Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-08-2014 Ran by Nordvendor (administrator) on GONDOLIN on 30-08-2014 13:32:03 Running from C:\Users\Nordvendor\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe ( ) C:\Program Files (x86)\ChomikBox\chomikbox.exe (Akamai Technologies, Inc.) C:\Users\Nordvendor\AppData\Local\Akamai\netsession_win.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Akamai Technologies, Inc.) C:\Users\Nordvendor\AppData\Local\Akamai\netsession_win.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe (PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (FS) C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe (TeamViewer GmbH) C:\Users\Nordvendor\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Service_2014-08-30-13-25-00.exe (Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\perfmon.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (TeamViewer GmbH) C:\Users\Nordvendor\AppData\Local\Temp\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Users\Nordvendor\AppData\Local\Temp\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Users\Nordvendor\AppData\Local\Temp\TeamViewer\Version9\tv_x64.exe (TeamViewer GmbH) C:\Users\Nordvendor\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Desktop.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe () C:\Program Files (x86)\Opera\23.0.1522.77\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Farbar) C:\Users\Nordvendor\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET) HKU\S-1-5-21-2533098151-3437752045-1647021541-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) HKU\S-1-5-21-2533098151-3437752045-1647021541-1001\...\Run: [ChomikBox] => C:\Program Files (x86)\ChomikBox\chomikbox.exe [6033408 2014-03-18] ( ) HKU\S-1-5-21-2533098151-3437752045-1647021541-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Nordvendor\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-2533098151-3437752045-1647021541-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google) HKU\S-1-5-21-2533098151-3437752045-1647021541-1001\...\MountPoints2: D - D:\Launcher.exe HKU\S-1-5-21-2533098151-3437752045-1647021541-1001\...\MountPoints2: J - J:\Launcher.exe HKU\S-1-5-21-2533098151-3437752045-1647021541-1001\...\MountPoints2: {0e4a7da7-68a2-11e3-acbd-1078d27ccdc0} - K:\iStudio.exe HKU\S-1-5-21-2533098151-3437752045-1647021541-1001\...\MountPoints2: {35575729-9805-11e1-9506-1078d27ccdc0} - M:\iStudio.exe HKU\S-1-5-21-2533098151-3437752045-1647021541-1001\...\MountPoints2: {763adcc0-deb9-11e0-8b94-806e6f6e6963} - L:\Setup.exe HKU\S-1-5-21-2533098151-3437752045-1647021541-1001\...\MountPoints2: {763ade30-deb9-11e0-8b94-1078d27ccdc0} - M:\Browse.exe HKU\S-1-5-21-2533098151-3437752045-1647021541-1001\...\MountPoints2: {db5fdd89-4adc-11e3-939c-1078d27ccdc0} - J:\Setup.exe AppInit_DLLs: C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL => C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL File Not Found AppInit_DLLs-x32: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll => "c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll" File Not Found AppInit_DLLs-x32: c:\progra~2\pc_boo~1\assist~1.dll => "c:\progra~2\pc_boo~1\assist~1.dll" File Not Found ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nordvendor\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nordvendor\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nordvendor\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nordvendor\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: {6570C58B-C08B-46AD-AA82-2369B0D1B627} -> MacDrive volume icons => No File ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nordvendor\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nordvendor\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nordvendor\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nordvendor\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=166 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://emachines.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ SearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {6319CC73-A495-4FD0-8094-0CFB7679FE4D} URL = http://rts.dsrlte.com/?q={searchTerms}&r=890 SearchScopes: HKCU - {6A8E813D-8793-4D00-8B3D-FF82F76F09DA} URL = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100474&mntrId=006a53690000000000001078d27ccdc0 BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) BHO-x32: ALLYouTubeDownloader -> {61DB16C5-B733-43F4-872E-B20DC9E72740} -> C:\Program Files (x86)\ALLYouTubeDownloader\ALLYouTubeDownloader.dll (ALLCinema Ltd.) BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO-x32: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 87.204.204.204 62.233.233.233 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nordvendor\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-08-26] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-02-05] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR Profile: C:\Users\Nordvendor\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dysk Google) - C:\Users\Nordvendor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-15] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Nordvendor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-03-29] CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\NORDVE~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-08-03] CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Nordvendor\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-05] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-02-05] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET) R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [220504 2013-08-22] (Garmin Ltd or its subsidiaries) R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated) S2 HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [2070792 2013-10-25] (BinarySense, Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 MacDrive8ServiceD; C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe [167424 2010-06-07] (Mediafour Corporation) [File not signed] S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53337 2006-04-27] (Sony Corporation) [File not signed] S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4680528 2011-08-10] (INCA Internet Co., Ltd.) [File not signed] R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2646528 2010-10-21] (PACE Anti-Piracy, Inc.) [File not signed] S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [49241 2006-04-27] (Sony Corporation) [File not signed] R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-06-01] () R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69718 2006-04-27] (Sony Corporation) [File not signed] R2 SpyroService; C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe [48128 2012-01-31] (FS) [File not signed] S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [69632 2006-05-08] (Sony Corporation) [File not signed] R2 TeamViewer9; c:\Users\Nordvendor\AppData\Local\Temp\teamviewer\Version9\TeamViewer_Service.exe [4670272 2014-08-06] (TeamViewer GmbH) R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group) S2 248642b4; "C:\Windows\system32\rundll32.exe" "c:\progra~2\pc_boo~1\AssistantSvc.dll",service ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2013-08-03] () R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-11] (AVG Technologies) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed] S2 hwpsgt; C:\Windows\SysWOW64\DRIVERS\hwpsgt.sys [137344 2012-01-09] () [File not signed] S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [164736 2012-11-02] (ITE ) R3 L6UX1; C:\Windows\System32\Drivers\L6UX164.sys [772864 2013-07-11] (Line 6) S2 lemsgt; C:\Windows\SysWOW64\DRIVERS\lemsgt.sys [9472 2012-01-09] () [File not signed] R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-07-27] () R0 MDFSYSNT; C:\Windows\System32\Drivers\MDFSYSNT.sys [306280 2010-05-18] (Mediafour Corporation) R0 MDPMGRNT; C:\Windows\System32\DRIVERS\MDPMGRNT.SYS [32352 2010-05-05] (Mediafour Corporation) S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) [File not signed] R1 {3de9eb9c-a833-42cb-b66f-841b954aebef}w64; C:\Windows\System32\drivers\{3de9eb9c-a833-42cb-b66f-841b954aebef}w64.sys [61112 2014-06-09] (StdLib) S3 dump_wmimmc; \??\C:\-------- GRY --------\cabal online\GameGuard\dump_wmimmc.sys [X] S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-30 13:34 - 2014-08-30 13:34 - 00602112 _____ (OldTimer Tools) C:\Users\Nordvendor\Downloads\OTL.exe 2014-08-30 13:32 - 2014-08-30 13:33 - 00021524 _____ () C:\Users\Nordvendor\Downloads\FRST.txt 2014-08-30 13:30 - 2014-08-30 13:30 - 02103808 _____ (Farbar) C:\Users\Nordvendor\Downloads\FRST64 (1).exe 2014-08-30 13:29 - 2014-08-30 13:29 - 00415232 _____ (Farbar) C:\Users\Nordvendor\Downloads\FSS.exe 2014-08-30 13:27 - 2014-08-30 13:27 - 04697376 _____ (TeamViewer) C:\Users\Nordvendor\Downloads\TeamViewerQS_pl-idc9k2j6kg (2).exe 2014-08-30 13:27 - 2014-08-30 13:27 - 02103808 _____ (Farbar) C:\Users\Nordvendor\Downloads\FRST64.exe 2014-08-30 13:22 - 2014-08-30 13:22 - 00001140 _____ () C:\Windows\PFRO.log 2014-08-30 12:58 - 2014-08-30 12:58 - 00623224 _____ (Duplex Secure Ltd.) C:\Users\Nordvendor\Downloads\SPTDinst-v186-x64.exe 2014-08-30 10:57 - 2014-08-30 10:57 - 04697376 _____ (TeamViewer) C:\Users\Nordvendor\Downloads\TeamViewerQS_pl-idc9k2j6kg (1).exe 2014-08-28 22:33 - 2014-08-28 22:33 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{498A4B19-0511-42DE-BD0B-F9C8F71423C9} 2014-08-28 20:45 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 20:45 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 20:45 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-26 16:04 - 2014-08-30 13:22 - 00000336 _____ () C:\Windows\setupact.log 2014-08-26 16:04 - 2014-08-26 16:04 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-26 16:03 - 2014-08-26 16:03 - 00003488 ____N () C:\bootsqm.dat 2014-08-26 15:33 - 2014-08-26 15:33 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\ESET 2014-08-26 15:26 - 2014-08-26 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2014-08-26 15:26 - 2014-08-26 15:26 - 00000000 ____D () C:\ProgramData\ESET 2014-08-26 15:26 - 2014-08-26 15:26 - 00000000 ____D () C:\Program Files\ESET 2014-08-26 15:24 - 2014-08-26 15:24 - 01695680 _____ (ESET) C:\Users\Nordvendor\Downloads\eset_nod32_antivirus_live_installer_.exe 2014-08-26 15:14 - 2014-08-26 15:14 - 00201064 _____ () C:\Users\Nordvendor\Documents\cc_20140826_151440.reg 2014-08-26 15:04 - 2014-08-26 15:04 - 00000000 ____D () C:\Program Files (x86)\SaveNNewaoAAppz 2014-08-26 14:47 - 2014-08-26 18:30 - 00000000 ____D () C:\ProgramData\NeXtCoup 2014-08-26 14:47 - 2014-08-26 16:10 - 00000000 ____D () C:\Program Files (x86)\NeXtCoup 2014-08-26 12:58 - 2014-08-26 12:58 - 00000000 ____D () C:\Program Files (x86)\ExstrraSauvuiinegs 2014-08-26 12:47 - 2014-08-26 12:47 - 00000000 ____D () C:\Program Files (x86)\ALlSaver 2014-08-26 12:18 - 2014-08-26 12:19 - 71143424 _____ () C:\Users\Nordvendor\Downloads\eav_nt64_plk.msi 2014-08-26 11:55 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-26 11:55 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-26 11:55 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-26 11:55 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-26 11:55 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-26 11:55 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-26 11:55 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-26 11:55 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-26 11:55 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-26 11:55 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-26 11:53 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-26 11:53 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-26 11:53 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-26 11:53 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-08-26 00:13 - 2014-08-26 00:14 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{00533791-2057-4740-8FC3-90C7A942B464} 2014-08-24 23:53 - 2014-08-24 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX 2014-08-24 20:48 - 2014-08-24 20:48 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{C4993B5B-4D03-4AFA-BFA9-01A674D929ED} 2014-08-22 19:00 - 2014-08-22 19:00 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{3330768C-89A8-490E-83A4-78BF4C366A19} 2014-08-21 14:51 - 2014-08-21 15:22 - 04370095 _____ ( ) C:\Users\Nordvendor\Downloads\MightyQuestSetup_244067 (1).exe 2014-08-21 14:31 - 2014-08-21 14:34 - 00000000 ____D () C:\Program Files (x86)\The Mighty Quest For Epic Loot 2014-08-21 14:31 - 2014-08-21 14:31 - 00001391 _____ () C:\Users\Public\Desktop\The Mighty Quest For Epic Loot.lnk 2014-08-21 14:31 - 2014-08-21 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Mighty Quest For Epic Loot 2014-08-21 14:27 - 2014-08-21 14:30 - 30012912 _____ ( ) C:\Users\Nordvendor\Downloads\MightyQuestSetup_244067.exe 2014-08-21 10:38 - 2014-08-21 10:38 - 00000000 ____D () C:\Users\Nordvendor\Desktop\zdjecia 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{9744FB47-47CA-480E-835C-F5821AC46D75} 2014-08-21 10:23 - 2014-08-21 10:23 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\Adobe 2014-08-21 01:03 - 2014-08-21 01:03 - 00000000 ____D () C:\Users\Nordvendor\Documents\SelfMV 2014-08-21 01:02 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll 2014-08-21 00:58 - 2014-08-21 00:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec 2014-08-21 00:58 - 2014-08-21 00:58 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec 2014-08-21 00:52 - 2014-06-16 08:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2014-08-21 00:52 - 2014-06-16 08:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2014-08-21 00:48 - 2013-12-30 03:54 - 00233472 _____ (Teruten) C:\Windows\SysWOW64\FsUsbExService.Exe 2014-08-21 00:48 - 2013-12-30 03:54 - 00037344 _____ () C:\Windows\SysWOW64\FsUsbExDisk.Sys 2014-08-21 00:48 - 2012-11-28 15:21 - 00110592 _____ () C:\Windows\SysWOW64\FsUsbExDevice.Dll 2014-08-21 00:42 - 2014-08-21 00:42 - 00000000 ____D () C:\Users\Public\Documents\CrashDump 2014-08-18 20:19 - 2014-08-26 16:04 - 00000000 ____D () C:\ProgramData\SaveNNewaoAAppz 2014-08-17 21:39 - 2014-08-17 21:40 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{95117EE5-F537-4796-A754-35DF8A441078} 2014-08-15 12:16 - 2014-08-15 12:17 - 00000000 ____D () C:\Users\Nordvendor\Documents\Moje dzieła SPORE 2014-08-15 12:14 - 2014-08-15 12:17 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\SPORE 2014-08-14 20:48 - 2014-08-14 20:49 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{004CF47E-495C-434A-AD94-5D1FB3720309} 2014-08-14 00:57 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-14 00:57 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-14 00:57 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-14 00:57 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-14 00:57 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-14 00:57 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-14 00:56 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-14 00:56 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-13 21:39 - 2014-08-17 21:48 - 00001954 _____ () C:\Users\Nordvendor\Desktop\Technic Launcher 15 — skrót.lnk 2014-08-13 21:38 - 2014-08-13 21:40 - 00000000 ____D () C:\Users\Nordvendor\Downloads\Minecraft Hexxit 2014-08-13 21:38 - 2014-08-13 21:38 - 02196333 _____ () C:\Users\Nordvendor\Downloads\Minecraft Hexxit.zip 2014-08-13 21:18 - 2014-08-13 21:19 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{56ACFA08-4A7E-4C4E-B264-FC75D0905DCE} 2014-08-13 20:58 - 2014-08-13 21:39 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\.technic 2014-08-13 20:58 - 2014-08-13 20:58 - 02346942 _____ () C:\Users\Nordvendor\Downloads\TechnicLauncher.exe 2014-08-13 17:26 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-13 17:26 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-13 17:26 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-13 17:26 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-13 17:26 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-13 17:26 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-13 17:26 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-13 17:26 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-13 17:26 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-13 17:26 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-13 17:26 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-13 17:26 - 2014-07-24 11:37 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-08-13 17:26 - 2014-07-24 11:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-08-13 17:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-08-13 17:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-08-13 17:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-08-13 17:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-08-13 17:26 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-08-13 17:26 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-08-13 17:26 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-08-13 17:26 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-08-13 17:26 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-08-13 17:26 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-08-13 17:26 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-08-13 17:26 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-08-13 17:25 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-13 17:25 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-13 17:25 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-13 17:25 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-13 17:25 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-13 17:25 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-13 17:25 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-13 17:25 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-13 17:25 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-13 17:25 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-13 17:25 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-13 17:25 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-13 17:25 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-13 17:25 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-13 17:25 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-13 17:25 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-11 16:29 - 2014-08-26 14:58 - 00000000 ____D () C:\ProgramData\ALlSaver 2014-08-10 18:13 - 2014-08-10 18:13 - 00000000 ____D () C:\ProgramData\ihmkapnfhloicabfpficfgnkfkldhalc 2014-08-09 20:49 - 2014-08-09 20:49 - 00001777 _____ () C:\Users\Nordvendor\Desktop\PokeGen — skrót.lnk 2014-08-09 19:51 - 2014-08-09 19:51 - 02597802 _____ () C:\Users\Nordvendor\Downloads\PokeGen.rar 2014-08-09 19:24 - 2014-08-09 20:22 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\WpfApplication1 2014-08-09 19:24 - 2014-08-09 19:24 - 00000000 ____D () C:\Users\Nordvendor\Desktop\pokemon gen 2014-08-07 12:37 - 2014-08-07 12:38 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{734D4767-0F56-47B2-90D4-8DB69C83FD3E} 2014-08-06 21:09 - 2014-08-06 21:09 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\.mono 2014-08-06 21:09 - 2014-08-06 21:09 - 00000000 ____D () C:\ProgramData\.mono 2014-08-04 18:33 - 2014-08-04 18:33 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{CED3E336-6428-49BF-A387-8DF1F432F813} 2014-08-04 14:00 - 2014-08-26 14:58 - 00000000 ____D () C:\ProgramData\ExstrraSauvuiinegs 2014-08-03 19:26 - 2014-08-03 19:26 - 00001693 _____ () C:\Users\Nordvendor\Desktop\Dysk Google.lnk 2014-08-03 19:25 - 2014-08-30 13:23 - 00000000 ___RD () C:\Users\Nordvendor\Dysk Google 2014-08-03 19:24 - 2014-08-03 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-08-03 19:23 - 2014-08-03 19:23 - 00895120 _____ (Google Inc.) C:\Users\Nordvendor\Downloads\googledrivesync.exe 2014-08-03 19:14 - 2014-08-03 19:16 - 43507528 _____ (ALLPlayer ) C:\Users\Nordvendor\Downloads\ALLPlayerPL (1).exe 2014-08-01 16:45 - 2014-08-01 16:46 - 43510184 _____ (ALLPlayer ) C:\Users\Nordvendor\Downloads\ALLPlayerPL.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-30 13:34 - 2014-08-30 13:34 - 00602112 _____ (OldTimer Tools) C:\Users\Nordvendor\Downloads\OTL.exe 2014-08-30 13:33 - 2014-08-30 13:32 - 00021524 _____ () C:\Users\Nordvendor\Downloads\FRST.txt 2014-08-30 13:32 - 2014-01-19 14:25 - 00000000 ____D () C:\FRST 2014-08-30 13:31 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-30 13:31 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-30 13:30 - 2014-08-30 13:30 - 02103808 _____ (Farbar) C:\Users\Nordvendor\Downloads\FRST64 (1).exe 2014-08-30 13:29 - 2014-08-30 13:29 - 00415232 _____ (Farbar) C:\Users\Nordvendor\Downloads\FSS.exe 2014-08-30 13:27 - 2014-08-30 13:27 - 04697376 _____ (TeamViewer) C:\Users\Nordvendor\Downloads\TeamViewerQS_pl-idc9k2j6kg (2).exe 2014-08-30 13:27 - 2014-08-30 13:27 - 02103808 _____ (Farbar) C:\Users\Nordvendor\Downloads\FRST64.exe 2014-08-30 13:24 - 2013-12-19 15:08 - 00007662 _____ () C:\Users\Nordvendor\AppData\Local\Resmon.ResmonCfg 2014-08-30 13:23 - 2014-08-03 19:25 - 00000000 ___RD () C:\Users\Nordvendor\Dysk Google 2014-08-30 13:23 - 2012-12-03 14:51 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\ChomikBox 2014-08-30 13:23 - 2012-12-03 14:51 - 00000000 ____D () C:\Users\Nordvendor\.gstreamer-0.10 2014-08-30 13:23 - 2011-10-10 00:24 - 00000000 ____D () C:\ProgramData\TEMP 2014-08-30 13:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-30 13:22 - 2014-08-30 13:22 - 00001140 _____ () C:\Windows\PFRO.log 2014-08-30 13:22 - 2014-08-26 16:04 - 00000336 _____ () C:\Windows\setupact.log 2014-08-30 13:20 - 2013-09-18 23:16 - 01416079 _____ () C:\Windows\WindowsUpdate.log 2014-08-30 12:58 - 2014-08-30 12:58 - 00623224 _____ (Duplex Secure Ltd.) C:\Users\Nordvendor\Downloads\SPTDinst-v186-x64.exe 2014-08-30 12:58 - 2011-10-10 00:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-08-30 10:57 - 2014-08-30 10:57 - 04697376 _____ (TeamViewer) C:\Users\Nordvendor\Downloads\TeamViewerQS_pl-idc9k2j6kg (1).exe 2014-08-30 01:42 - 2014-02-08 16:42 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-08-29 23:39 - 2009-07-14 06:45 - 00340952 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-28 22:33 - 2014-08-28 22:33 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{498A4B19-0511-42DE-BD0B-F9C8F71423C9} 2014-08-28 22:33 - 2011-08-09 22:58 - 00078008 _____ () C:\Users\Nordvendor\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-27 22:05 - 2010-11-30 02:00 - 00750048 _____ () C:\Windows\system32\perfh015.dat 2014-08-27 22:05 - 2010-11-30 02:00 - 00161526 _____ () C:\Windows\system32\perfc015.dat 2014-08-27 22:05 - 2009-07-14 07:13 - 01699290 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-27 12:47 - 2013-11-10 00:29 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\vlc 2014-08-27 12:40 - 2013-04-25 12:36 - 00000000 ____D () C:\nordvendor 2014-08-27 11:57 - 2011-09-23 00:42 - 00000087 _____ () C:\Windows\SysWOW64\ssprs.tgz 2014-08-27 11:57 - 2011-09-23 00:42 - 00000073 _____ () C:\Windows\SysWOW64\ssprs.dll 2014-08-27 11:56 - 2011-09-23 00:42 - 00000219 _____ () C:\Windows\SysWOW64\lsprst7.tgz 2014-08-27 11:56 - 2011-09-23 00:42 - 00000205 _____ () C:\Windows\SysWOW64\lsprst7.dll 2014-08-26 21:45 - 2014-03-25 20:00 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\.minecraftzyczu 2014-08-26 21:45 - 2013-05-27 09:47 - 00000000 ____D () C:\Windows\pss 2014-08-26 21:44 - 2014-07-25 19:28 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\Akamai 2014-08-26 21:44 - 2014-03-28 01:07 - 00000000 ____D () C:\ProgramData\Licenses 2014-08-26 21:44 - 2011-09-14 12:05 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-08-26 21:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-08-26 20:47 - 2014-07-28 11:08 - 00000000 ____D () C:\Program Files (x86)\PC_Booster 2014-08-26 18:30 - 2014-08-26 14:47 - 00000000 ____D () C:\ProgramData\NeXtCoup 2014-08-26 17:13 - 2011-08-15 13:00 - 00000000 ____D () C:\Program Files\CCleaner 2014-08-26 16:10 - 2014-08-26 14:47 - 00000000 ____D () C:\Program Files (x86)\NeXtCoup 2014-08-26 16:04 - 2014-08-26 16:04 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-26 16:04 - 2014-08-18 20:19 - 00000000 ____D () C:\ProgramData\SaveNNewaoAAppz 2014-08-26 16:03 - 2014-08-26 16:03 - 00003488 ____N () C:\bootsqm.dat 2014-08-26 15:33 - 2014-08-26 15:33 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\ESET 2014-08-26 15:26 - 2014-08-26 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2014-08-26 15:26 - 2014-08-26 15:26 - 00000000 ____D () C:\ProgramData\ESET 2014-08-26 15:26 - 2014-08-26 15:26 - 00000000 ____D () C:\Program Files\ESET 2014-08-26 15:24 - 2014-08-26 15:24 - 01695680 _____ (ESET) C:\Users\Nordvendor\Downloads\eset_nod32_antivirus_live_installer_.exe 2014-08-26 15:16 - 2011-09-14 00:20 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\DAEMON Tools Lite 2014-08-26 15:16 - 2011-08-10 00:57 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\CrashDumps 2014-08-26 15:16 - 2007-07-12 03:49 - 00000000 ____D () C:\Windows\Panther 2014-08-26 15:14 - 2014-08-26 15:14 - 00201064 _____ () C:\Users\Nordvendor\Documents\cc_20140826_151440.reg 2014-08-26 15:11 - 2011-08-10 12:31 - 00000000 ____D () C:\Program Files (x86)\Play 2014-08-26 15:10 - 2011-08-10 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play 2014-08-26 15:09 - 2011-08-13 15:51 - 00000000 ____D () C:\Program Files\AidemMedia 2014-08-26 15:07 - 2013-11-26 23:48 - 00000000 ____D () C:\Program Files (x86)\IK Multimedia 2014-08-26 15:07 - 2011-09-14 00:31 - 00000000 ____D () C:\Program Files (x86)\VstPlugins 2014-08-26 15:07 - 2011-08-22 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2014-08-26 15:07 - 2011-08-22 20:48 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\Samsung 2014-08-26 15:07 - 2011-08-22 20:48 - 00000000 ____D () C:\ProgramData\Samsung 2014-08-26 15:07 - 2011-08-22 20:48 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-08-26 15:07 - 2010-09-10 13:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-08-26 15:06 - 2012-05-14 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-RackS 24 2014-08-26 15:04 - 2014-08-26 15:04 - 00000000 ____D () C:\Program Files (x86)\SaveNNewaoAAppz 2014-08-26 15:04 - 2014-07-28 11:07 - 00000000 ____D () C:\ProgramData\a1b1058965f87030 2014-08-26 14:58 - 2014-08-11 16:29 - 00000000 ____D () C:\ProgramData\ALlSaver 2014-08-26 14:58 - 2014-08-04 14:00 - 00000000 ____D () C:\ProgramData\ExstrraSauvuiinegs 2014-08-26 14:58 - 2014-07-28 11:07 - 00000000 ____D () C:\ProgramData\pRIccechopp 2014-08-26 14:47 - 2014-07-28 11:07 - 00000266 __RSH () C:\ProgramData\ntuser.pol 2014-08-26 14:47 - 2014-07-28 11:07 - 00000000 ____D () C:\Program Files (x86)\pRIccechopp 2014-08-26 14:46 - 2014-02-02 01:05 - 00000000 ____D () C:\Program Files\PeerBlock 2014-08-26 14:43 - 2013-05-10 23:07 - 00000000 ____D () C:\Program Files (x86)\Native Instruments 2014-08-26 14:43 - 2011-11-16 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Komputerowa Gratka 3D (seria) 2014-08-26 14:43 - 2011-11-16 10:49 - 00000000 ____D () C:\Program Files (x86)\Komputerowa Gratka 3D (seria) 2014-08-26 14:42 - 2013-10-10 14:54 - 00000000 ____D () C:\ProgramData\MAGIX 2014-08-26 14:42 - 2013-05-10 23:07 - 00000000 ____D () C:\Users\Nordvendor\Documents\Native Instruments 2014-08-26 14:42 - 2013-05-10 23:07 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments Absynth 4 2014-08-26 14:42 - 2013-05-10 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments Absynth 4 2014-08-26 14:39 - 2011-08-13 14:20 - 00000000 ____D () C:\Program Files (x86)\AidemMedia 2014-08-26 14:39 - 2011-08-10 01:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AidemMedia 2014-08-26 14:37 - 2013-01-30 13:51 - 00000000 ____D () C:\Program Files (x86)\LEGO Media 2014-08-26 14:37 - 2011-09-11 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Media 2014-08-26 14:37 - 2011-08-24 19:32 - 00000016 _____ () C:\Windows\compedia.ini 2014-08-26 14:36 - 2011-12-18 21:44 - 00000000 ____D () C:\Program Files (x86)\Techland 2014-08-26 14:36 - 2011-08-14 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Techland 2014-08-26 14:35 - 2011-08-09 23:27 - 00000000 ____D () C:\-------- GRY -------- 2014-08-26 14:34 - 2012-01-10 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ 2014-08-26 14:34 - 2011-08-18 16:27 - 00000000 ____D () C:\Program Files (x86)\THQ 2014-08-26 13:00 - 2011-11-10 21:41 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt 2014-08-26 12:58 - 2014-08-26 12:58 - 00000000 ____D () C:\Program Files (x86)\ExstrraSauvuiinegs 2014-08-26 12:58 - 2013-11-07 20:58 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\Disney Interactive Studios 2014-08-26 12:58 - 2011-12-25 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive Studios 2014-08-26 12:57 - 2012-04-17 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO 2014-08-26 12:54 - 2011-08-21 21:56 - 00000033 _____ () C:\Users\Nordvendor\AppData\Roaming\pcouffin.log 2014-08-26 12:54 - 2011-08-21 21:54 - 00099384 _____ () C:\Users\Nordvendor\AppData\Roaming\inst.exe 2014-08-26 12:54 - 2011-08-21 21:54 - 00082816 _____ (VSO Software) C:\Users\Nordvendor\AppData\Roaming\pcouffin.sys 2014-08-26 12:54 - 2011-08-21 21:54 - 00007859 _____ () C:\Users\Nordvendor\AppData\Roaming\pcouffin.cat 2014-08-26 12:54 - 2011-08-21 21:54 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\Vso 2014-08-26 12:47 - 2014-08-26 12:47 - 00000000 ____D () C:\Program Files (x86)\ALlSaver 2014-08-26 12:46 - 2013-05-11 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arturia 2014-08-26 12:34 - 2013-12-18 23:25 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-08-26 12:19 - 2014-08-26 12:18 - 71143424 _____ () C:\Users\Nordvendor\Downloads\eav_nt64_plk.msi 2014-08-26 11:46 - 2011-08-09 22:57 - 00000000 ____D () C:\Users\Nordvendor 2014-08-26 00:14 - 2014-08-26 00:13 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{00533791-2057-4740-8FC3-90C7A942B464} 2014-08-24 23:53 - 2014-08-24 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX 2014-08-24 22:01 - 2011-09-28 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-08-24 20:48 - 2014-08-24 20:48 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{C4993B5B-4D03-4AFA-BFA9-01A674D929ED} 2014-08-23 04:07 - 2014-08-28 20:45 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-28 20:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-28 20:45 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-22 22:17 - 2014-06-26 21:51 - 00000000 ____D () C:\---mp3 2014 --- 2014-08-22 19:00 - 2014-08-22 19:00 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{3330768C-89A8-490E-83A4-78BF4C366A19} 2014-08-21 15:22 - 2014-08-21 14:51 - 04370095 _____ ( ) C:\Users\Nordvendor\Downloads\MightyQuestSetup_244067 (1).exe 2014-08-21 14:34 - 2014-08-21 14:31 - 00000000 ____D () C:\Program Files (x86)\The Mighty Quest For Epic Loot 2014-08-21 14:31 - 2014-08-21 14:31 - 00001391 _____ () C:\Users\Public\Desktop\The Mighty Quest For Epic Loot.lnk 2014-08-21 14:31 - 2014-08-21 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Mighty Quest For Epic Loot 2014-08-21 14:30 - 2014-08-21 14:27 - 30012912 _____ ( ) C:\Users\Nordvendor\Downloads\MightyQuestSetup_244067.exe 2014-08-21 14:12 - 2014-05-30 00:27 - 00000000 ____D () C:\ProgramData\Origin 2014-08-21 14:12 - 2014-05-30 00:27 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-08-21 10:38 - 2014-08-21 10:38 - 00000000 ____D () C:\Users\Nordvendor\Desktop\zdjecia 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{9744FB47-47CA-480E-835C-F5821AC46D75} 2014-08-21 10:23 - 2014-08-21 10:23 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\Adobe 2014-08-21 01:03 - 2014-08-21 01:03 - 00000000 ____D () C:\Users\Nordvendor\Documents\SelfMV 2014-08-21 00:58 - 2014-08-21 00:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec 2014-08-21 00:58 - 2014-08-21 00:58 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec 2014-08-21 00:42 - 2014-08-21 00:42 - 00000000 ____D () C:\Users\Public\Documents\CrashDump 2014-08-21 00:31 - 2011-12-12 01:03 - 00000000 ____D () C:\eshm2005 2014-08-20 16:49 - 2013-10-05 09:50 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\.minecraft 2014-08-19 21:14 - 2014-06-03 17:23 - 00003870 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1393184493 2014-08-19 21:14 - 2011-08-10 00:39 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-08-17 21:48 - 2014-08-13 21:39 - 00001954 _____ () C:\Users\Nordvendor\Desktop\Technic Launcher 15 — skrót.lnk 2014-08-17 21:48 - 2014-06-07 13:15 - 00001528 _____ () C:\Users\Nordvendor\Desktop\Pixelmon — skrót.lnk 2014-08-17 21:40 - 2014-08-17 21:39 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{95117EE5-F537-4796-A754-35DF8A441078} 2014-08-17 15:01 - 2012-04-02 07:29 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-16 23:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-08-16 23:01 - 2012-04-02 07:29 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-16 23:01 - 2012-04-02 07:29 - 00003870 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-16 23:01 - 2011-08-10 23:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-15 12:17 - 2014-08-15 12:16 - 00000000 ____D () C:\Users\Nordvendor\Documents\Moje dzieła SPORE 2014-08-15 12:17 - 2014-08-15 12:14 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\SPORE 2014-08-14 22:04 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-08-14 21:55 - 2012-01-14 16:39 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts 2014-08-14 20:58 - 2014-05-30 00:30 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-08-14 20:49 - 2014-08-14 20:48 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{004CF47E-495C-434A-AD94-5D1FB3720309} 2014-08-14 01:26 - 2011-08-10 22:36 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-14 01:19 - 2013-08-02 01:36 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-14 01:06 - 2011-08-10 22:46 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-14 00:55 - 2014-05-06 23:45 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-13 21:40 - 2014-08-13 21:38 - 00000000 ____D () C:\Users\Nordvendor\Downloads\Minecraft Hexxit 2014-08-13 21:39 - 2014-08-13 20:58 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\.technic 2014-08-13 21:38 - 2014-08-13 21:38 - 02196333 _____ () C:\Users\Nordvendor\Downloads\Minecraft Hexxit.zip 2014-08-13 21:20 - 2009-07-14 04:34 - 00000642 _____ () C:\Windows\win.ini 2014-08-13 21:19 - 2014-08-13 21:18 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{56ACFA08-4A7E-4C4E-B264-FC75D0905DCE} 2014-08-13 20:58 - 2014-08-13 20:58 - 02346942 _____ () C:\Users\Nordvendor\Downloads\TechnicLauncher.exe 2014-08-12 13:12 - 2014-05-03 21:43 - 00000000 ___RD () C:\Users\Nordvendor\Dropbox 2014-08-11 17:28 - 2014-07-19 15:40 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\.csrvlauncher 2014-08-11 17:13 - 2014-06-07 13:14 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\.minecraft_pixelmonpl_301 2014-08-10 18:13 - 2014-08-10 18:13 - 00000000 ____D () C:\ProgramData\ihmkapnfhloicabfpficfgnkfkldhalc 2014-08-09 20:49 - 2014-08-09 20:49 - 00001777 _____ () C:\Users\Nordvendor\Desktop\PokeGen — skrót.lnk 2014-08-09 20:22 - 2014-08-09 19:24 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\WpfApplication1 2014-08-09 19:51 - 2014-08-09 19:51 - 02597802 _____ () C:\Users\Nordvendor\Downloads\PokeGen.rar 2014-08-09 19:24 - 2014-08-09 19:24 - 00000000 ____D () C:\Users\Nordvendor\Desktop\pokemon gen 2014-08-07 12:38 - 2014-08-07 12:37 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{734D4767-0F56-47B2-90D4-8DB69C83FD3E} 2014-08-07 04:06 - 2014-08-13 17:25 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-07 04:01 - 2014-08-13 17:25 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-06 21:09 - 2014-08-06 21:09 - 00000000 ____D () C:\Users\Nordvendor\AppData\Roaming\.mono 2014-08-06 21:09 - 2014-08-06 21:09 - 00000000 ____D () C:\ProgramData\.mono 2014-08-05 09:20 - 2011-10-09 22:03 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-08-04 18:33 - 2014-08-04 18:33 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\{CED3E336-6428-49BF-A387-8DF1F432F813} 2014-08-03 19:30 - 2011-08-15 12:58 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-03 19:30 - 2011-08-15 12:58 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-03 19:26 - 2014-08-03 19:26 - 00001693 _____ () C:\Users\Nordvendor\Desktop\Dysk Google.lnk 2014-08-03 19:24 - 2014-08-03 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-08-03 19:24 - 2011-08-15 12:58 - 00000000 ____D () C:\Users\Nordvendor\AppData\Local\Google 2014-08-03 19:24 - 2011-08-15 12:58 - 00000000 ____D () C:\Program Files (x86)\Google 2014-08-03 19:23 - 2014-08-03 19:23 - 00895120 _____ (Google Inc.) C:\Users\Nordvendor\Downloads\googledrivesync.exe 2014-08-03 19:23 - 2011-08-15 12:58 - 00003904 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-08-03 19:23 - 2011-08-15 12:58 - 00003652 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-08-03 19:18 - 2014-06-21 00:33 - 00002386 _____ () C:\Users\Nordvendor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ALLPlayer.TV.lnk 2014-08-03 19:18 - 2014-06-21 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer Pilot 2014-08-03 19:18 - 2014-06-21 00:33 - 00000000 ____D () C:\Program Files (x86)\ALLPlayer Remote 2014-08-03 19:18 - 2012-01-03 15:59 - 00000000 ____D () C:\Program Files (x86)\ALLPlayer 2014-08-03 19:18 - 2011-12-20 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt 2014-08-03 19:18 - 2011-12-20 11:39 - 00000000 ____D () C:\Program Files (x86)\NapiProjekt 2014-08-03 19:18 - 2011-08-09 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer 2014-08-03 19:17 - 2013-10-30 10:05 - 00000000 ____D () C:\ProgramData\ALLPlayer 2014-08-03 19:16 - 2014-08-03 19:14 - 43507528 _____ (ALLPlayer ) C:\Users\Nordvendor\Downloads\ALLPlayerPL (1).exe 2014-08-01 16:46 - 2014-08-01 16:45 - 43510184 _____ (ALLPlayer ) C:\Users\Nordvendor\Downloads\ALLPlayerPL.exe Some content of TEMP: ==================== C:\Users\Nordvendor\AppData\Local\Temp\BRSVC_1447985_hlp.exe C:\Users\Nordvendor\AppData\Local\Temp\InstHelper.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-28 23:50 ==================== End Of Log ============================