Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by User (administrator) on USER-KOMPUTER on 03-04-2015 11:48:04 Running from C:\Users\User\Downloads Loaded Profiles: User (Available profiles: User) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7543000 2014-03-04] (Realtek Semiconductor) HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-02-21] (Intel Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation) HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-04-08] (MSI) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-30] (Avast Software s.r.o.) HKU\S-1-5-21-3088188526-2701845234-4171393175-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-08-14] (Google Inc.) HKU\S-1-5-21-3088188526-2701845234-4171393175-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-30] (Avast Software s.r.o.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-13] (Google Inc.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg64.dll [2015-03-13] (Google Inc.) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-30] (Avast Software s.r.o.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-13] (Google Inc.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-13] (Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3DE132CB-752B-497A-A0A5-D00126C572DA}: [NameServer] 8.8.8.8,8.8.4.4 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ogrbm8jl.default FF Homepage: hxxp://www.wp.pl/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-14] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-14] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-13] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-13] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ogrbm8jl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-29] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-30] Chrome: ======= CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-14] CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-14] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-14] CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-14] CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-30] CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-14] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-30] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-30] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-30] (Avast Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-02-21] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI) R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) S2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\diMaster.dll" /prefetch:1 ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-30] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-30] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-30] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-30] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-30] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-30] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-30] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-30] () S1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-22] (Disc Soft Ltd) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-02-03] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-02-03] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [23936 2014-02-03] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-02-03] () R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-30] (Avast Software) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-03 11:21 - 2015-04-03 11:37 - 00000000 ____D () C:\ProgramData\Norton 2015-04-03 11:09 - 2015-04-03 11:12 - 115397264 ____N (Symantec Corporation) C:\Users\User\Downloads\NS-TW-22.0.0-PL.exe 2015-04-03 10:22 - 2015-04-03 10:22 - 00005152 _____ () C:\Users\User\Downloads\smime.p7s 2015-04-01 22:16 - 2015-04-01 22:16 - 01061936 _____ (Marcin Grenda ) C:\Users\User\Downloads\rzeznia.exe 2015-04-01 22:16 - 2015-04-01 22:16 - 00002007 _____ () C:\Users\User\Desktop\Rzeźnik MPEG'ów .lnk 2015-04-01 22:16 - 2015-04-01 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rzeźnik 2015-04-01 22:16 - 2015-04-01 22:16 - 00000000 ____D () C:\Program Files (x86)\MGrenda 2015-04-01 22:16 - 2000-05-22 01:00 - 00608448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX 2015-04-01 22:08 - 2015-04-01 22:11 - 113333528 _____ () C:\Users\User\Downloads\Pumpingland Summer Event 2014 [sciagara.pl].mp4 2015-04-01 22:04 - 2015-04-01 22:04 - 00964447 _____ (GeoVid ) C:\Users\User\Downloads\video-mp3-extractor.exe 2015-04-01 22:04 - 2015-04-01 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video mp3 Extractor 2015-04-01 22:04 - 2015-04-01 22:04 - 00000000 ____D () C:\Program Files (x86)\Video mp3 Extractor 2015-03-30 16:17 - 2015-04-01 18:46 - 00001966 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2015-03-30 16:17 - 2015-03-30 16:17 - 00000000 ____D () C:\Windows\SysWOW64\vbox 2015-03-30 16:17 - 2015-03-30 16:17 - 00000000 ____D () C:\Windows\system32\vbox 2015-03-30 16:17 - 2015-03-30 16:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVAST Software 2015-03-30 16:17 - 2015-03-30 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-03-30 16:16 - 2015-04-03 10:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-03-30 16:16 - 2015-03-30 16:16 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys 2015-03-30 16:16 - 2015-03-30 16:16 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys 2015-03-30 16:16 - 2015-03-30 16:16 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe 2015-03-30 16:16 - 2015-03-30 16:16 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-03-30 16:16 - 2015-03-30 16:16 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys 2015-03-30 16:16 - 2015-03-30 16:16 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys 2015-03-30 16:16 - 2015-03-30 16:16 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-03-30 16:16 - 2015-03-30 16:16 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-03-30 16:16 - 2015-03-30 16:16 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr 2015-03-30 16:16 - 2015-03-30 16:16 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-03-30 16:13 - 2015-03-30 16:13 - 00000000 ____D () C:\Program Files\AVAST Software 2015-03-30 16:10 - 2015-03-30 16:10 - 04864744 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_online.exe 2015-03-30 16:10 - 2015-03-30 16:10 - 04864744 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe 2015-03-29 14:33 - 2015-03-29 14:51 - 00000049 _____ () C:\Windows\NeroDigital.ini 2015-03-26 17:13 - 2015-03-26 17:13 - 02168320 _____ () C:\Users\User\Downloads\adwcleaner_4.113.exe 2015-03-26 16:12 - 2015-03-26 16:12 - 00001590 _____ () C:\Users\Public\Desktop\Nero StartSmart.lnk 2015-03-26 16:12 - 2015-03-26 16:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ahead 2015-03-26 16:11 - 2015-04-03 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2015-03-26 16:11 - 2001-07-09 12:50 - 00155648 _____ (Ahead Software Gmbh) C:\Windows\SysWOW64\NeroCheck.exe 2015-03-26 16:11 - 2001-07-06 19:24 - 00283920 _____ (Pegasus Software, LLC) C:\Windows\SysWOW64\ImagXpr5.dll 2015-03-26 16:11 - 2001-07-06 15:41 - 00569344 _____ (Pegasus Software,LLC) C:\Windows\SysWOW64\imagr5.dll 2015-03-26 16:11 - 2001-07-06 13:44 - 00544768 _____ (Pegasus Software, LLC) C:\Windows\SysWOW64\imagx5.dll 2015-03-26 16:11 - 2001-06-26 09:15 - 00038912 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\picn20.dll 2015-03-26 16:11 - 2000-06-26 12:45 - 00106496 _____ (Pegasus Software) C:\Windows\SysWOW64\TwnLib20.dll 2015-03-26 16:04 - 2015-03-26 16:04 - 00000000 ____D () C:\ProgramData\Ahead 2015-03-26 15:50 - 2015-03-26 16:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\do-search 2015-03-26 15:31 - 2015-04-03 11:00 - 00000000 ____D () C:\Program Files (x86)\Ahead 2015-03-15 13:11 - 2015-03-15 13:11 - 00000694 _____ () C:\Users\User\Desktop\Launcher — skrót.lnk 2015-03-14 18:42 - 2015-03-26 16:08 - 00000000 ____D () C:\Users\User\Documents\FIFA 15 2015-03-14 11:11 - 2015-03-14 11:11 - 00040098 _____ () C:\Users\User\Downloads\Shortcut.txt 2015-03-13 22:37 - 2015-03-13 22:37 - 00007874 _____ () C:\Users\User\Desktop\aaaaa.log 2015-03-13 22:22 - 2015-03-13 22:22 - 00026698 _____ () C:\Users\User\Desktop\Addition.txt 2015-03-13 22:21 - 2015-03-13 22:21 - 00024405 _____ () C:\Users\User\Desktop\FRST.txt 2015-03-13 22:17 - 2015-03-14 11:11 - 00027294 _____ () C:\Users\User\Downloads\Addition.txt 2015-03-13 22:17 - 2015-03-13 22:17 - 00370943 _____ () C:\Users\User\Downloads\gmer.zip 2015-03-13 22:16 - 2015-04-03 11:48 - 00015491 _____ () C:\Users\User\Downloads\FRST.txt 2015-03-13 22:15 - 2015-04-03 11:48 - 00000000 ____D () C:\FRST 2015-03-13 21:29 - 2015-03-13 21:29 - 02095616 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2015-03-13 21:00 - 2015-03-13 21:00 - 00000000 ____D () C:\Program Files (x86)\ESET 2015-03-13 20:59 - 2015-03-13 20:59 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_plk.exe 2015-03-13 20:24 - 2015-03-26 17:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-09 18:26 - 2015-03-09 18:26 - 00015320 _____ () C:\Users\User\Downloads\TOM FIFA15 V0.6.0.zip ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-03 11:46 - 2014-08-14 19:39 - 01699630 _____ () C:\Windows\WindowsUpdate.log 2015-04-03 11:45 - 2014-08-14 15:08 - 00006395 _____ () C:\Windows\SysWOW64\Gms.log 2015-04-03 11:45 - 2014-08-14 14:54 - 00000000 ____D () C:\Users\User\AppData\Local\Google 2015-04-03 11:43 - 2014-10-30 09:39 - 00389588 _____ () C:\Windows\setupact.log 2015-04-03 11:43 - 2014-08-14 14:54 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-03 11:42 - 2014-11-13 23:12 - 01139290 _____ () C:\Windows\PFRO.log 2015-04-03 11:42 - 2014-08-14 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-04-03 11:42 - 2011-02-04 19:55 - 00737242 _____ () C:\Windows\system32\perfh015.dat 2015-04-03 11:42 - 2011-02-04 19:55 - 00153930 _____ () C:\Windows\system32\perfc015.dat 2015-04-03 11:42 - 2009-07-14 07:13 - 01661232 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-03 11:42 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-03 11:41 - 2014-12-16 18:00 - 00000000 ___RD () C:\Users\User\Programy 2015-04-03 11:41 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-03 11:41 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-03 11:26 - 2014-08-14 14:54 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-03 11:05 - 2014-08-21 15:36 - 00000000 ____D () C:\Users\User\Documents\Symantec 2015-04-03 10:49 - 2014-08-28 14:55 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-01 18:58 - 2014-11-22 12:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent 2015-03-30 16:12 - 2014-10-09 23:10 - 00000000 ____D () C:\ProgramData\AVAST Software 2015-03-26 17:16 - 2014-10-28 18:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-26 17:15 - 2014-10-17 12:02 - 00000000 ____D () C:\AdwCleaner 2015-03-26 16:08 - 2014-08-14 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-03-26 16:08 - 2014-08-14 15:25 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-03-26 16:08 - 2014-08-14 15:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-03-26 16:08 - 2014-08-14 15:00 - 00000000 ___HD () C:\SuperChargerProfile 2015-03-26 16:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security 2015-03-26 16:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2015-03-26 16:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2015-03-26 16:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2015-03-26 15:50 - 2014-09-10 19:19 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps 2015-03-17 23:06 - 2015-02-23 18:00 - 00003680 _____ () C:\Users\User\Documents\PrawkoC2013S.tmp 2015-03-08 17:27 - 2014-11-22 20:17 - 00000000 ____D () C:\Users\User\Documents\My Games ==================== Files in the root of some directories ======= 2014-08-14 14:53 - 2014-08-14 14:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-26 12:33 ==================== End Of Log ============================