Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2015 Ran by eafae (administrator) on EQWDFWA on 14-04-2015 16:51:48 Running from C:\Users\eafae\Desktop\frst Loaded Profiles: eafae & UpdatusUser (Available profiles: eafae & UpdatusUser) Platform: Windows 8.1 Pro (X64) OS Language: Angielski (Stany Zjednoczone) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe (XTab system) C:\Program Files (x86)\XTab\ProtectService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Navigation Co., Ltd.) C:\Users\eafae\AppData\Roaming\ntsvc\ntsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe () C:\ProgramData\{c5210046-4efe-624a-c521-100464ef0119}\tasktr__7214_il109297.exe () C:\ProgramData\{bd984814-05cc-fe2a-bd98-8481405c2050}\Test Drive Unlimited Gold [R.G Mechanics].exe (Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation) HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters). HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-10-08] (Power Software Ltd) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-27] (Electronic Arts) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd) Startup: C:\Users\eafae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) Startup: C:\Users\eafae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tasktr__7214_il109297.lnk ShortcutTarget: tasktr__7214_il109297.lnk -> C:\ProgramData\{c5210046-4efe-624a-c521-100464ef0119}\tasktr__7214_il109297.exe () Startup: C:\Users\eafae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Test Drive Unlimited Gold [R.G Mechanics].lnk ShortcutTarget: Test Drive Unlimited Gold [R.G Mechanics].lnk -> C:\ProgramData\{bd984814-05cc-fe2a-bd98-8481405c2050}\Test Drive Unlimited Gold [R.G Mechanics].exe () ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} => C:\Users\eafae\AppData\Roaming\Macwebtoise\explorerEx64.dll () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.luckysearches.com/web/?type=dspp&ts=1427988844&from=adc&uid=SAMSUNGXHD642JJ_S1AFJ90SC00179&q={searchTerms} HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.luckysearches.com/web/?type=dspp&ts=1427988844&from=adc&uid=SAMSUNGXHD642JJ_S1AFJ90SC00179&q={searchTerms} URLSearchHook: [S-1-5-21-4040340981-3488949422-2698820681-1002] ATTENTION ==> Default URLSearchHook is missing. SearchScopes: HKLM -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysearches.com/web/?type=ds&ts=1427988833&from=adc&uid=SAMSUNGXHD642JJ_S1AFJ90SC00179&q={searchTerms} SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = SearchScopes: HKLM-x32 -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysearches.com/web/?type=dspp&ts=1427988844&from=adc&uid=SAMSUNGXHD642JJ_S1AFJ90SC00179&q={searchTerms} SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = SearchScopes: HKU\S-1-5-21-4040340981-3488949422-2698820681-1001 -> DefaultScope {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.luckysearches.com/web/?utm_source=b&utm_medium=adc&utm_campaign=install_ie&utm_content=ds&from=adc&uid=SAMSUNGXHD642JJ_S1AFJ90SC00179&ts=1427988860&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4040340981-3488949422-2698820681-1001 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.luckysearches.com/web/?utm_source=b&utm_medium=adc&utm_campaign=install_ie&utm_content=ds&from=adc&uid=SAMSUNGXHD642JJ_S1AFJ90SC00179&ts=1427988860&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4040340981-3488949422-2698820681-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.luckysearches.com/web/?utm_source=b&utm_medium=adc&utm_campaign=install_ie&utm_content=ds&from=adc&uid=SAMSUNGXHD642JJ_S1AFJ90SC00179&ts=1427988860&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4040340981-3488949422-2698820681-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysearches.com/web/?utm_source=b&utm_medium=adc&utm_campaign=install_ie&utm_content=ds&from=adc&uid=SAMSUNGXHD642JJ_S1AFJ90SC00179&ts=1427988860&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4040340981-3488949422-2698820681-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.luckysearches.com/web/?utm_source=b&utm_medium=adc&utm_campaign=install_ie&utm_content=ds&from=adc&uid=SAMSUNGXHD642JJ_S1AFJ90SC00179&ts=1427988860&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4040340981-3488949422-2698820681-1001 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = SearchScopes: HKU\S-1-5-21-4040340981-3488949422-2698820681-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: CuoupEExteNosiuon -> {5c772b28-da63-44d0-b7cc-573ad8eda1b7} -> C:\Program Files (x86)\CuoupEExteNosiuon\lqBsXcvnwpcQTE.x64.dll [2015-04-09] () BHO: youtubeadblocker -> {9957d186-7af3-4b08-8c82-6e0c8d0bdcf8} -> C:\Program Files (x86)\youtubeadblocker\WaXJH7oEyTFcZB.x64.dll [2015-04-01] () BHO: NNewSaver -> {9a26cc8c-a13b-4be9-a36a-08bf087fb8fa} -> C:\Program Files (x86)\NNewSaver\4LrzUq6ZnIdi5F.x64.dll [2015-04-09] () BHO: SAlePluiss -> {e99ade3a-fb0b-42bd-9cde-1292e99c2e7d} -> C:\Program Files (x86)\SAlePluiss\HD9xIdQ6jgaAV5.x64.dll [2015-04-01] () BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-03-16] (Thinknice Co. Limited) BHO-x32: CuoupEExteNosiuon -> {5c772b28-da63-44d0-b7cc-573ad8eda1b7} -> C:\Program Files (x86)\CuoupEExteNosiuon\lqBsXcvnwpcQTE.dll [2015-04-09] () BHO-x32: youtubeadblocker -> {9957d186-7af3-4b08-8c82-6e0c8d0bdcf8} -> C:\Program Files (x86)\youtubeadblocker\WaXJH7oEyTFcZB.dll [2015-04-01] () BHO-x32: NNewSaver -> {9a26cc8c-a13b-4be9-a36a-08bf087fb8fa} -> C:\Program Files (x86)\NNewSaver\4LrzUq6ZnIdi5F.dll [2015-04-09] () BHO-x32: SAlePluiss -> {e99ade3a-fb0b-42bd-9cde-1292e99c2e7d} -> C:\Program Files (x86)\SAlePluiss\HD9xIdQ6jgaAV5.dll [2015-04-01] () Tcpip\Parameters: [DhcpNameServer] 194.204.152.34 194.204.159.1 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.luckysearches.com/?type=sc&ts=1427988803&from=adc&uid=SAMSUNGXHD642JJ_S1AFJ90SC00179 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation) ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 82379c5f; c:\Program Files (x86)\SoftwareAssist\SoftwareAssist.dll [1625088 2015-04-02] () [File not signed] R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] () R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53832 2014-11-25] (Just Develop It) <==== ATTENTION R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-03-16] (XTab system) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-28] (Electronic Arts) R2 Sed; C:\Users\eafae\AppData\Roaming\ntsvc\ntsvc.exe [944184 2015-04-10] (Navigation Co., Ltd.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] () R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.) R3 ip100Avista; C:\Windows\system32\DRIVERS\ipfnd51.sys [37888 2009-03-18] (IC Plus Corp. ) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-13 21:02 - 2015-04-13 21:02 - 00031985 _____ () C:\Users\eafae\Desktop\FRST.txt 2015-04-13 20:52 - 2015-04-14 16:51 - 00000000 ____D () C:\Users\eafae\Desktop\frst 2015-04-09 20:52 - 2015-04-09 20:52 - 00000000 ____D () C:\Program Files (x86)\Faster Chrome Pro 2015-04-09 20:51 - 2015-04-09 20:51 - 00000000 ____D () C:\Program Files (x86)\RandoomPPricce 2015-04-09 20:51 - 2015-04-09 20:51 - 00000000 ____D () C:\Program Files (x86)\NNewSaver 2015-04-09 20:51 - 2015-04-09 20:51 - 00000000 ____D () C:\Program Files (x86)\CuoupEExteNosiuon 2015-04-07 14:13 - 2015-04-07 14:13 - 00000000 ____D () C:\ProgramData\TheAdBlock 2015-04-02 20:20 - 2015-04-02 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2015-04-02 20:20 - 2015-04-02 20:20 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2015-04-02 18:51 - 2015-04-02 18:51 - 00000000 ____D () C:\Users\eafae\AppData\Local\NVIDIA 2015-04-02 18:38 - 2015-04-02 18:38 - 03542103 _____ () C:\Users\eafae\Downloads\TEST.DRIVE.UNLIMITED.V1.66A.ALL.HATRED.NOCD.ZIP 2015-04-02 17:42 - 2015-04-02 17:42 - 00689232 _____ (Navigation Co., Ltd.) C:\Users\eafae\Downloads\Bnd_200_262_201533_1844.exe 2015-04-02 17:42 - 2015-04-02 17:42 - 00000000 ____D () C:\Users\eafae\AppData\Roaming\ntsvc 2015-04-02 17:42 - 2015-04-02 17:42 - 00000000 ____D () C:\Users\eafae\AppData\Roaming\Macwebtoise 2015-04-02 17:35 - 2015-04-02 18:31 - 00000000 ____D () C:\Program Files (x86)\UPCleaner 2015-04-02 17:35 - 2015-04-02 17:35 - 08410016 _____ (Beijing Fantasy Game Network Technology Co., Ltd.) C:\Users\eafae\Downloads\somont.exe 2015-04-02 17:35 - 2015-04-02 17:35 - 00000000 ____D () C:\Users\eafae\AppData\Local\macasoft 2015-04-02 17:33 - 2015-04-02 17:34 - 00000000 ____D () C:\Program Files (x86)\XTab 2015-04-02 17:33 - 2015-04-02 17:33 - 00670816 _____ (HTabp.com) C:\Users\eafae\Downloads\ex.exe 2015-04-02 17:33 - 2015-04-02 17:33 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2015-04-02 17:33 - 2015-04-02 17:33 - 00000000 ____D () C:\ProgramData\IHProtectUpDate 2015-04-02 17:32 - 2015-04-02 17:32 - 00422400 _____ () C:\Users\eafae\Downloads\kurulum.exe 2015-04-02 17:30 - 2015-04-02 20:20 - 00000000 ____D () C:\ProgramData\{c5210046-4efe-624a-c521-100464ef0119} 2015-04-02 17:29 - 2015-04-02 17:29 - 00000000 ____D () C:\ProgramData\okclledcblofbigbcaahjbfpegbgbfda 2015-04-02 17:29 - 2015-04-02 17:29 - 00000000 ____D () C:\Program Files (x86)\SoftwareAssist 2015-04-02 17:28 - 2015-04-02 17:28 - 00463560 _____ () C:\Users\eafae\Downloads\tasktr__7214_il109297.exe 2015-04-02 17:28 - 2015-04-02 17:28 - 00000000 ____D () C:\ProgramData\{a1ea5d08-0bb3-7f0c-a1ea-a5d080bb7420} 2015-04-02 17:28 - 2015-04-02 17:28 - 00000000 ____D () C:\ProgramData\{539d1ce0-9635-66e0-539d-d1ce09637382} 2015-04-02 17:20 - 2015-04-02 17:20 - 00155603 _____ () C:\Users\eafae\Downloads\test_drive_unlimited_pl_patch_vistapl.zip 2015-04-02 17:13 - 2015-04-02 17:13 - 02776043 _____ () C:\Users\eafae\Downloads\Test-Drive-Unlimited---crack.rar 2015-04-02 17:01 - 2015-04-02 17:15 - 00000000 ____D () C:\ProgramData\Test Drive Unlimited 2015-04-02 17:01 - 2015-04-02 17:02 - 11829584 _____ () C:\Users\eafae\Downloads\test_drive_u.rar 2015-04-02 17:01 - 2015-04-02 17:01 - 00001373 _____ () C:\Users\eafae\Desktop\Test Drive Unlimited Gold.lnk 2015-04-02 17:01 - 2015-04-02 17:01 - 00000000 ____D () C:\Users\eafae\AppData\Roaming\Test Drive Unlimited Gold 2015-04-02 17:01 - 2015-04-02 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2015-04-02 17:01 - 2006-06-21 17:43 - 110172804 _____ () C:\Users\eafae\Desktop\IntroTDU.bik 2015-04-02 16:56 - 2015-04-02 16:56 - 00000000 ____D () C:\Program Files (x86)\R.G. Mechanics 2015-04-02 14:21 - 2015-04-02 17:23 - 00000000 ____D () C:\Users\eafae\Desktop\[R.G. Mechanics] Test Drive Unlimited Gold 2015-04-02 14:20 - 2015-04-02 14:20 - 00011802 _____ () C:\Users\eafae\Downloads\[kickass.to]test.drive.unlimited.gold.r.g.mechanics.torrent 2015-04-01 22:22 - 2015-04-02 18:30 - 00000000 ____D () C:\Users\eafae\AppData\Roaming\Opera Software 2015-04-01 22:22 - 2015-04-02 18:30 - 00000000 ____D () C:\Users\eafae\AppData\Local\Opera Software 2015-04-01 20:58 - 2015-04-02 18:30 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-04-01 20:57 - 2015-04-01 20:58 - 01576464 _____ (Dummy, Ltd.) C:\Users\eafae\Downloads\Test Drive Unlimited Gold [R.G Mechanics]_10924_i48843529_il345.exe 2015-04-01 20:56 - 2015-04-01 20:56 - 00000000 ____D () C:\Users\eafae\AppData\Roaming\EZDownloader 2015-04-01 20:55 - 2015-04-02 16:30 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup 2015-04-01 20:55 - 2015-04-01 20:55 - 00004012 _____ () C:\Windows\System32\Tasks\LaunchSignup 2015-04-01 20:55 - 2015-04-01 20:55 - 00001985 _____ () C:\Users\eafae\Desktop\Sync Folder.lnk 2015-04-01 20:55 - 2015-04-01 20:55 - 00001085 _____ () C:\Users\eafae\Desktop\MyPC Backup.lnk 2015-04-01 20:55 - 2015-04-01 20:55 - 00000123 _____ () C:\Windows\wininit.ini 2015-04-01 20:55 - 2015-04-01 20:55 - 00000000 ____D () C:\Users\eafae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 2015-04-01 20:54 - 2015-04-02 17:29 - 00000000 ____D () C:\Program Files (x86)\SystemMuscle 2015-04-01 20:53 - 2015-04-01 20:53 - 00000000 ____D () C:\Program Files (x86)\youtubeadblocker 2015-04-01 20:53 - 2015-04-01 20:53 - 00000000 ____D () C:\Program Files (x86)\SAlePluiss 2015-04-01 20:52 - 2015-04-02 10:40 - 00000000 ____D () C:\ProgramData\{bd984814-05cc-fe2a-bd98-8481405c2050} 2015-04-01 20:52 - 2015-04-01 20:52 - 00000000 ____D () C:\ProgramData\eopfohhlindknnblhjplpohnmlecckii 2015-04-01 20:51 - 2015-04-01 20:51 - 00460800 _____ () C:\Users\eafae\Downloads\Test Drive Unlimited Gold [R.G Mechanics].exe 2015-03-30 15:28 - 2015-03-30 15:28 - 00044296 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys 2015-03-29 17:14 - 2015-03-29 17:14 - 00001742 _____ () C:\Users\eafae\Desktop\Fallout3.exe — skrót.lnk 2015-03-29 16:57 - 2015-03-29 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace 2015-03-29 16:57 - 2015-03-29 16:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2015-03-29 16:54 - 2015-03-29 16:54 - 00642712 _____ (Microsoft Corporation) C:\Users\eafae\Downloads\gfwlivesetup.exe 2015-03-29 16:52 - 2015-03-29 16:52 - 00000000 ____D () C:\Users\eafae\Documents\My Games 2015-03-29 16:52 - 2015-03-29 16:52 - 00000000 ____D () C:\Users\eafae\AppData\Local\Fallout3 2015-03-29 16:44 - 2015-03-29 16:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-03-29 16:43 - 2015-03-29 16:44 - 00055057 _____ () C:\Windows\DirectX.log 2015-03-29 16:43 - 2015-03-29 16:43 - 00000000 ____D () C:\Windows\SysWOW64\xlive 2015-03-29 16:40 - 2015-03-29 16:41 - 03429109 _____ () C:\Users\eafae\Downloads\Fallout_3_spolszczenie_napisy.rar 2015-03-29 16:36 - 2015-03-29 16:41 - 00000000 ____D () C:\Users\eafae\Desktop\f3 2015-03-29 12:24 - 2015-03-29 12:24 - 00009634 _____ () C:\Users\eafae\Downloads\Addition (1).txt 2015-03-28 19:19 - 2015-03-28 23:25 - 00000000 ____D () C:\Users\eafae\Downloads\Fallout 3 - Game of the Year Edition [Final]-RELOADED 2015-03-28 19:11 - 2015-03-28 19:15 - 00000000 ____D () C:\Users\eafae\Downloads\Fallout.3.Game.of.the.Year.Edition.GOTY.(Bethesda.Softworks)-WWW 2015-03-28 15:51 - 2015-04-01 22:14 - 00002341 _____ () C:\Users\eafae\Desktop\MiniGet Smart Downloader.lnk 2015-03-28 15:44 - 2015-03-28 15:44 - 01484304 _____ (Dummy, Ltd.) C:\Users\eafae\Downloads\Fallout 3 PC full game DLC nosTEAM_10924_i47627008_il345.exe 2015-03-28 00:01 - 2015-03-28 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-03-28 00:01 - 2015-03-28 00:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-03-28 00:01 - 2015-03-28 00:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-03-27 23:58 - 2015-03-27 23:59 - 13087456 _____ (Microsoft Corporation) C:\Users\eafae\Downloads\Silverlight_x64.exe 2015-03-26 21:00 - 2015-03-26 21:00 - 00255580 _____ () C:\ProgramData\1427396291.bdinstall.bin 2015-03-25 21:50 - 2015-03-25 21:50 - 00000000 ____D () C:\Users\eafae\AppData\Local\Activision 2015-03-25 21:00 - 2015-03-29 11:32 - 00002216 _____ () C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk 2015-03-25 21:00 - 2015-03-25 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision 2015-03-25 20:55 - 2015-03-25 20:55 - 00000000 ____D () C:\Program Files (x86)\Activision 2015-03-25 20:51 - 2015-03-25 21:32 - 56578224 _____ () C:\Users\eafae\Downloads\Spolszczenie do Call of Duty - Black Ops (1).rar 2015-03-25 20:45 - 2015-03-25 20:54 - 00000000 ____D () C:\Users\eafae\Desktop\cod bo 2015-03-25 20:44 - 2015-03-25 20:44 - 00000000 ____D () C:\Users\eafae\AppData\Roaming\PowerISO 2015-03-25 20:16 - 2015-03-25 20:16 - 00001023 _____ () C:\Users\Public\Desktop\PowerISO.lnk 2015-03-25 20:16 - 2015-03-25 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO 2015-03-25 20:16 - 2014-10-08 15:13 - 00127760 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys 2015-03-25 20:06 - 2015-03-25 20:16 - 02962832 _____ (Power Software Ltd) C:\Users\eafae\Downloads\PowerISO6.exe 2015-03-25 14:08 - 2015-04-02 18:31 - 00000000 ____D () C:\Users\eafae\AppData\Local\Unity 2015-03-25 14:08 - 2015-03-25 14:08 - 01088544 _____ (Unity Technologies ApS) C:\Users\eafae\Downloads\UnityWebPlayer.exe 2015-03-25 13:51 - 2015-03-25 16:41 - 00000000 ____D () C:\Users\eafae\Downloads\Call of Duty Black Ops-SKIDROW 2015-03-22 22:57 - 2015-03-22 22:57 - 00023776 _____ () C:\Users\eafae\Downloads\Addition.txt 2015-03-22 21:49 - 2015-04-13 20:55 - 00017682 _____ () C:\Windows\PFRO.log 2015-03-22 19:06 - 2015-03-22 19:06 - 00039238 _____ () C:\Users\eafae\Downloads\gemr.txt 2015-03-22 15:47 - 2015-03-22 15:47 - 00370943 _____ () C:\Users\eafae\Downloads\gmer.zip 2015-03-22 15:40 - 2015-04-14 16:51 - 00000000 ____D () C:\FRST 2015-03-22 15:39 - 2015-03-22 15:39 - 01135104 _____ (Farbar) C:\Users\eafae\Downloads\FRST.exe 2015-03-22 15:38 - 2015-03-22 15:38 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll 2015-03-22 15:38 - 2015-03-22 15:38 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll 2015-03-22 15:37 - 2015-03-22 15:37 - 00262544 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys 2015-03-22 15:36 - 2015-03-22 15:36 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys 2015-03-22 15:06 - 2015-03-22 15:06 - 00000385 _____ () C:\Windows\system32\user_gensett.xml 2015-03-22 15:06 - 2015-03-22 15:06 - 00000385 _____ () C:\Users\eafae\AppData\Roaminguser_gensett.xml 2015-03-22 15:05 - 2015-04-13 20:56 - 00008718 _____ () C:\Windows\setupact.log 2015-03-22 15:05 - 2015-03-22 15:36 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys 2015-03-22 15:05 - 2015-03-22 15:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2015-03-22 15:05 - 2015-03-22 15:05 - 00000000 ____D () C:\ProgramData\BDLogging 2015-03-22 15:05 - 2015-03-22 15:05 - 00000000 _____ () C:\Windows\setuperr.log 2015-03-22 15:05 - 2014-12-02 17:37 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll 2015-03-22 15:05 - 2013-09-08 21:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys 2015-03-22 15:05 - 2007-04-11 12:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll 2015-03-22 14:46 - 2015-03-22 14:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-03-22 14:46 - 2015-03-22 14:46 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-03-22 14:46 - 2015-03-22 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-03-22 14:46 - 2015-03-22 14:46 - 00000000 ____D () C:\Program Files\CCleaner 2015-03-22 14:45 - 2015-03-22 14:45 - 00000000 ____D () C:\Users\eafae\AppData\Roaming\QuickScan 2015-03-22 14:45 - 2015-03-22 14:45 - 00000000 ____D () C:\Program Files\Bitdefender 2015-03-22 14:44 - 2015-03-26 20:59 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender 2015-03-22 14:40 - 2015-03-22 14:41 - 05325696 _____ (Piriform Ltd) C:\Users\eafae\Downloads\ccsetup503.exe 2015-03-22 14:30 - 2015-03-22 14:42 - 275921960 _____ () C:\Users\eafae\Downloads\bitdefender_av_18_32b.exe 2015-03-22 14:30 - 2015-03-22 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-03-21 15:18 - 2015-03-21 15:18 - 00000361 _____ () C:\Users\eafae\Downloads\SholeRecoilReducer.rar 2015-03-21 15:08 - 2015-03-21 15:09 - 02784484 _____ () C:\Users\eafae\Downloads\AutoHotkey112003_Install.exe 2015-03-18 17:44 - 2015-03-18 17:44 - 00006532 _____ () C:\Users\eafae\Downloads\items.rar ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-14 16:49 - 2015-01-12 09:47 - 01901996 _____ () C:\Windows\WindowsUpdate.log 2015-04-14 16:39 - 2015-01-29 17:22 - 00000000 ____D () C:\Users\eafae\AppData\Roaming\Skype 2015-04-14 16:35 - 2015-02-02 17:39 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-14 16:32 - 2015-01-13 05:15 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{31FC1C9C-7A86-47FF-81DD-80D814602890} 2015-04-14 16:29 - 2015-01-13 05:34 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-04-14 16:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru 2015-04-14 06:40 - 2015-01-12 09:54 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4040340981-3488949422-2698820681-1001 2015-04-13 20:58 - 2015-01-12 09:48 - 00001454 _____ () C:\Users\eafae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-04-13 20:56 - 2015-02-02 19:27 - 00000000 ____D () C:\Users\eafae\AppData\Local\LogMeIn Hamachi 2015-04-13 20:56 - 2015-01-21 18:55 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2015-04-13 20:56 - 2015-01-13 05:20 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-04-13 20:56 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-13 20:55 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2015-04-13 20:55 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2015-04-13 20:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness 2015-04-11 21:52 - 2015-01-13 08:37 - 00000000 ____D () C:\ProgramData\Origin 2015-04-02 20:20 - 2015-02-02 19:27 - 00000938 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2015-04-02 18:51 - 2015-01-27 22:19 - 00000000 ____D () C:\Users\eafae\AppData\Roaming\uTorrent 2015-04-02 18:51 - 2015-01-13 05:19 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2015-04-02 17:31 - 2015-01-12 09:48 - 00000000 ____D () C:\Users\eafae\AppData\Local\VirtualStore 2015-04-02 16:35 - 2015-01-14 09:50 - 00805892 _____ () C:\Windows\system32\perfh015.dat 2015-04-02 16:35 - 2015-01-14 09:50 - 00163272 _____ () C:\Windows\system32\perfc015.dat 2015-04-02 16:35 - 2014-03-18 12:02 - 01825074 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-30 23:42 - 2015-02-08 19:09 - 00000000 ____D () C:\Users\eafae\AppData\Roaming\TS3Client 2015-03-29 13:30 - 2015-01-12 09:48 - 00000000 ____D () C:\Users\eafae 2015-03-26 00:07 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2015-03-25 20:16 - 2015-01-13 05:29 - 00000000 ____D () C:\Program Files (x86)\PowerISO 2015-03-22 15:00 - 2015-01-12 09:39 - 00000000 ____D () C:\Windows\Panther 2015-03-22 14:32 - 2015-02-21 11:47 - 00000000 ____D () C:\Program Files (x86)\The Witcher 2 2015-03-22 14:32 - 2015-01-14 20:36 - 00000000 ____D () C:\Users\eafae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-03-22 14:15 - 2014-03-18 11:43 - 00000000 ____D () C:\Windows\ShellNew 2015-03-22 14:10 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2015-03-22 14:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2015-03-17 20:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache ==================== Files in the root of some directories ======= 2015-04-02 18:30 - 2015-04-02 18:30 - 0011674 _____ () C:\Users\eafae\AppData\Local\Temp-log.txt 2015-03-26 21:00 - 2015-03-26 21:00 - 0255580 _____ () C:\ProgramData\1427396291.bdinstall.bin ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-13 21:27 ==================== End Of Log ============================