Leoneq

Members

View Profile See their activity

Posts
4
Joined
January 17, 2014
Last visited
January 20, 2014

Reputation

0 Neutral

I am afraid that my computer is infected

Leoneq replied to Leoneq's topic in Resolved Malware Removal Logs

I think everything is fine now. Thanks for fast help. You can close the thread.
- January 18, 2014
- 8 replies
I am afraid that my computer is infected

Leoneq replied to Leoneq's topic in Resolved Malware Removal Logs

MBAM logs: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Wersja bazy: v2014.01.17.02 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16721Maćko :: MÓJKOMPUTEREK [administrator] 2014-01-17 15:30:32mbam-log-2014-01-17 (15-30-32).txt Typ skanowania: Niestandardowe skanowanie (H:\|)Zaznaczone opcje skanowania: System plików | Heuristyka/Shuriken | PUP | PUMOdznaczone opcje skanowania: Pamięć | Rozruch | Rejestr | Heurystyka/Dodatkowe | P2PPrzeskanowano obiektów: 57Upłynęło: 3 sekund(y) Wykrytych procesów w pamięci: 0(Nie znaleziono zagrożeń) Wykrytych modułów w pamięci: 0(Nie znaleziono zagrożeń) Wykrytych kluczy rejestru: 0(Nie znaleziono zagrożeń) Wykrytych wartości rejestru: 0(Nie znaleziono zagrożeń) Wykryte wpisy rejestru systemowego: 0(Nie znaleziono zagrożeń) wykrytych folderów: 0(Nie znaleziono zagrożeń) Wykrytych plików: 0(Nie znaleziono zagrożeń) (zakończone) FRST logs: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-01-2014 02Ran by Maćko at 2014-01-17 21:24:39 Run:3Running from C:\Users\Maćko\Desktop\Nowy folderBoot Mode: Normal============================================== Content of fixlist:*****************StartC:\Users\Mac'ko\AppData\Local\Temp\nvSCPAPI.dllC:\Users\Mac'ko\AppData\Local\Temp\nvStInst.exeEnd***************** "C:\Users\Mac'ko\AppData\Local\Temp\nvSCPAPI.dll" => File/Directory not found."C:\Users\Mac'ko\AppData\Local\Temp\nvStInst.exe" => File/Directory not found. ==== End of Fixlog ==== adwcleaner log: # AdwCleaner v3.017 - Report created 17/01/2014 at 21:28:13# Updated 12/01/2014 by Xplode# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)# Username : Maćko - MÓJKOMPUTEREK# Running from : C:\Users\Maćko\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Windows\SysWOW64\hotspot shieldFolder Deleted : C:\Users\MAKO~1\AppData\Local\Temp\hotspot shieldFolder Deleted : C:\Users\Maćko\AppData\LocalLow\boost_interprocessFile Deleted : C:\ENDFile Deleted : C:\Users\Maćko\AppData\Roaming\Mozilla\Firefox\Profiles\4nabr79p.default\invalidprefs.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\anchorfreeKey Deleted : HKCU\Software\ConduitKey Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16720 -\\ Mozilla Firefox v26.0 (pl) [ File : C:\Users\Maćko\AppData\Roaming\Mozilla\Firefox\Profiles\4nabr79p.default\prefs.js ] ************************* AdwCleaner[R0].txt - [1439 octets] - [17/01/2014 21:25:43]AdwCleaner[s0].txt - [1165 octets] - [17/01/2014 21:28:13] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1225 octets] ##########
- January 17, 2014
- 8 replies
I am afraid that my computer is infected

Leoneq replied to Leoneq's topic in Resolved Malware Removal Logs

FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 02 Ran by Maćko (administrator) on MÓJKOMPUTEREK on 17-01-2014 19:53:24Running from C:\Users\Maćko\DesktopWindows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Windows\SysWOW64\PnkBstrA.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe() C:\Windows\vsnpstd3.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)HKLM\...\Run: [snpstd3] - C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-07-22] (Power Software Ltd)HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-01] (AVAST Software)MountPoints2: G - G:\Setup.exeMountPoints2: {b9f952e7-29ca-11e3-a0ee-00044b006790} - H:\Startme.exe ==================== Internet (Whitelisted) ==================== BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox:========FF ProfilePath: C:\Users\Maćko\AppData\Roaming\Mozilla\Firefox\Profiles\4nabr79p.defaultFF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No FileFF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Maćko\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-31] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-01] (AVAST Software)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-09-24] () ==================== Drivers (Whitelisted) ==================== R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-01] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-01] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-01] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-01] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-01] (AVAST Software)R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-01] (AVAST Software)R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-01] ()R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)R3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]S3 tsusbhub; system32\drivers\tsusbhub.sys [x]S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-17 19:51 - 2014-01-17 19:53 - 00010821 _____ C:\Users\Maćko\Desktop\FRST.txt2014-01-17 19:50 - 2014-01-17 19:50 - 00000000 ____D C:\FRST2014-01-17 19:49 - 2014-01-17 19:49 - 02075648 _____ (Farbar) C:\Users\Maćko\Desktop\FRST64.exe2014-01-17 14:50 - 2014-01-17 14:50 - 00000000 ____D C:\Users\MaŠko2014-01-17 08:07 - 2014-01-17 08:07 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\Malwarebytes2014-01-17 08:06 - 2014-01-17 08:06 - 00000000 ____D C:\ProgramData\Malwarebytes2014-01-17 08:06 - 2014-01-17 08:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-01-17 08:06 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-01-16 17:49 - 2014-01-16 17:49 - 00465200 _____ C:\Users\Maćko\AppData\Local\recently-used.xbel2014-01-14 17:59 - 2014-01-14 17:59 - 04995688 _____ (ffdshow ) C:\Users\Maćko\Downloads\ffdshow_rev4527_20131203_clsid_x64.exe2014-01-14 17:56 - 2014-01-14 17:56 - 02014270 _____ C:\Users\Maćko\Downloads\imagegrab_50en (1).zip2014-01-14 17:48 - 2014-01-14 18:03 - 00000000 ____D C:\Program Files (x86)\Movavi Core 5.1.02014-01-14 17:45 - 2014-01-14 17:47 - 110787120 _____ (Movavi) C:\Users\Maćko\Downloads\MovaviVideoEditorSetup.exe2014-01-12 10:16 - 2014-01-12 10:16 - 00664210 _____ C:\Users\Maćko\Downloads\Highly Visible Health Bars-40--3.zip2014-01-12 10:13 - 2014-01-12 10:13 - 04816740 _____ C:\Users\Maćko\Downloads\Recolored Gold-Hemmed Black Set-287-.7z2014-01-12 10:11 - 2014-01-12 10:11 - 00387050 _____ C:\Users\Maćko\Downloads\Metal Grass Crest Shield-349-0-9.rar2014-01-12 10:08 - 2014-01-12 10:08 - 00152310 _____ C:\Users\Maćko\Downloads\Flames of Dosh-464-1-0-0.zip2014-01-11 14:12 - 2014-01-11 14:13 - 06381290 _____ C:\Users\Maćko\Downloads\Dark Souls Flora Overhaul v05 Lower Res-56-.7z2014-01-11 13:00 - 2014-01-11 13:00 - 00707426 _____ C:\Users\Maćko\Downloads\Prepare to doge edition-507-1-0.zip2014-01-11 12:53 - 2014-01-11 12:54 - 59207358 _____ C:\Users\Maćko\Downloads\Fire Customization Pack - newest-159-2-1.zip2014-01-11 12:52 - 2014-01-11 12:52 - 00227451 _____ C:\Users\Maćko\Downloads\Black with handle ornament-155-1-0.zip2014-01-10 14:02 - 2014-01-10 14:02 - 00008474 _____ C:\Windows\DPINST.LOG2014-01-04 13:38 - 2014-01-04 13:38 - 00000000 ____D C:\Users\Maćko\Documents\Games for Windows - LIVE Demos2014-01-04 10:10 - 2014-01-04 10:10 - 02014270 _____ C:\Users\Maćko\Downloads\imagegrab_50en.zip2014-01-04 10:01 - 2014-01-04 10:03 - 00000000 ____D C:\Program Files (x86)\SubEdit-Player2014-01-04 10:00 - 2014-01-04 10:01 - 07923239 _____ (Artur Sikora ) C:\Users\Maćko\Downloads\subedit+codecpack_b4072_install.exe2014-01-04 09:47 - 2014-01-04 09:48 - 32244744 _____ (DVDVideoSoft Ltd. ) C:\Users\Maćko\Downloads\FreeYouTubeDownload.exe2014-01-02 21:58 - 2014-01-02 21:58 - 00360385 _____ C:\Users\Maćko\Downloads\Kafka Franz - Proces (1936).mobi2014-01-02 21:57 - 2014-01-02 21:57 - 00535729 _____ C:\Users\Maćko\Downloads\Terry Pratchett - Świat Dysku - 22 - Ostatni Kontynent.mobi2014-01-02 21:57 - 2014-01-02 21:57 - 00226223 _____ C:\Users\Maćko\Downloads\Terry Pratchett - Świat Dysku - 27 - Ostatni bohater.mobi2014-01-02 21:54 - 2014-01-02 21:54 - 00556505 _____ C:\Users\Maćko\Downloads\Terry Pratchett - Świat Dysku - 17 - Ciekawe czasy.mobi2014-01-02 21:52 - 2014-01-02 21:52 - 00352714 _____ C:\Users\Maćko\Downloads\Ciekawe czasy - Terry Pratchett.epub2014-01-01 12:51 - 2014-01-01 12:51 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\AVAST Software2014-01-01 09:45 - 2014-01-01 12:56 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys2013-12-29 13:18 - 2013-12-29 13:18 - 00000000 ____D C:\Users\Maćko\AppData\Local\Auto Clicker2013-12-26 13:04 - 2013-12-26 13:04 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft2013-12-25 09:35 - 2014-01-17 19:45 - 00200300 _____ C:\Windows\PFRO.log2013-12-24 14:52 - 2013-12-24 14:52 - 00004967 _____ C:\ProgramData\uxxadbmu.rlu2013-12-24 14:52 - 2013-12-24 14:52 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\MOVAVI2013-12-24 11:54 - 2013-11-14 12:56 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2013-12-24 11:54 - 2013-11-14 12:56 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2013-12-24 11:54 - 2013-11-14 12:56 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2013-12-24 11:54 - 2013-11-14 12:56 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2013-12-24 11:54 - 2013-11-14 12:56 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2013-12-24 11:54 - 2013-11-14 12:56 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2013-12-24 11:54 - 2013-11-14 12:56 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2013-12-24 11:54 - 2013-11-14 12:56 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2013-12-24 11:54 - 2013-11-14 12:56 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2013-12-24 11:54 - 2013-11-14 12:56 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2013-12-24 11:54 - 2013-11-14 12:56 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2013-12-24 11:54 - 2013-11-14 12:56 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2013-12-24 11:54 - 2013-11-14 12:56 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2013-12-24 11:54 - 2013-11-14 12:56 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2013-12-24 11:54 - 2013-11-14 12:56 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2013-12-24 11:54 - 2013-11-14 12:56 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll2013-12-24 11:54 - 2013-11-14 12:56 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll2013-12-24 11:54 - 2013-11-14 12:56 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2013-12-24 11:54 - 2013-11-14 12:56 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2013-12-24 11:54 - 2013-11-14 12:56 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2013-12-24 11:54 - 2013-11-14 12:56 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2013-12-24 11:54 - 2013-11-14 12:56 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2013-12-24 11:54 - 2013-11-14 12:56 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2013-12-24 11:54 - 2013-11-14 12:56 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2013-12-24 11:54 - 2013-11-14 12:56 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2013-12-24 11:54 - 2013-11-14 12:56 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2013-12-24 11:53 - 2013-12-24 11:53 - 00000000 ____D C:\NVIDIA2013-12-24 11:44 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2013-12-24 11:44 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll2013-12-24 09:43 - 2014-01-17 19:46 - 00016035 _____ C:\Windows\setupact.log2013-12-24 09:43 - 2013-12-24 09:43 - 00000000 _____ C:\Windows\setuperr.log2013-12-21 14:30 - 2013-12-21 14:31 - 38069411 _____ C:\Users\Maćko\Documents\FrequencyDomain_v0_5_PublicTestBuild_Windows.zip ==================== One Month Modified Files and Folders ======= 2014-01-17 19:53 - 2014-01-17 19:51 - 00010821 _____ C:\Users\Maćko\Desktop\FRST.txt2014-01-17 19:50 - 2014-01-17 19:50 - 00000000 ____D C:\FRST2014-01-17 19:50 - 2013-08-30 10:04 - 01641563 _____ C:\Windows\WindowsUpdate.log2014-01-17 19:49 - 2014-01-17 19:49 - 02075648 _____ (Farbar) C:\Users\Maćko\Desktop\FRST64.exe2014-01-17 19:47 - 2013-08-30 12:13 - 00000000 ___RD C:\Users\Maćko\Desktop\Maciek2014-01-17 19:46 - 2013-12-24 09:43 - 00016035 _____ C:\Windows\setupact.log2014-01-17 19:46 - 2013-08-30 14:03 - 00000000 ____D C:\ProgramData\NVIDIA2014-01-17 19:46 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2014-01-17 19:45 - 2013-12-25 09:35 - 00200300 _____ C:\Windows\PFRO.log2014-01-17 14:50 - 2014-01-17 14:50 - 00000000 ____D C:\Users\MaŠko2014-01-17 14:49 - 2013-08-31 08:24 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\uTorrent2014-01-17 14:37 - 2013-08-31 09:18 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update2014-01-17 08:29 - 2013-10-12 08:03 - 00000000 ___RD C:\Users\Maćko\Desktop\Programy2014-01-17 08:29 - 2013-09-15 19:52 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins2014-01-17 08:07 - 2014-01-17 08:07 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\Malwarebytes2014-01-17 08:06 - 2014-01-17 08:06 - 00000000 ____D C:\ProgramData\Malwarebytes2014-01-17 08:06 - 2014-01-17 08:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-01-16 21:10 - 2013-08-31 10:48 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\AIMP32014-01-16 21:09 - 2013-08-31 11:24 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\TS3Client2014-01-16 19:34 - 2013-08-31 09:56 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\.minecraft2014-01-16 18:47 - 2013-10-27 18:01 - 00000000 ____D C:\Users\Maćko\AppData\Local\PMB Files2014-01-16 18:47 - 2013-10-27 18:01 - 00000000 ____D C:\ProgramData\PMB Files2014-01-16 17:49 - 2014-01-16 17:49 - 00465200 _____ C:\Users\Maćko\AppData\Local\recently-used.xbel2014-01-16 17:49 - 2013-10-11 18:43 - 00000000 ____D C:\Users\Maćko\AppData\Local\gtk-2.02014-01-16 17:49 - 2013-09-15 21:18 - 00000000 ____D C:\Users\Maćko\.gimp-2.82014-01-16 17:25 - 2013-08-30 10:35 - 00000000 ____D C:\Program Files (x86)\Opera Next2014-01-16 07:22 - 2013-08-31 08:44 - 00740884 _____ C:\Windows\system32\perfh015.dat2014-01-16 07:22 - 2013-08-31 08:44 - 00155512 _____ C:\Windows\system32\perfc015.dat2014-01-16 07:22 - 2009-07-14 06:13 - 01671400 _____ C:\Windows\system32\PerfStringBackup.INI2014-01-15 15:45 - 2009-07-14 05:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-01-15 15:45 - 2009-07-14 05:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-01-14 18:03 - 2014-01-14 17:48 - 00000000 ____D C:\Program Files (x86)\Movavi Core 5.1.02014-01-14 17:59 - 2014-01-14 17:59 - 04995688 _____ (ffdshow ) C:\Users\Maćko\Downloads\ffdshow_rev4527_20131203_clsid_x64.exe2014-01-14 17:56 - 2014-01-14 17:56 - 02014270 _____ C:\Users\Maćko\Downloads\imagegrab_50en (1).zip2014-01-14 17:47 - 2014-01-14 17:45 - 110787120 _____ (Movavi) C:\Users\Maćko\Downloads\MovaviVideoEditorSetup.exe2014-01-12 10:16 - 2014-01-12 10:16 - 00664210 _____ C:\Users\Maćko\Downloads\Highly Visible Health Bars-40--3.zip2014-01-12 10:13 - 2014-01-12 10:13 - 04816740 _____ C:\Users\Maćko\Downloads\Recolored Gold-Hemmed Black Set-287-.7z2014-01-12 10:11 - 2014-01-12 10:11 - 00387050 _____ C:\Users\Maćko\Downloads\Metal Grass Crest Shield-349-0-9.rar2014-01-12 10:08 - 2014-01-12 10:08 - 00152310 _____ C:\Users\Maćko\Downloads\Flames of Dosh-464-1-0-0.zip2014-01-11 14:13 - 2014-01-11 14:12 - 06381290 _____ C:\Users\Maćko\Downloads\Dark Souls Flora Overhaul v05 Lower Res-56-.7z2014-01-11 13:00 - 2014-01-11 13:00 - 00707426 _____ C:\Users\Maćko\Downloads\Prepare to doge edition-507-1-0.zip2014-01-11 12:54 - 2014-01-11 12:53 - 59207358 _____ C:\Users\Maćko\Downloads\Fire Customization Pack - newest-159-2-1.zip2014-01-11 12:52 - 2014-01-11 12:52 - 00227451 _____ C:\Users\Maćko\Downloads\Black with handle ornament-155-1-0.zip2014-01-10 14:24 - 2013-09-10 14:09 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\DVDVideoSoft2014-01-10 14:24 - 2013-09-10 14:09 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft2014-01-10 14:02 - 2014-01-10 14:02 - 00008474 _____ C:\Windows\DPINST.LOG2014-01-10 14:02 - 2013-08-31 10:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information2014-01-04 13:38 - 2014-01-04 13:38 - 00000000 ____D C:\Users\Maćko\Documents\Games for Windows - LIVE Demos2014-01-04 10:10 - 2014-01-04 10:10 - 02014270 _____ C:\Users\Maćko\Downloads\imagegrab_50en.zip2014-01-04 10:03 - 2014-01-04 10:01 - 00000000 ____D C:\Program Files (x86)\SubEdit-Player2014-01-04 10:01 - 2014-01-04 10:00 - 07923239 _____ (Artur Sikora ) C:\Users\Maćko\Downloads\subedit+codecpack_b4072_install.exe2014-01-04 09:48 - 2014-01-04 09:47 - 32244744 _____ (DVDVideoSoft Ltd. ) C:\Users\Maćko\Downloads\FreeYouTubeDownload.exe2014-01-02 21:58 - 2014-01-02 21:58 - 00360385 _____ C:\Users\Maćko\Downloads\Kafka Franz - Proces (1936).mobi2014-01-02 21:57 - 2014-01-02 21:57 - 00535729 _____ C:\Users\Maćko\Downloads\Terry Pratchett - Świat Dysku - 22 - Ostatni Kontynent.mobi2014-01-02 21:57 - 2014-01-02 21:57 - 00226223 _____ C:\Users\Maćko\Downloads\Terry Pratchett - Świat Dysku - 27 - Ostatni bohater.mobi2014-01-02 21:54 - 2014-01-02 21:54 - 00556505 _____ C:\Users\Maćko\Downloads\Terry Pratchett - Świat Dysku - 17 - Ciekawe czasy.mobi2014-01-02 21:52 - 2014-01-02 21:52 - 00352714 _____ C:\Users\Maćko\Downloads\Ciekawe czasy - Terry Pratchett.epub2014-01-01 12:56 - 2014-01-01 09:45 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys2014-01-01 12:51 - 2014-01-01 12:51 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\AVAST Software2014-01-01 09:45 - 2013-08-31 09:18 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys2014-01-01 09:45 - 2013-08-31 09:18 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys2014-01-01 09:45 - 2013-08-31 09:18 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2014-01-01 09:45 - 2013-08-31 09:18 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys2014-01-01 09:45 - 2013-08-31 09:18 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys2014-01-01 09:45 - 2013-08-31 09:18 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2014-01-01 09:45 - 2013-08-31 09:18 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys2014-01-01 09:45 - 2013-08-31 08:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr2014-01-01 09:43 - 2013-08-31 09:18 - 00000000 _____ C:\Windows\SysWOW64\config.nt2014-01-01 09:43 - 2013-08-31 08:28 - 00000000 ____D C:\ProgramData\AVAST Software2013-12-31 16:32 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT2013-12-29 13:18 - 2013-12-29 13:18 - 00000000 ____D C:\Users\Maćko\AppData\Local\Auto Clicker2013-12-26 13:04 - 2013-12-26 13:04 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft2013-12-26 13:04 - 2013-08-30 12:13 - 00000000 ___RD C:\Users\Maćko\Desktop\Gry2013-12-25 09:35 - 2009-07-14 05:45 - 00351456 _____ C:\Windows\system32\FNTCACHE.DAT2013-12-24 14:52 - 2013-12-24 14:52 - 00004967 _____ C:\ProgramData\uxxadbmu.rlu2013-12-24 14:52 - 2013-12-24 14:52 - 00000000 ____D C:\Users\Maćko\AppData\Roaming\MOVAVI2013-12-24 14:50 - 2013-08-30 12:06 - 00085392 _____ C:\Users\Maćko\AppData\Local\GDIPFONTCACHEV1.DAT2013-12-24 12:00 - 2013-08-30 14:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation2013-12-24 11:54 - 2013-11-30 14:20 - 00000000 ____D C:\Users\Maćko\Documents\NBGI2013-12-24 11:53 - 2013-12-24 11:53 - 00000000 ____D C:\NVIDIA2013-12-24 09:43 - 2013-12-24 09:43 - 00000000 _____ C:\Windows\setuperr.log2013-12-24 09:26 - 2013-08-30 20:00 - 00000000 ____D C:\Windows\Panther2013-12-21 14:31 - 2013-12-21 14:30 - 38069411 _____ C:\Users\Maćko\Documents\FrequencyDomain_v0_5_PublicTestBuild_Windows.zip2013-12-19 14:11 - 2013-08-31 09:18 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys Some content of TEMP:====================C:\Users\Maćko\AppData\Local\Temp\nvSCPAPI.dllC:\Users\Maćko\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-30 10:01 ==================== End Of Log ============================ Addition.txt: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2014 02Ran by Maćko at 2014-01-17 19:53:43Running from C:\Users\Maćko\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== 2.0 (x32 Version: 2.0 - www.video-gif-converter.com)7-Zip 9.20 (x32 Version: - )7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)Adobe Reader XI (11.0.05) - Polish (x32 Version: 11.0.05 - Adobe Systems Incorporated)AIMP3 (x32 Version: v3.55.1324, 15.11.2013 - AIMP DevTeam)Airfix Dogfighter (x32 Version: - )Aktualizacje NVIDIA 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) HiddenAudacity 2.0.4 (x32 Version: 2.0.4 - Audacity Team)Auto Clicker v1.5 (x32 Version: 1.5 - MurGee.com)AutoHotkey 1.1.13.01 (Version: 1.1.13.01 - Lexikos)avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)Battlefield 3™ (x32 Version: 1.6.0.0 - Electronic Arts)Battlelog Web Plugins (x32 Version: 2.1.7 - EA Digital Illusions CE AB)CCleaner (Version: 4.05 - Piriform)ConvertHelper 2.2 (x32 Version: - DownloadHelper)Dark Souls: Prepare to Die Edition (x32 Version: - FromSoftware)DivX Setup (x32 Version: 2.6.1.84 - DivX, LLC)Europe MapleStory (x32 Version: - Nexon)Flashtool (x32 Version: 0.9.11.0 - Androxyde)Free Video to JPG Converter version 5.0.32.1230 (x32 Version: 5.0.32.1230 - DVDVideoSoft Ltd.)Free YouTube Download version 3.2.20.1230 (x32 Version: 3.2.20.1230 - DVDVideoSoft Ltd.)Free YouTube to MP3 Converter version 3.12.17.1127 (x32 Version: 3.12.17.1127 - DVDVideoSoft Ltd.)GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) HiddenGIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)Guitar Hero World Tour (x32 Version: 1.0 - Aspyr)HandBrake 0.9.9.1 (x32 Version: 0.9.9.1 - )Hotline Miami (x32 Version: 2.0.0.4 - GOG.com)Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJust Cause 2: Multiplayer Mod (x32 Version: - JC2-MP Team)LAME v3.99.3 (for Windows) (x32 Version: - )League of Legends (x32 Version: 3.0.1 - Riot Games)League of Legends (x32 Version: 3.0.1 - Riot Games) HiddenLeft 4 Dead 2 (x32 Version: - Valve)Malwarebytes Anti-Malware wersja 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)McPixel version 1.0.7 (x32 Version: 1.0.7 - Sos)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4 Client Profile PLK Language Pack (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4 Extended PLK Language Pack (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Access MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Excel MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Groove MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office InfoPath MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Language Pack 2010 - Polish/Polski (x32 Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office O MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office OneNote MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Outlook MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation)Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Proofing (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Publisher MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit MUI (Polish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office SharePoint Designer MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) HiddenMicrosoft Office Word MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office X MUI (Polish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0 - Microsoft Corporation)Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)Minecraft1.6.2 (x32 Version: - )Minecraft1.7.2 (x32 Version: - )Mirror's Edge (x32 Version: - DICE)Mozilla Firefox 26.0 (x86 pl) (x32 Version: 26.0 - Mozilla)Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) HiddenNVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Oprogramowanie systemu PhysX 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) HiddenNVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) HiddenNVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3182 - NVIDIA Corporation) HiddenNVIDIA Sterownik 3D Vision 331.82 (Version: 331.82 - NVIDIA Corporation)NVIDIA Sterownik dźwięku HD 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)NVIDIA Sterownik graficzny 331.82 (Version: 331.82 - NVIDIA Corporation)NVIDIA Sterownik kontrolera 3D Vision 331.82 (Version: 331.82 - NVIDIA Corporation)NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) HiddenNVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)Opera Next 19.0.1326.34 (x32 Version: 19.0.1326.34 - Opera Software ASA)Origin (x32 Version: 9.3.2.2730 - Electronic Arts, Inc.)Pando Media Booster (x32 Version: 2.6.0.9 - Pando Networks Inc.)Panel sterowania NVIDIA 331.82 (Version: 331.82 - NVIDIA Corporation) HiddenPapers, Please (x32 Version: 2.0.0.4 - GOG.com)Path of Exile (x32 Version: 1.0.1.29801 - Grinding Gear Games)Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)PowerISO (x32 Version: 5.7 - Power Software Ltd)PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873 - Realtek Semiconductor Corp.)Rogue Legacy (x32 Version: 2.0.0.4 - GOG.com)Sanctum (x32 Version: - Coffee Stain Studios)Scribblenauts Unlimited (x32 Version: - )SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) HiddenSid Meier's Civilization V (x32 Version: - 2K Games, Inc.)Skype™ 6.9 (x32 Version: 6.9.106 - Skype Technologies S.A.)Sony PC Companion 2.10.181 (x32 Version: 2.10.181 - Sony)System Requirements Lab CYRI (x32 Version: 6.0.8.0 - Husdawg, LLC)TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)Unity Web Player (HKCU Version: - Unity Technologies ApS)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)Uplay (x32 Version: 3.2 - Ubisoft)VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) HiddenWarhammer® 40,000™: Dawn of War® II (x32 Version: - Relic Entertainment)Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation) ==================== Restore Points ========================= 07-12-2013 19:31:16 Zainstalowany program DirectX13-12-2013 07:10:15 Zainstalowany program DirectX13-12-2013 16:43:52 Zainstalowany program DirectX17-12-2013 14:34:41 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.6061017-12-2013 14:35:57 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.6061024-12-2013 10:46:06 Zainstalowany program DirectX01-01-2014 08:43:42 avast! antivirus system restore point04-01-2014 12:31:27 Installed Microsoft Games for Windows - LIVE Redistributable ==================== Hosts content: ========================== 2009-07-14 03:34 - 2013-11-02 14:21 - 00000795 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {4D9838FB-86A1-404F-8E38-95EA544C1955} - System32\Tasks\{E60FF084-CF36-4AFE-8A33-BAD2FA6539D0} => E:\Program Files\MapleStory\GameLauncher.exeTask: {BFE241E2-1444-4E11-9CAB-5CF4DA7A744D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)Task: {D14BAE46-8951-4D7D-81C3-E391CD47C201} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-01] (AVAST Software) ==================== Loaded Modules (whitelisted) ============= 2013-08-30 14:02 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2014-01-17 14:37 - 2014-01-17 10:49 - 02155008 _____ () C:\Program Files\AVAST Software\Avast\defs\14011700\algo.dll2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll2014-01-01 09:45 - 2014-01-01 09:45 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= Name: Unknown DeviceDescription: Unknown DeviceClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standardowy kontroler hosta USB)Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43)Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors:==================Error: (01/17/2014 07:46:59 PM) (Source: NvStreamSvc) (User: )Description: NvStreamSvcNvVAD initialization failed [6] Error: (01/17/2014 07:46:59 PM) (Source: NvStreamSvc) (User: )Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (01/17/2014 02:37:03 PM) (Source: NvStreamSvc) (User: )Description: NvStreamSvcNvVAD initialization failed [6] Error: (01/17/2014 02:37:03 PM) (Source: NvStreamSvc) (User: )Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (01/17/2014 07:54:27 AM) (Source: NvStreamSvc) (User: )Description: NvStreamSvcNvVAD initialization failed [6] Error: (01/17/2014 07:54:27 AM) (Source: NvStreamSvc) (User: )Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (01/16/2014 06:22:03 PM) (Source: NvStreamSvc) (User: )Description: NvStreamSvcNvVAD initialization failed [6] Error: (01/16/2014 06:22:03 PM) (Source: NvStreamSvc) (User: )Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (01/16/2014 02:50:26 PM) (Source: NvStreamSvc) (User: )Description: NvStreamSvcNvVAD initialization failed [6] Error: (01/16/2014 02:50:26 PM) (Source: NvStreamSvc) (User: )Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] System errors:=============Error: (01/08/2014 06:19:31 PM) (Source: BROWSER) (User: )Description: Usługa przeglądarki zbyt wiele razy nie zdołała pobrać listy kopii zapasowych w transporcie \Device\NetBT_Tcpip_{48D565FA-71B4-4941-9809-C2B2C5287855}.Przeglądarka zapasowa jest zatrzymywana. Error: (01/08/2014 06:04:24 PM) (Source: bowser) (User: )Description: Przeglądarka główna odebrała anons serwera z komputera MICHAŁ-LAPTOP1.Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{48D565FA-71B4-4941-9809-C2B2C5287855}.Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (01/07/2014 05:37:05 PM) (Source: BROWSER) (User: )Description: Usługa przeglądarki zbyt wiele razy nie zdołała pobrać listy kopii zapasowych w transporcie \Device\NetBT_Tcpip_{48D565FA-71B4-4941-9809-C2B2C5287855}.Przeglądarka zapasowa jest zatrzymywana. Error: (01/07/2014 05:34:52 PM) (Source: bowser) (User: )Description: Przeglądarka główna odebrała anons serwera z komputera MICHAŁ-LAPTOP1.Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{48D565FA-71B4-4941-9809-C2B2C5287855}.Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (01/07/2014 05:33:56 PM) (Source: NetBT) (User: )Description: Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.0.2.Komputer o adresie IP 192.168.0.3 nie zezwolił na przejęcie tej nazwyprzez ten komputer. Error: (01/07/2014 03:29:28 PM) (Source: NetBT) (User: )Description: Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.0.2.Komputer o adresie IP 192.168.0.3 nie zezwolił na przejęcie tej nazwyprzez ten komputer. Error: (01/07/2014 03:05:51 PM) (Source: BROWSER) (User: )Description: Usługa przeglądarki zbyt wiele razy nie zdołała pobrać listy kopii zapasowych w transporcie \Device\NetBT_Tcpip_{48D565FA-71B4-4941-9809-C2B2C5287855}.Przeglądarka zapasowa jest zatrzymywana. Error: (01/05/2014 02:12:44 PM) (Source: Service Control Manager) (User: )Description: Nie można uruchomić usługi Windows Search z powodu następującego błędu: %%1053 Error: (01/05/2014 02:12:44 PM) (Source: DCOM) (User: )Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (01/05/2014 02:12:44 PM) (Source: Service Control Manager) (User: )Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Windows Search. Microsoft Office Sessions:=========================Error: (01/17/2014 07:46:59 PM) (Source: NvStreamSvc)(User: )Description: NvStreamSvcNvVAD initialization failed [6] Error: (01/17/2014 07:46:59 PM) (Source: NvStreamSvc)(User: )Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (01/17/2014 02:37:03 PM) (Source: NvStreamSvc)(User: )Description: NvStreamSvcNvVAD initialization failed [6] Error: (01/17/2014 02:37:03 PM) (Source: NvStreamSvc)(User: )Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (01/17/2014 07:54:27 AM) (Source: NvStreamSvc)(User: )Description: NvStreamSvcNvVAD initialization failed [6] Error: (01/17/2014 07:54:27 AM) (Source: NvStreamSvc)(User: )Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (01/16/2014 06:22:03 PM) (Source: NvStreamSvc)(User: )Description: NvStreamSvcNvVAD initialization failed [6] Error: (01/16/2014 06:22:03 PM) (Source: NvStreamSvc)(User: )Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (01/16/2014 02:50:26 PM) (Source: NvStreamSvc)(User: )Description: NvStreamSvcNvVAD initialization failed [6] Error: (01/16/2014 02:50:26 PM) (Source: NvStreamSvc)(User: )Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] CodeIntegrity Errors:=================================== Date: 2013-09-18 16:49:17.138 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\MAKO~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-18 16:49:17.064 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\MAKO~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-18 16:49:16.850 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-18 16:49:16.782 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-18 16:47:54.859 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\MAKO~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-18 16:47:54.791 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\MAKO~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-18 16:47:54.582 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-18 16:47:54.515 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 37%Total physical RAM: 4094.54 MBAvailable physical RAM: 2557.48 MBTotal Pagefile: 8187.26 MBAvailable Pagefile: 6686.48 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:195.31 GB) (Free:86.01 GB) NTFS ==>[Drive with boot components (obtained from BCD)]Drive d: () (Fixed) (Total:366.22 GB) (Free:43.35 GB) NTFSDrive e: () (Fixed) (Total:369.99 GB) (Free:323.68 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 38CDCA39)Partition 1: (Active) - (Size=195 GB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=736 GB) - (Type=OF Extended) ==================== End Of Log ============================
- January 17, 2014
- 8 replies
I am afraid that my computer is infected

Leoneq posted a topic in Resolved Malware Removal Logs

Someone from China tried to log in to my email this morning. Could you please check my logs? dds.txt: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.45.2Run by Maćko at 14:50:42 on 2014-01-17Microsoft Windows 7 Ultimate 6.1.7601.1.1250.48.1033.18.4095.2601 [GMT 1:00].AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exeC:\Windows\system32\rundll32.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\vsnpstd3.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exeC:\Program Files (x86)\PowerISO\PWRISOVM.EXEC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\servicing\TrustedInstaller.exeC:\Windows\system32\wuauclt.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Users\Maćko\Desktop\dds.scrC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uProxyOverride = <local>mWinlogon: Userinit = userinit.exeBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllmRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startupmRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesmRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exemRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOWmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /noguiuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000TCP: NameServer = 192.168.0.1TCP: Interfaces\{48D565FA-71B4-4941-9809-C2B2C5287855} : DHCPNameServer = 192.168.0.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllSSODL: WebCheck - <orphaned>x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"x64-Run: [snpstd3] C:\Windows\vsnpstd3.exex64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStartx64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Maćko\AppData\Roaming\Mozilla\Firefox\Profiles\4nabr79p.default\.============= SERVICES / DRIVERS ===============.R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-8-31 65776]R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-8-31 207904]R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-8-31 1034464]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-8-31 422216]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-8-31 78648]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-1-1 50344]R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-2 1494304]R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-9-2 15129376]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-1 79672]R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-12-24 39200]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-2 19456]S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-9-30 155824]S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-9-17 42184]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-2 57856].=============== Created Last 30 ================.2014-01-17 13:50:42 -------- d-----w- C:\Users\MaŠko\AppData\Local\Microsoft2014-01-17 07:07:08 -------- d-----w- C:\Users\Maćko\AppData\Roaming\Malwarebytes2014-01-17 07:06:54 -------- d-----w- C:\ProgramData\Malwarebytes2014-01-17 07:06:53 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2014-01-17 07:06:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-01-16 16:51:08 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C6A4731-56C5-48FB-ABF8-DD8024C162B7}\offreg.dll2014-01-14 16:48:33 -------- d-----w- C:\Program Files (x86)\Movavi Core 5.1.02014-01-04 09:01:49 -------- d-----w- C:\Program Files (x86)\SubEdit-Player2014-01-01 11:51:00 -------- d-----w- C:\Users\Maćko\AppData\Roaming\AVAST Software2014-01-01 08:45:42 79672 ----a-w- C:\Windows\System32\drivers\aswstm.sys2013-12-24 13:52:30 -------- d-----w- C:\Users\Maćko\AppData\Roaming\MOVAVI2013-12-24 10:53:03 -------- d-----w- C:\NVIDIA2013-12-24 10:44:58 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys2013-12-24 10:44:58 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll.==================== Find3M ====================.2014-01-01 08:45:32 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys2014-01-01 08:45:32 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2014-01-01 08:45:32 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys2014-01-01 08:45:32 43152 ----a-w- C:\Windows\avastSS.scr2014-01-01 08:45:32 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2014-01-01 08:45:32 1034464 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2013-12-15 12:53:50 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-12-15 12:53:50 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-12-10 02:13:11 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll2013-12-10 02:13:01 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll2013-11-11 15:02:02 6674208 ----a-w- C:\Windows\System32\nvcpl.dll2013-11-11 15:02:02 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll2013-11-11 15:01:59 922912 ----a-w- C:\Windows\System32\nvvsvc.exe2013-11-11 15:01:59 63776 ----a-w- C:\Windows\System32\nvshext.dll2013-11-11 15:01:59 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll2013-11-11 15:01:59 219424 ----a-w- C:\Windows\System32\nvmctray.dll2013-11-11 15:01:58 3467927 ----a-w- C:\Windows\System32\nvcoproc.bin2013-11-11 07:59:28 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe2013-11-02 08:42:59 92160 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe2013-11-02 08:42:59 77312 ----a-w- C:\Windows\System32\tdc.ocx2013-11-02 08:42:59 51200 ----a-w- C:\Windows\System32\imgutil.dll2013-11-02 08:42:59 48640 ----a-w- C:\Windows\System32\mshtmler.dll2013-11-02 08:42:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll2013-11-02 08:42:59 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-11-02 08:42:59 173568 ----a-w- C:\Windows\System32\ieUnatt.exe2013-11-02 08:42:59 13824 ----a-w- C:\Windows\System32\mshta.exe2013-11-02 08:42:59 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-11-02 08:42:59 135680 ----a-w- C:\Windows\System32\IEAdvpack.dll2013-11-02 08:35:58 1887232 ----a-w- C:\Windows\System32\d3d11.dll2013-11-02 08:35:58 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll2013-10-23 10:30:23 1884448 ----a-w- C:\Windows\System32\nvdispco6433165.dll2013-10-23 10:30:23 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433165.dll.============= FINISH: 14:51:24,77 =============== attach.txt:.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1Install Date: 2013-08-30 11:27:00System Uptime: 2014-01-17 14:35:43 (0 hours ago).Motherboard: EVGA | | 122-CK-NF68Processor: Intel® Core2 Duo CPU E7500 @ 2.93GHz | Socket 775 | 2933/267mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 195 GiB total, 86,04 GiB free.D: is FIXED (NTFS) - 366 GiB total, 43,351 GiB free.E: is FIXED (NTFS) - 370 GiB total, 315,15 GiB free.F: is CDROM ()G: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {36fc9e60-c465-11cf-8056-444553540000}Description: Unknown DeviceDevice ID: USB\VID_0000&PID_0000\5&4A03A84&0&8Manufacturer: (Standardowy kontroler hosta USB)Name: Unknown DevicePNP Device ID: USB\VID_0000&PID_0000\5&4A03A84&0&8Service: .==== System Restore Points ===================.RP57: 2013-12-07 20:31:16 - Zainstalowany program DirectXRP58: 2013-12-13 08:10:15 - Zainstalowany program DirectXRP59: 2013-12-13 17:43:52 - Zainstalowany program DirectXRP60: 2013-12-17 15:34:41 - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610RP61: 2013-12-17 15:35:57 - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610RP62: 2013-12-24 11:46:06 - Zainstalowany program DirectXRP63: 2014-01-01 09:43:42 - avast! antivirus system restore pointRP64: 2014-01-04 13:31:27 - Installed Microsoft Games for Windows - LIVE Redistributable.==== Installed Programs ======================.2.07-Zip 9.207-Zip 9.20 (x64 edition)Adobe Flash Player 11 PluginAdobe Reader XI (11.0.05) - PolishAIMP3Airfix DogfighterAktualizacje NVIDIA 10.11.15Audacity 2.0.4Auto Clicker v1.5AutoHotkey 1.1.13.01avast! Free AntivirusBattlefield 3™Battlelog Web PluginsCCleanerConvertHelper 2.2Dark Souls: Prepare to Die EditionDivX SetupEurope MapleStoryFlashtoolFree Video to JPG Converter version 5.0.32.1230Free YouTube Download version 3.2.20.1230Free YouTube to MP3 Converter version 3.12.17.1127GeForce Experience NvStream Client ComponentsGIMP 2.8.6Guitar Hero World TourHandBrake 0.9.9.1Hotline MiamiJava 7 Update 45Java Auto UpdaterJust Cause 2: Multiplayer ModLAME v3.99.3 (for Windows)League of LegendsLeft 4 Dead 2Malwarebytes Anti-Malware wersja 1.75.0.1300McPixel version 1.0.7Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 Client Profile PLK Language PackMicrosoft .NET Framework 4 ExtendedMicrosoft .NET Framework 4 Extended PLK Language PackMicrosoft Games for Windows - LIVE RedistributableMicrosoft Games for Windows MarketplaceMicrosoft Office Access MUI (English) 2010Microsoft Office Access MUI (Polish) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Excel MUI (Polish) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office Groove MUI (Polish) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office InfoPath MUI (Polish) 2010Microsoft Office Language Pack 2010 - Polish/PolskiMicrosoft Office O MUI (Polish) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office OneNote MUI (Polish) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office Outlook MUI (Polish) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office PowerPoint MUI (Polish) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (German) 2010Microsoft Office Proof (Polish) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Proofing (Polish) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Publisher MUI (Polish) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit MUI (Polish) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared MUI (Polish) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office SharePoint Designer MUI (Polish) 2010Microsoft Office Word MUI (English) 2010Microsoft Office Word MUI (Polish) 2010Microsoft Office X MUI (Polish) 2010Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610Microsoft XNA Framework Redistributable 3.1Microsoft XNA Framework Redistributable 4.0Minecraft1.6.2Minecraft1.7.2Mirror's EdgeMozilla Firefox 26.0 (x86 pl)Mozilla Maintenance ServiceNVIDIA GeForce Experience 1.8.1NVIDIA Install ApplicationNVIDIA LED Visualizer 1.0NVIDIA Network ServiceNVIDIA Oprogramowanie systemu PhysX 9.13.0725NVIDIA PhysXNVIDIA ShadowPlay 10.11.15NVIDIA Stereoscopic 3D DriverNVIDIA Sterownik 3D Vision 331.82NVIDIA Sterownik dźwięku HD 1.3.26.4NVIDIA Sterownik graficzny 331.82NVIDIA Sterownik kontrolera 3D Vision 331.82NVIDIA Update CoreNVIDIA Virtual Audio 1.2.19Opera Next 19.0.1326.34OriginPando Media BoosterPanel sterowania NVIDIA 331.82Papers, PleasePath of ExilePolski pakiet językowy dla programu Microsoft .NET Framework 4 Client ProfilePolski pakiet językowy dla programu Microsoft .NET Framework 4 ExtendedPowerISOPunkBuster ServicesRealtek High Definition Audio DriverRogue LegacySanctumScribblenauts UnlimitedSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)SHIELD StreamingSid Meier's Civilization VSkype™ 6.9Sony PC Companion 2.10.181System Requirements Lab CYRITeamSpeak 3 ClientUnity Web PlayerUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)UplayVC80CRTRedist - 8.0.50727.6195Warhammer® 40,000™: Dawn of War® IIWindows Live ID Sign-in Assistant.==== End Of File =========================== Here is also MBAM log: Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Wersja bazy: v2014.01.17.02 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16721Maćko :: MÓJKOMPUTEREK [administrator] 2014-01-17 08:07:57MBAM-log-2014-01-17 (10-30-55).txt Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|)Zaznaczone opcje skanowania: Pamięć | Rozruch | Rejestr | System plików | Heurystyka/Dodatkowe | Heuristyka/Shuriken | PUP | PUMOdznaczone opcje skanowania: P2PPrzeskanowano obiektów: 633614Upłynęło: 1 godzin(y), 27 minut(y), 50 sekund(y) Wykrytych procesów w pamięci: 0(Nie znaleziono zagrożeń) Wykrytych modułów w pamięci: 0(Nie znaleziono zagrożeń) Wykrytych kluczy rejestru: 0(Nie znaleziono zagrożeń) Wykrytych wartości rejestru: 0(Nie znaleziono zagrożeń) Wykryte wpisy rejestru systemowego: 0(Nie znaleziono zagrożeń) wykrytych folderów: 0(Nie znaleziono zagrożeń) Wykrytych plików: 10C:\System Volume Information\_restore{C72BADE5-7302-4565-8C04-737F50690FD9}\RP18\A0007862.exe (PUP.Optional.OpenCandy) -> Nie wykonano akcji.C:\System Volume Information\_restore{C72BADE5-7302-4565-8C04-737F50690FD9}\RP27\A0010627.exe (PUP.Optional.InstallCore) -> Nie wykonano akcji.C:\System Volume Information\_restore{C72BADE5-7302-4565-8C04-737F50690FD9}\RP27\A0010628.exe (PUP.Optional.InstallCore) -> Nie wykonano akcji.C:\System Volume Information\_restore{C72BADE5-7302-4565-8C04-737F50690FD9}\RP41\A0020556.exe (PUP.Optional.OpenCandy.A) -> Nie wykonano akcji.C:\Users\Maćko\Downloads\FreeVideoToJPGConverter.exe (PUP.Optional.OpenCandy) -> Nie wykonano akcji.E:\System Volume Information\_restore{C72BADE5-7302-4565-8C04-737F50690FD9}\RP65\A0028919.dll (VirTool.Obfuscator) -> Nie wykonano akcji. (zakończone)
- January 17, 2014
- 8 replies

Sign In

Leoneq

Posts

Joined

Last visited

Reputation

I am afraid that my computer is infected

I am afraid that my computer is infected

I am afraid that my computer is infected

I am afraid that my computer is infected

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information