.exe-2552.log 2015-03-09 13:02 - 2015-03-09 13:02 - 00000000 ____D () C:\Windows\DA909E623B454BA18B58FCAEBA4BCEC9.TMP 2015-03-09 09:24 - 2015-03-09 09:24 - 00000197 _____ () C:\Windows\system32\2015-03-09-08-24-54.036-AvastVBoxSVC.exe-2472.log 2015-03-08 22:29 - 2015-03-08 22:29 - 00000197 _____ () C:\Windows\system32\2015-03-08-21-29-33.085-AvastVBoxSVC.exe-2620.log 2015-03-08 20:34 - 2015-03-09 11:28 - 00017262 _____ () C:\Users\Tomek K\Desktop\Suche wyniki.xlsx 2015-03-08 20:21 - 2015-03-08 20:21 - 00011878 _____ () C:\Users\Tomek K\Desktop\Tabela Obserw..xlsx 2015-03-08 13:47 - 2015-03-08 13:48 - 00000197 _____ () C:\Windows\system32\2015-03-08-12-47-47.093-AvastVBoxSVC.exe-2864.log 2015-03-08 09:45 - 2015-03-08 09:46 - 00000197 _____ () C:\Windows\system32\2015-03-08-08-45-55.025-AvastVBoxSVC.exe-2840.log 2015-03-07 11:18 - 2015-03-07 11:18 - 00000197 _____ () C:\Windows\system32\2015-03-07-10-18-26.016-AvastVBoxSVC.exe-2808.log 2015-03-07 00:15 - 2015-03-07 00:16 - 00000197 _____ () C:\Windows\system32\2015-03-06-23-15-39.055-AvastVBoxSVC.exe-2568.log 2015-03-06 16:20 - 2015-03-06 16:20 - 00000197 _____ () C:\Windows\system32\2015-03-06-15-20-22.058-AvastVBoxSVC.exe-1252.log 2015-03-06 14:35 - 2015-03-06 14:35 - 05208640 _____ () C:\Users\Tomek K\Desktop\The-Heavy_Short-Change-Hero_v1_p.psarc 2015-03-06 11:00 - 2015-03-06 11:01 - 00000197 _____ () C:\Windows\system32\2015-03-06-10-00-49.072-AvastVBoxSVC.exe-2532.log 2015-03-05 10:02 - 2015-03-05 10:02 - 00000197 _____ () C:\Windows\system32\2015-03-05-09-02-45.029-AvastVBoxSVC.exe-1960.log 2015-03-04 20:51 - 2015-03-04 20:51 - 00000000 ____D () C:\Users\Tomek K\AppData\Roaming\.mono 2015-03-04 20:50 - 2015-03-04 20:39 - 00237864 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe 2015-03-04 20:38 - 2015-03-04 20:38 - 00000222 _____ () C:\Users\Tomek K\Desktop\Robocraft.url 2015-03-04 10:33 - 2015-03-04 10:34 - 00000197 _____ () C:\Windows\system32\2015-03-04-09-33-38.048-AvastVBoxSVC.exe-3240.log 2015-03-03 10:18 - 2015-03-03 10:18 - 00000197 _____ () C:\Windows\system32\2015-03-03-09-18-19.016-AvastVBoxSVC.exe-2696.log 2015-03-03 00:40 - 2015-03-03 00:42 - 00000000 ____D () C:\Users\Tomek K\AppData\Local\squishy 2015-03-02 22:03 - 2015-03-02 22:03 - 00000222 _____ () C:\Users\Tomek K\Desktop\Squishy the Suicidal Pig.url 2015-03-02 21:55 - 2015-03-02 21:56 - 00000197 _____ () C:\Windows\system32\2015-03-02-20-55-48.009-AvastVBoxSVC.exe-2504.log 2015-03-02 13:56 - 2015-03-02 13:56 - 00000197 _____ () C:\Windows\system32\2015-03-02-12-56-30.078-AvastVBoxSVC.exe-3064.log 2015-03-02 10:20 - 2015-03-02 10:20 - 00000197 _____ () C:\Windows\system32\2015-03-02-09-20-28.052-AvastVBoxSVC.exe-2940.log 2015-03-01 09:45 - 2015-03-01 09:46 - 00000197 _____ () C:\Windows\system32\2015-03-01-08-45-59.008-AvastVBoxSVC.exe-2748.log 2015-03-01 00:31 - 2015-03-01 00:31 - 00000197 _____ () C:\Windows\system32\2015-02-28-23-31-04.087-AvastVBoxSVC.exe-2820.log 2015-02-28 16:55 - 2015-02-28 16:55 - 00000576 _____ () C:\Users\Tomek K\Desktop\Wiedźmin Edycja Rozszerzona.lnk 2015-02-28 16:54 - 2015-03-04 20:52 - 00000000 ____D () C:\Users\Tomek K\AppData\Local\The Witcher 2015-02-28 16:54 - 2015-02-28 18:02 - 00000000 ____D () C:\Users\Tomek K\Documents\The Witcher 2015-02-28 16:39 - 2015-02-28 17:03 - 00000000 ____D () C:\Users\Public\Documents\The Witcher 2015-02-28 10:48 - 2015-02-28 10:48 - 00000197 _____ () C:\Windows\system32\2015-02-28-09-48-12.068-AvastVBoxSVC.exe-3068.log 2015-02-27 10:38 - 2015-02-27 10:39 - 00000197 _____ () C:\Windows\system32\2015-02-27-09-38-42.030-AvastVBoxSVC.exe-3172.log 2015-02-26 18:56 - 2015-02-26 18:57 - 00000197 _____ () C:\Windows\system32\2015-02-26-17-56-45.059-AvastVBoxSVC.exe-1228.log 2015-02-26 10:51 - 2015-02-26 10:51 - 00000197 _____ () C:\Windows\system32\2015-02-26-09-51-03.082-AvastVBoxSVC.exe-2804.log 2015-02-25 23:12 - 2015-02-25 23:12 - 00000222 _____ () C:\Users\Tomek K\Desktop\ENSLAVED Odyssey to the West Premium Edition.url 2015-02-25 16:44 - 2015-02-25 16:44 - 00000197 _____ () C:\Windows\system32\2015-02-25-15-44-35.027-AvastVBoxSVC.exe-1644.log 2015-02-25 16:40 - 2015-02-25 16:40 - 00000197 _____ () C:\Windows\system32\2015-02-25-15-40-02.085-AvastVBoxSVC.exe-2692.log 2015-02-25 13:38 - 2015-02-25 13:38 - 00000197 _____ () C:\Windows\system32\2015-02-25-12-38-20.068-AvastVBoxSVC.exe-3508.log 2015-02-24 20:11 - 2015-02-24 20:12 - 00000197 _____ () C:\Windows\system32\2015-02-24-19-11-19.053-AvastVBoxSVC.exe-2448.log 2015-02-24 09:56 - 2015-02-24 09:56 - 00000197 _____ () C:\Windows\system32\2015-02-24-08-56-48.018-AvastVBoxSVC.exe-2732.log 2015-02-23 18:09 - 2015-02-23 18:09 - 00000197 _____ () C:\Windows\system32\2015-02-23-17-09-10.071-AvastVBoxSVC.exe-2660.log 2015-02-23 15:26 - 2015-02-23 15:26 - 00000197 _____ () C:\Windows\system32\2015-02-23-14-26-08.005-AvastVBoxSVC.exe-2612.log 2015-02-23 12:18 - 2015-02-23 12:19 - 00000197 _____ () C:\Windows\system32\2015-02-23-11-18-55.033-AvastVBoxSVC.exe-2688.log 2015-02-22 21:08 - 2015-02-22 21:08 - 00000197 _____ () C:\Windows\system32\2015-02-22-20-08-01.042-AvastVBoxSVC.exe-1092.log 2015-02-22 18:09 - 2015-02-22 18:11 - 00000000 ____D () C:\Users\Tomek K\AppData\Roaming\GofinDruki 2015-02-22 18:09 - 2015-02-22 18:09 - 00000000 ____D () C:\Users\Tomek K\Documents\DRUKI Gofin 2015-02-22 16:01 - 2015-02-22 16:01 - 00000000 ____D () C:\Users\Tomek K\Documents\Pit GOFIN 2015-02-22 11:21 - 2015-02-22 11:21 - 00000197 _____ () C:\Windows\system32\2015-02-22-10-21-07.014-AvastVBoxSVC.exe-2732.log 2015-02-21 20:47 - 2015-02-21 20:47 - 00000197 _____ () C:\Windows\system32\2015-02-21-19-47-46.046-AvastVBoxSVC.exe-2688.log 2015-02-21 08:59 - 2015-02-21 09:00 - 00000197 _____ () C:\Windows\system32\2015-02-21-07-59-43.075-AvastVBoxSVC.exe-2640.log 2015-02-20 18:19 - 2015-02-20 18:19 - 00000197 _____ () C:\Windows\system32\2015-02-20-17-19-31.007-AvastVBoxSVC.exe-2820.log 2015-02-20 18:14 - 2015-02-20 18:14 - 00002249 _____ () C:\Users\Public\Desktop\ToneMaker 1.lnk 2015-02-20 18:14 - 2015-02-20 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody 2015-02-20 18:14 - 2015-02-20 18:14 - 00000000 ____D () C:\Program Files (x86)\BloodyToneMaker 2015-02-20 18:14 - 2013-10-03 09:06 - 00386560 _____ (A4Tech Inc.) C:\Windows\system32\Drivers\Headset6400x1.SYS 2015-02-20 18:14 - 2013-08-28 15:05 - 01965312 _____ (C-Media Electronics Inc.) C:\Windows\system32\CMXearSurr.dll 2015-02-20 18:14 - 2013-08-28 15:05 - 00961616 _____ (C-Media Electronics Inc.) C:\Windows\system32\CMAPOMain.dll 2015-02-20 18:14 - 2013-08-28 15:05 - 00841624 _____ (C-Media Electronics Inc.) C:\Windows\system32\CMXearLiving10.dll 2015-02-20 18:14 - 2013-08-28 15:05 - 00809664 _____ (C-Media Electronics Inc.) C:\Windows\system32\CMXearVoClear.dll 2015-02-20 18:14 - 2013-08-28 15:05 - 00720584 _____ (C-Media Electronics Inc.) C:\Windows\system32\CMXearSingFX.dll 2015-02-20 18:14 - 2013-08-28 15:05 - 00129864 _____ (C-Media Electronics Inc.) C:\Windows\system32\CMXearSonic.dll 2015-02-20 18:14 - 2013-08-28 15:05 - 00080896 _____ (C-Media Electronics Inc.) C:\Windows\system32\CMEffectPropPage.dll 2015-02-20 18:14 - 2013-08-28 15:05 - 00074304 _____ (C-Media Electronics Inc.) C:\Windows\system32\CMEffectGFX.dll 2015-02-20 18:14 - 2013-08-28 15:05 - 00070184 _____ (C-Media Electronics Inc.) C:\Windows\system32\CMEffectLFX.dll 2015-02-20 18:14 - 2013-08-28 15:05 - 00064528 _____ (C-Media Electronics Inc.) C:\Windows\system32\CMMicEffectLFX.dll 2015-02-20 17:09 - 2015-02-20 17:09 - 04225902 _____ () C:\Users\Tomek K\Desktop\The-Offspring_Youre-Gonna-Go-Far-Kid_v1_1_p.psarc 2015-02-20 15:06 - 2015-02-20 15:07 - 00000197 _____ () C:\Windows\system32\2015-02-20-14-06-50.064-AvastVBoxSVC.exe-2960.log 2015-02-20 09:16 - 2015-02-20 09:16 - 00000197 _____ () C:\Windows\system32\2015-02-20-08-16-28.031-AvastVBoxSVC.exe-2700.log 2015-02-19 10:35 - 2015-02-19 10:36 - 00000247 _____ () C:\Windows\system32\2015-02-19-09-35-47.014-aswFe.exe-3124.log 2015-02-19 10:32 - 2015-02-19 10:35 - 00000247 _____ () C:\Windows\system32\2015-02-19-09-32-00.093-aswFe.exe-4056.log 2015-02-19 10:31 - 2015-02-19 10:31 - 00000197 _____ () C:\Windows\system32\2015-02-19-09-31-56.078-AvastVBoxSVC.exe-4976.log 2015-02-19 10:27 - 2015-02-19 10:27 - 00000000 ____D () C:\Users\Tomek K\AppData\Local\Steam 2015-02-18 22:35 - 2015-02-18 22:35 - 00000197 _____ () C:\Windows\system32\2015-02-18-21-35-04.046-AvastVBoxSVC.exe-4164.log 2015-02-18 10:28 - 2015-02-18 10:28 - 00000197 _____ () C:\Windows\system32\2015-02-18-09-28-06.045-AvastVBoxSVC.exe-2808.log 2015-02-17 08:36 - 2015-02-17 08:36 - 00000197 _____ () C:\Windows\system32\2015-02-17-07-36-42.069-AvastVBoxSVC.exe-2768.log 2015-02-16 17:09 - 2015-02-16 17:09 - 00000197 _____ () C:\Windows\system32\2015-02-16-16-09-17.016-AvastVBoxSVC.exe-2576.log 2015-02-16 13:57 - 2015-02-16 13:57 - 00000197 _____ () C:\Windows\system32\2015-02-16-12-57-33.018-AvastVBoxSVC.exe-2828.log 2015-02-16 08:17 - 2015-02-16 08:17 - 00000197 _____ () C:\Windows\system32\2015-02-16-07-17-17.026-AvastVBoxSVC.exe-3016.log 2015-02-16 01:15 - 2015-02-16 01:15 - 00000197 _____ () C:\Windows\system32\2015-02-16-00-15-11.022-AvastVBoxSVC.exe-2744.log 2015-02-16 01:02 - 2015-02-16 01:02 - 00000197 _____ () C:\Windows\system32\2015-02-16-00-02-48.096-AvastVBoxSVC.exe-2624.log 2015-02-16 00:50 - 2015-02-16 00:51 - 00000197 _____ () C:\Windows\system32\2015-02-15-23-50-56.038-AvastVBoxSVC.exe-2824.log 2015-02-15 09:41 - 2015-02-15 09:41 - 00000197 _____ () C:\Windows\system32\2015-02-15-08-41-07.017-AvastVBoxSVC.exe-2996.log 2015-02-14 22:38 - 2015-02-14 22:38 - 00000197 _____ () C:\Windows\system32\2015-02-14-21-38-39.063-AvastVBoxSVC.exe-2920.log 2015-02-14 10:06 - 2015-02-14 10:07 - 00000197 _____ () C:\Windows\system32\2015-02-14-09-06-54.066-AvastVBoxSVC.exe-1776.log 2015-02-13 11:13 - 2015-02-13 11:13 - 00000197 _____ () C:\Windows\system32\2015-02-13-10-13-46.047-AvastVBoxSVC.exe-3056.log 2015-02-12 19:03 - 2015-02-12 19:03 - 00000868 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk 2015-02-12 19:03 - 2015-02-12 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm 2015-02-12 13:57 - 2015-02-12 13:57 - 00000197 _____ () C:\Windows\system32\2015-02-12-12-57-15.042-AvastVBoxSVC.exe-2772.log 2015-02-12 09:52 - 2015-02-12 09:52 - 00000197 _____ () C:\Windows\system32\2015-02-12-08-52-01.026-AvastVBoxSVC.exe-3340.log 2015-02-11 09:45 - 2015-02-11 09:45 - 00000197 _____ () C:\Windows\system32\2015-02-11-08-45-41.050-AvastVBoxSVC.exe-3004.log 2015-02-10 15:51 - 2015-02-10 15:51 - 00000197 _____ () C:\Windows\system32\2015-02-10-14-51-17.054-AvastVBoxSVC.exe-3052.log 2015-02-10 13:11 - 2015-02-10 13:11 - 00000197 _____ () C:\Windows\system32\2015-02-10-12-11-19.033-AvastVBoxSVC.exe-4264.log 2015-02-10 09:24 - 2015-02-10 09:25 - 00000197 _____ () C:\Windows\system32\2015-02-10-08-24-40.086-AvastVBoxSVC.exe-1864.log 2015-02-09 10:21 - 2015-02-09 10:21 - 00000197 _____ () C:\Windows\system32\2015-02-09-09-21-09.048-AvastVBoxSVC.exe-3720.log 2015-02-08 10:44 - 2015-02-08 10:44 - 00000197 _____ () C:\Windows\system32\2015-02-08-09-44-25.014-AvastVBoxSVC.exe-2476.log 2015-02-07 11:13 - 2015-02-07 11:13 - 00000197 _____ () C:\Windows\system32\2015-02-07-10-13-21.020-AvastVBoxSVC.exe-2568.log 2015-02-06 22:36 - 2015-02-06 22:36 - 00000197 _____ () C:\Windows\system32\2015-02-06-21-36-46.004-AvastVBoxSVC.exe-3068.log 2015-02-06 14:01 - 2015-02-06 14:01 - 00000197 _____ () C:\Windows\system32\2015-02-06-13-01-18.042-AvastVBoxSVC.exe-2744.log 2015-02-05 13:22 - 2015-02-05 13:23 - 00000197 _____ () C:\Windows\system32\2015-02-05-12-22-59.042-AvastVBoxSVC.exe-2652.log 2015-02-05 10:17 - 2015-02-05 10:17 - 00000197 _____ () C:\Windows\system32\2015-02-05-09-17-03.059-AvastVBoxSVC.exe-4224.log 2015-02-04 23:56 - 2015-02-04 23:56 - 00000000 ____D () C:\Users\Tomek K\Documents\RIFT 2015-02-04 23:56 - 2015-02-04 23:56 - 00000000 ____D () C:\Users\Tomek K\AppData\Roaming\RIFT 2015-02-04 11:45 - 2015-02-04 11:45 - 00000197 _____ () C:\Windows\system32\2015-02-04-10-45-16.057-AvastVBoxSVC.exe-3556.log 2015-02-03 10:47 - 2015-02-03 10:47 - 00000197 _____ () C:\Windows\system32\2015-02-03-09-47-28.074-AvastVBoxSVC.exe-2760.log 2015-02-02 23:48 - 2015-02-02 23:48 - 00000197 _____ () C:\Windows\system32\2015-02-02-22-48-34.012-AvastVBoxSVC.exe-2724.log 2015-02-01 20:27 - 2015-02-01 20:28 - 00000197 _____ () C:\Windows\system32\2015-02-01-19-27-50.011-AvastVBoxSVC.exe-2520.log 2015-02-01 12:07 - 2015-02-01 12:07 - 00000247 _____ () C:\Windows\system32\2015-02-01-11-07-29.032-aswFe.exe-4408.log 2015-02-01 12:04 - 2015-02-01 12:07 - 00000247 _____ () C:\Windows\system32\2015-02-01-11-04-59.028-aswFe.exe-4592.log 2015-02-01 12:04 - 2015-02-01 12:04 - 00000197 _____ () C:\Windows\system32\2015-02-01-11-04-55.095-AvastVBoxSVC.exe-2728.log 2015-02-01 12:03 - 2015-02-01 12:03 - 00000000 ____D () C:\Windows\SysWOW64\vbox 2015-02-01 12:03 - 2015-02-01 12:03 - 00000000 ____D () C:\Windows\system32\vbox 2015-02-01 11:45 - 2015-02-01 11:45 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-02-01 11:45 - 2015-02-01 11:45 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-01-28 20:09 - 2015-01-28 20:09 - 00000000 ____D () C:\Users\Tomek K\Documents\DyingLight 2015-01-27 16:59 - 2015-01-27 16:59 - 00001757 _____ () C:\Users\Tomek K\Desktop\XCOMLauncher.lnk 2015-01-27 15:33 - 2015-01-27 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games 2015-01-26 01:18 - 2015-01-26 01:18 - 00000000 ____D () C:\Users\Tomek K\Documents\Fax 2015-01-22 23:58 - 2015-01-22 23:58 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-01-22 23:58 - 2015-01-22 23:58 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2015-01-21 15:56 - 2015-02-04 01:38 - 00000000 ____D () C:\Users\Tomek K\Documents\eagle 2015-01-20 17:19 - 2015-01-20 17:19 - 00000000 ____D () C:\Users\Tomek K\AppData\Roaming\CadSoft 2015-01-18 17:52 - 2015-01-18 17:52 - 00000000 ____D () C:\Users\Tomek K\Documents\SICK 2015-01-14 13:34 - 2015-01-14 13:34 - 00000000 ___SH () C:\Users\Tomek K\AppData\Local\LumaEmu 2015-01-14 13:34 - 2015-01-14 13:34 - 00000000 ____D () C:\Users\Tomek K\AppData\Local\LumaEmu_SteamCloud 2014-12-30 20:47 - 2014-12-30 20:47 - 00000219 _____ () C:\Users\Tomek K\Desktop\Counter-Strike Global Offensive.url ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-25 22:40 - 2014-07-15 16:29 - 00000000 ____D () C:\ProgramData\Adobe 2015-03-25 22:07 - 2014-07-15 17:45 - 00000000 ____D () C:\ProgramData\Origin 2015-03-25 21:59 - 2014-07-15 23:08 - 00000000 ____D () C:\Users\Tomek K\AppData\Roaming\uTorrent 2015-03-25 21:59 - 2014-07-15 17:43 - 00000000 ____D () C:\Users\Tomek K\AppData\Roaming\DAEMON Tools Lite 2015-03-25 21:58 - 2014-12-10 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband 2015-03-25 21:58 - 2014-08-01 16:33 - 00000000 ____D () C:\Windows\Minidump 2015-03-25 21:58 - 2014-07-15 15:43 - 00000000 ____D () C:\Windows\Panther 2015-03-25 21:57 - 2009-07-14 18:55 - 00740098 _____ () C:\Windows\system32\perfh015.dat 2015-03-25 21:57 - 2009-07-14 18:55 - 00155672 _____ () C:\Windows\system32\perfc015.dat 2015-03-25 21:57 - 2009-07-14 06:13 - 01669190 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-25 21:54 - 2014-07-15 14:47 - 01288461 ____N () C:\Windows\WindowsUpdate.log 2015-03-25 21:52 - 2014-07-15 16:28 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-03-25 21:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-25 21:23 - 2014-09-29 16:03 - 00000000 ____D () C:\Users\Tomek K\AppData\Roaming\NCH Software 2015-03-25 21:23 - 2014-09-29 16:03 - 00000000 ____D () C:\Program Files (x86)\NCH Software 2015-03-25 21:11 - 2014-07-17 13:26 - 00000000 ____D () C:\Users\Tomek K\AppData\Roaming\TS3Client 2015-03-25 17:09 - 2014-10-17 13:19 - 00000000 ____D () C:\Users\Tomek K\AppData\Local\Battle.net 2015-03-24 19:39 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Tomek K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-03-23 21:59 - 2014-11-18 23:20 - 00000000 ____D () C:\Users\Tomek K\AppData\Local\Last.fm 2015-03-23 20:54 - 2014-11-07 20:59 - 00032643 _____ () C:\Users\Tomek K\Desktop\muza.m3u8 2015-03-23 16:37 - 2014-08-07 20:49 - 00000000 ____D () C:\Users\Tomek K\AppData\Local\OpenFM 2015-03-21 00:09 - 2014-08-13 13:19 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2015-03-21 00:09 - 2014-07-15 19:05 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2015-03-20 12:54 - 2014-08-12 18:13 - 00000000 ____D () C:\Users\Tomek K\Documents\My Games 2015-03-20 10:37 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-03-18 16:49 - 2014-09-05 08:48 - 00000000 ____D () C:\Users\Tomek K\AppData\Local\Adobe 2015-03-14 11:27 - 2014-07-19 20:30 - 00000000 ____D () C:\Program Files (x86)\Winamp 2015-03-05 13:19 - 2014-08-12 18:24 - 00000000 ____D () C:\Users\Tomek K\AppData\Local\My Games 2015-03-05 11:39 - 2014-07-15 15:07 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-03-05 10:45 - 2014-07-18 22:08 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2015-03-03 11:42 - 2014-07-15 15:22 - 00000000 ____D () C:\ProgramData\Package Cache 2015-02-25 17:58 - 2014-12-18 21:02 - 00000825 _____ () C:\Users\Public\Desktop\Elite Dangerous Launcher.lnk 2015-02-25 16:42 - 2009-07-14 06:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT ==================== Files in the root of some directories ======= 2015-01-14 13:34 - 2015-01-14 13:34 - 0000000 ___SH () C:\Users\Tomek K\AppData\Local\LumaEmu 2014-07-23 19:04 - 2014-07-23 19:04 - 0000057 _____ () C:\ProgramData\Ament.ini Some content of TEMP: ==================== C:\Users\Tomek K\AppData\Local\Temp\Quarantine.exe C:\Users\Tomek K\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed ==================== BCD ================================ Menedľer rozruchu systemu Windows --------------------------------- Identyfikator {bootmgr} device partition=G: description Windows Boot Manager locale pl-PL inherit {globalsettings} default {current} resumeobject {edb0b2a1-ead2-11e2-b671-f62c1aa7485b} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Moduˆ ˆadujĄcy rozruchu systemu Windows --------------------------------------- Identyfikator {edb0b295-ead2-11e2-b671-f62c1aa7485b} Moduˆ ˆadujĄcy rozruchu systemu Windows --------------------------------------- Identyfikator {edb0b29b-ead2-11e2-b671-f62c1aa7485b} device ramdisk=[C:]\Recovery\edb0b29b-ead2-11e2-b671-f62c1aa7485b\Winre.wim,{edb0b29c-ead2-11e2-b671-f62c1aa7485b} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\edb0b29b-ead2-11e2-b671-f62c1aa7485b\Winre.wim,{edb0b29c-ead2-11e2-b671-f62c1aa7485b} systemroot \windows nx OptIn winpe Yes Moduˆ ˆadujĄcy rozruchu systemu Windows --------------------------------------- Identyfikator {edb0b29f-ead2-11e2-b671-f62c1aa7485b} device ramdisk=[C:]\Recovery\edb0b29f-ead2-11e2-b671-f62c1aa7485b\Winre.wim,{edb0b2a0-ead2-11e2-b671-f62c1aa7485b} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\edb0b29f-ead2-11e2-b671-f62c1aa7485b\Winre.wim,{edb0b2a0-ead2-11e2-b671-f62c1aa7485b} systemroot \windows nx OptIn winpe Yes Moduˆ ˆadujĄcy rozruchu systemu Windows --------------------------------------- Identyfikator {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale pl-PL inherit {bootloadersettings} recoverysequence {edb0b2a3-ead2-11e2-b671-f62c1aa7485b} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {edb0b2a1-ead2-11e2-b671-f62c1aa7485b} nx OptIn Moduˆ ˆadujĄcy rozruchu systemu Windows --------------------------------------- Identyfikator {edb0b2a3-ead2-11e2-b671-f62c1aa7485b} device ramdisk=[C:]\Recovery\edb0b2a3-ead2-11e2-b671-f62c1aa7485b\Winre.wim,{edb0b2a4-ead2-11e2-b671-f62c1aa7485b} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\edb0b2a3-ead2-11e2-b671-f62c1aa7485b\Winre.wim,{edb0b2a4-ead2-11e2-b671-f62c1aa7485b} systemroot \windows nx OptIn winpe Yes Wznawianie ze stanu hibernacji ------------------------------ Identyfikator {edb0b2a1-ead2-11e2-b671-f62c1aa7485b} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale pl-PL inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Moduˆ testujĄcy pami©† systemu Windows -------------------------------------- Identyfikator {memdiag} device partition=G: path \boot\memtest.exe description Diagnostyka pami©ci systemu Windows locale pl-PL inherit {globalsettings} badmemoryaccess Yes Ustawienia usˆug EMS -------------------- Identyfikator {emssettings} bootems Yes Ustawienia debugera ------------------- Identyfikator {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Uszkodzenia pami©ci RAM ----------------------- Identyfikator {badmemory} Ustawienia globalne ------------------- Identyfikator {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Ustawienia moduˆu ˆadujĄcego rozruchu ------------------------------------- Identyfikator {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Ustawienia funkcji hypervisor ----------------------------- Identyfikator {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Ustawienia moduˆu ˆadujĄcego wznawiania --------------------------------------- Identyfikator {resumeloadersettings} inherit {globalsettings} Opcje urzĄdzenia ---------------- Identyfikator {edb0b29c-ead2-11e2-b671-f62c1aa7485b} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\edb0b29b-ead2-11e2-b671-f62c1aa7485b\boot.sdi Opcje urzĄdzenia ---------------- Identyfikator {edb0b2a0-ead2-11e2-b671-f62c1aa7485b} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\edb0b29f-ead2-11e2-b671-f62c1aa7485b\boot.sdi Opcje urzĄdzenia ---------------- Identyfikator {edb0b2a4-ead2-11e2-b671-f62c1aa7485b} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\edb0b2a3-ead2-11e2-b671-f62c1aa7485b\boot.sdi LastRegBack: 2015-03-15 18:42 ==================== End Of Log ============================