Anonim / 2 lata, 9 miesięcy temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Rafal (administrator) on RAFAL-PC on 03-02-2015 13:06:20
Running from C:\Users\Rafal\Downloads
Loaded Profiles: Rafal & UpdatusUser (Available profiles: Rafal & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Angielski (Stany Zjednoczone)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Config.Msi\29528e.rbf
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [253440 2013-04-23] (Realtek Semiconductor Corporation)
HKLM\...\Run: [IAStorIcon] => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-03-04] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-25] (AVAST Software)
HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-28] (Electronic Arts)
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\Run: [DAEMON Tools Lite] => E:\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\Run: [Tiny download manager] => "C:\Users\Rafal\AppData\Local\DM\TinyDM.exe" /M
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\MountPoints2: {0753bbf8-9e5e-11e4-af64-54271e251c25} - G:\AutoRun.exe
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\MountPoints2: {110d25b3-09be-11e4-a6ed-806e6f6e6963} - D:\CDSetup.exe
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\MountPoints2: {d7cbf200-9781-11e4-8712-54271e251c25} - G:\AutoRun.exe
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\MountPoints2: {e6ff0129-9d7a-11e4-84d6-54271e251c25} - G:\AutoRun.exe
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\MountPoints2: {e6ff0157-9d7a-11e4-84d6-54271e251c25} - G:\AutoRun.exe
HKU\S-1-5-21-1193567628-3741132159-961158197-1001\...\MountPoints2: {110d25b3-09be-11e4-a6ed-806e6f6e6963} - D:\CDSetup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-15] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Updater.lnk
ShortcutTarget: Windows Updater.lnk -> C:\Program Files (x86)\Windows Updater\Win_Updater.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1420462273&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX71EA3YUM10YUM10&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1420462273&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX71EA3YUM10YUM10&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1420462273&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX71EA3YUM10YUM10&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1420462273&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX71EA3YUM10YUM10&q={searchTerms}
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Surftastic -> {7964af97-b3d4-4b63-b2d2-185a180f2b28} -> E:\FIFA 15 Digital Downloader by RELOADED\sticBHO.dll No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0BB45136-EB35-4031-AC8F-38BC4BEEC8AA}: [NameServer] 193.41.112.14 193.41.112.18
Tcpip\..\Interfaces\{2AE1FEB4-C346-4D53-BD75-70B3D8C16E6F}: [NameServer] 193.41.112.14 193.41.112.18
Tcpip\..\Interfaces\{4DFCEAF1-D653-48F0-91FF-39FD8AD4D5E5}: [NameServer] 193.41.112.14 193.41.112.18

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1193567628-3741132159-961158197-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-25]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1420462273&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX71EA3YUM10YUM10"
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-16]
CHR Extension: (Dysk Google) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-16]
CHR Extension: (YouTube) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-16]
CHR Extension: (Szukaj w Google) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-16]
CHR Extension: (Google Wallet) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-16]
CHR Extension: (Gmail) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-25] (AVAST Software)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-04-02] (Realtek Semiconductor Corporation) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [47104 2013-04-25] () [File not signed]
R2 Huawei E3272; C:\ProgramData\MobileBrServ\mbbservice.exe [240720 2013-12-03] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [678480 2013-12-19] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-02-15] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-28] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-01-09] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [42496 2013-04-25] (Realtek Semiconductor Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [473088 2015-01-05] (Fuyu LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-25] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-24] (Disc Soft Ltd)
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [121728 2013-12-19] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [376448 2013-12-19] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-18] (Qualcomm Atheros Co., Ltd.)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [535624 2013-03-28] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R1 {8d9208df-94f9-4c96-a224-97b37b0df94e}Gw64; C:\Windows\System32\drivers\{8d9208df-94f9-4c96-a224-97b37b0df94e}Gw64.sys [48792 2015-01-05] (StdLib)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 13:06 - 2015-02-03 13:06 - 00017494 _____ () C:\Users\Rafal\Downloads\FRST.txt
2015-02-03 12:20 - 2015-02-03 12:21 - 00026199 _____ () C:\Users\Rafal\Desktop\Addition.txt
2015-02-03 12:19 - 2015-02-03 12:21 - 00034100 _____ () C:\Users\Rafal\Desktop\FRST.txt
2015-02-03 12:19 - 2015-02-03 12:19 - 02131456 _____ (Farbar) C:\Users\Rafal\Downloads\FRST64.exe
2015-01-29 11:57 - 2015-01-29 11:57 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2015-01-28 12:11 - 2015-01-28 12:22 - 00000000 ____D () C:\Users\Rafal\AppData\Roaming\Gameo
2015-01-28 12:11 - 2015-01-28 12:22 - 00000000 ____D () C:\Users\Rafal\AppData\Local\Gameo
2015-01-28 12:11 - 2015-01-28 12:11 - 00000000 ___HD () C:\Users\Rafal\AppData\Roaming\GoldenGate
2015-01-23 10:51 - 2015-01-23 10:55 - 00000000 ____D () C:\Users\Rafal\Documents\FIFA 15
2015-01-23 10:42 - 2015-01-23 10:42 - 00000668 _____ () C:\Users\Public\Desktop\FIFA 15.lnk
2015-01-22 23:49 - 2015-01-22 23:49 - 00000000 __SHD () C:\ProgramData\SecuROM
2015-01-22 23:47 - 2015-01-22 23:47 - 00080384 _____ () C:\Users\Rafal\Downloads\xlive.dll
2015-01-22 23:17 - 2015-01-22 23:34 - 109388216 _____ () C:\Users\Rafal\Downloads\GTAIV_1.0.7.0_Patch.zip
2015-01-22 19:58 - 2015-01-22 19:58 - 00000000 __SHD () C:\Users\Rafal\AppData\Local\EmieUserList
2015-01-22 19:58 - 2015-01-22 19:58 - 00000000 __SHD () C:\Users\Rafal\AppData\Local\EmieSiteList
2015-01-22 19:58 - 2015-01-22 19:58 - 00000000 __SHD () C:\Users\Rafal\AppData\Local\EmieBrowserModeList
2015-01-22 18:55 - 2015-01-22 18:55 - 00000884 _____ () C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
2015-01-22 18:55 - 2015-01-22 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto IV
2015-01-21 23:50 - 2015-01-21 23:52 - 31167346 _____ () C:\Users\Rafal\Downloads\GTAIV_spolszczenie.7z
2015-01-21 23:44 - 2015-01-21 23:47 - 32091648 _____ (GTAPOLSKA.PL & PLProjekt) C:\Users\Rafal\Downloads\GTA IV Spolszczenie 100% (napisy PL).exe
2015-01-21 23:36 - 2015-01-21 23:36 - 00000000 ____D () C:\Users\Rafal\Documents\Rockstar Games
2015-01-21 23:33 - 2015-01-21 23:35 - 00000000 ____D () C:\Users\Rafal\AppData\Local\Rockstar Games
2015-01-21 23:31 - 2015-01-22 19:51 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-01-21 23:31 - 2015-01-21 23:31 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2015-01-21 23:31 - 2015-01-21 23:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-01-19 21:21 - 2015-01-19 21:22 - 00288432 _____ () C:\Windows\Minidump\011915-21481-01.dmp
2015-01-16 13:34 - 2015-01-16 13:34 - 00001241 _____ () C:\Users\Public\Desktop\Internet Manager.lnk
2015-01-16 13:34 - 2015-01-16 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2015-01-16 13:34 - 2015-01-16 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2015-01-16 13:34 - 2015-01-16 13:34 - 00000000 ____D () C:\ProgramData\Internet Manager
2015-01-16 13:34 - 2013-12-19 03:20 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-01-16 13:34 - 2013-12-19 03:20 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2015-01-16 13:34 - 2013-12-19 03:20 - 00456192 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2015-01-16 13:34 - 2013-12-19 03:20 - 00376448 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys
2015-01-16 13:34 - 2013-12-19 03:20 - 00246272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2015-01-16 13:34 - 2013-12-19 03:20 - 00226048 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2015-01-16 13:34 - 2013-12-19 03:20 - 00121728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys
2015-01-16 13:34 - 2013-12-19 03:20 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2015-01-16 13:34 - 2013-12-19 03:20 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2015-01-16 13:34 - 2013-12-19 03:20 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2015-01-16 13:34 - 2013-12-19 03:20 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2015-01-16 13:34 - 2013-12-19 03:20 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2015-01-16 13:34 - 2013-12-19 03:20 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2015-01-16 13:34 - 2013-12-19 03:20 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2015-01-16 13:34 - 2013-12-19 03:20 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2015-01-16 13:33 - 2015-01-16 13:33 - 00000000 ____D () C:\Program Files (x86)\T-Mobile
2015-01-16 13:29 - 2015-01-16 13:35 - 00000000 ____D () C:\ProgramData\DatacardService
2015-01-14 16:02 - 2015-01-14 16:02 - 01183744 _____ () C:\Users\Rafal\Downloads\PCRemoteSetup.msi
2015-01-12 21:56 - 2015-01-12 21:56 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-01-09 19:13 - 2015-01-09 19:13 - 00000000 ____D () C:\Users\Rafal\AppData\Roaming\Need for Speed World
2015-01-09 16:53 - 2015-01-09 16:53 - 00000000 ____D () C:\Users\Rafal\AppData\Local\Electronic_Arts_Inc
2015-01-09 16:08 - 2015-01-09 16:08 - 00000753 _____ () C:\Users\Public\Desktop\Need for Speed World.lnk
2015-01-09 16:00 - 2015-01-17 01:31 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-01-09 15:59 - 2015-01-09 16:00 - 00000000 ____D () C:\Users\Rafal\Documents\Battlefield 3
2015-01-09 15:59 - 2015-01-09 15:59 - 00000000 ____D () C:\Users\Rafal\AppData\Local\ESN
2015-01-09 15:55 - 2015-01-09 20:01 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-01-09 15:55 - 2015-01-09 15:55 - 01534736 _____ () C:\Users\Rafal\Downloads\battlelog-web-plugins_2.6.2_154.exe
2015-01-09 15:53 - 2015-01-09 15:53 - 00000685 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk
2015-01-09 15:53 - 2015-01-09 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-01-09 15:53 - 2015-01-09 15:53 - 00000000 ____D () C:\ProgramData\EA Core
2015-01-08 23:34 - 2015-01-08 23:34 - 00000000 ____D () C:\ProgramData\APN
2015-01-08 23:09 - 2015-01-08 23:09 - 00001692 _____ () C:\Users\Public\Desktop\Huawei E3272.lnk
2015-01-08 23:09 - 2015-01-08 23:09 - 00000000 ____D () C:\ProgramData\MobileBrServ
2015-01-08 23:09 - 2015-01-08 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Huawei E3272
2015-01-05 14:01 - 2015-01-05 04:47 - 00048792 _____ (StdLib) C:\Windows\system32\Drivers\{8d9208df-94f9-4c96-a224-97b37b0df94e}Gw64.sys
2015-01-05 13:52 - 2015-02-03 13:02 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-01-05 13:52 - 2015-01-05 13:52 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-01-05 13:51 - 2015-01-05 14:06 - 00000000 ____D () C:\Users\Rafal\AppData\Roaming\sweet-page
2015-01-05 13:51 - 2015-01-05 13:51 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-05 13:50 - 2015-01-05 13:50 - 00000000 ____D () C:\Users\Rafal\AppData\Roaming\WorldofTanks
2015-01-05 13:50 - 2015-01-05 13:50 - 00000000 ____D () C:\Users\Rafal\AppData\Local\WorldofTanks

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 13:06 - 2014-07-30 12:52 - 00000000 ____D () C:\FRST
2015-02-03 13:01 - 2014-10-17 13:34 - 00000000 ____D () C:\Users\Rafal\AppData\Local\Adobe
2015-02-03 13:01 - 2014-10-17 13:33 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-03 12:43 - 2014-07-15 23:57 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-03 12:29 - 2014-09-10 14:30 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-03 12:22 - 2009-07-14 05:45 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-03 12:22 - 2009-07-14 05:45 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-03 12:20 - 2014-07-12 13:22 - 01586671 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 12:17 - 2014-12-29 22:15 - 00000000 ____D () C:\Users\Rafal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-02-03 12:17 - 2014-08-25 15:06 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-03 12:17 - 2014-07-16 18:45 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-03 12:17 - 2014-07-12 23:02 - 00000000 ____D () C:\ProgramData\Origin
2015-02-03 12:17 - 2014-07-12 13:36 - 00002986 _____ () C:\Users\Rafal\AppData\Local\BTServer.log
2015-02-03 12:16 - 2014-07-15 23:57 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-03 12:16 - 2014-07-12 13:35 - 00000000 ____D () C:\ProgramData\Realtek
2015-02-03 12:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-03 12:16 - 2009-07-14 05:51 - 00054611 _____ () C:\Windows\setupact.log
2015-02-02 14:08 - 2014-12-29 22:17 - 00000000 _____ () C:\Windows\lgfwup.ini
2015-02-02 14:08 - 2014-07-12 13:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-02 14:00 - 2014-09-06 10:36 - 00000000 ____D () C:\Users\Rafal\AppData\Roaming\TornTV.com
2015-02-02 13:50 - 2014-07-13 15:08 - 00000000 ____D () C:\Users\Rafal\AppData\Roaming\Xfire
2015-02-02 11:49 - 2014-07-20 11:29 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-01 22:18 - 2014-07-12 17:22 - 00000000 ____D () C:\Users\Rafal\Documents\FIFA 14
2015-01-30 21:45 - 2014-07-13 11:14 - 00000000 ____D () C:\Users\Rafal\AppData\Roaming\TS3Client
2015-01-29 17:31 - 2014-07-16 16:50 - 00000464 __RSH () C:\ProgramData\ntuser.pol
2015-01-29 11:57 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-01-28 14:49 - 2014-07-13 10:26 - 01915982 _____ () C:\Windows\PFRO.log
2015-01-28 11:57 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-26 21:28 - 2014-07-12 13:36 - 00000000 ____D () C:\Users\Rafal\Documents\My Bluetooth
2015-01-25 19:29 - 2014-07-20 10:29 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 19:29 - 2014-07-20 10:29 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 19:29 - 2014-07-20 10:29 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 20:25 - 2014-07-12 14:19 - 00741694 _____ () C:\Windows\system32\perfh015.dat
2015-01-23 20:25 - 2014-07-12 14:19 - 00156734 _____ () C:\Windows\system32\perfc015.dat
2015-01-23 20:25 - 2009-07-14 06:13 - 01673940 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-23 10:25 - 2014-07-16 19:13 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-01-21 23:32 - 2014-07-13 00:02 - 00285791 _____ () C:\Windows\DirectX.log
2015-01-19 21:21 - 2014-07-23 21:20 - 00000000 ____D () C:\Windows\Minidump
2015-01-19 18:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-17 01:31 - 2014-07-28 20:32 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-01-17 01:31 - 2014-07-28 20:32 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-01-09 16:08 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-09 16:05 - 2014-07-28 20:32 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-09 16:00 - 2014-07-12 22:09 - 00000000 ____D () C:\Users\Rafal\AppData\Local\PunkBuster
2015-01-09 15:53 - 2014-07-16 18:53 - 00000000 ____D () C:\Users\Rafal\AppData\Local\Origin
2015-01-08 23:43 - 2014-08-25 16:36 - 00000000 ____D () C:\Users\Rafal\Desktop\My Shared Folder
2015-01-08 23:34 - 2014-07-14 20:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-08 23:34 - 2014-07-14 20:40 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-08 23:23 - 2014-07-14 20:41 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-05 14:03 - 2014-12-29 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-01-05 14:03 - 2014-12-29 22:14 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-05 14:01 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini

==================== Files in the root of some directories =======

2014-07-12 13:36 - 2015-02-03 12:17 - 0002986 _____ () C:\Users\Rafal\AppData\Local\BTServer.log

Some content of TEMP:
====================
C:\Users\Rafal\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe
C:\Users\Rafal\AppData\Local\Temp\APNSetup.exe
C:\Users\Rafal\AppData\Local\Temp\asasin2.exe
C:\Users\Rafal\AppData\Local\Temp\BackupSetup.exe
C:\Users\Rafal\AppData\Local\Temp\DllMonoCtrl.dll
C:\Users\Rafal\AppData\Local\Temp\ICReinstall_dotNetFx40_Client_x86_x64.exe
C:\Users\Rafal\AppData\Local\Temp\patch__8145_il8621.exe
C:\Users\Rafal\AppData\Local\Temp\pcspeedup.exe
C:\Users\Rafal\AppData\Local\Temp\Setup__2247_il6717.exe
C:\Users\Rafal\AppData\Local\Temp\update__8145_il8579.exe
C:\Users\Rafal\AppData\Local\Temp\xfire_installer_10650.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 21:15

==================== End Of Log ============================