Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-10-2013 Ran by Erni (administrator) on ERNI-KOMPUTER on 29-10-2013 14:33:09 Running from O:\ Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) C:\Windows\System32\sdclt.exe (Microsoft Corporation) C:\Windows\system32\consent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ==================== Registry (Whitelisted) ================== HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd) HKCU\...\Run: [Google Update] - C:\Users\Erni\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-02-10] (Google Inc.) HKCU\...\Policies\system: [LogonHoursAction] 2 HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 MountPoints2: F - F:\Bin\ASSETUP.exe MountPoints2: {c9b54d03-2307-11e0-a448-806e6f6e6963} - F:\Bin\ASSETUP.exe HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-30] (AVAST Software) HKLM-x32\...\Run: [EaseUS EPM tray] - E:\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe [2086984 2012-11-29] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StereoLinksInstall] - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [1041696 2013-01-18] (NVIDIA Corporation) HKU\Administrator\...\Run: [TBPanel] - C:\Program Files (x86)\Vtune\TBPANEL.exe [2158592 2010-10-22] () HKU\Administrator\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" HKU\Administrator\...\Policies\system: [LogonHoursAction] 2 HKU\Administrator\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll [2704352 2013-09-23] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=1A0320CF30BA8FCE&affID=125032&tsp=5026 SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0DF62BFA-728C-4079-B7A2-3E3D7F485A7E} URL = http://www.allegro.pl/search.php?sg=0&string={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1A0320CF30BA8FCE&affID=125032&tsp=5026 SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms} BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\CoIEPlg.dll (Symantec Corporation) BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\IPSBHO.dll (Symantec Corporation) BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation) Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\CoIEPlg.dll (Symantec Corporation) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: 127.0.0.1 www.pobieraczek.pl Tcpip\Parameters: [DhcpNameServer] 178.212.48.1 192.168.0.1 Chrome: ======= CHR HomePage: hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=1A0320CF30BA8FCE&affID=125032&tsp=5026 CHR RestoreOnStartup: "hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=1A0320CF30BA8FCE&affID=125032&tsp=5026" CHR Plugin: (Shockwave Flash) - C:\Users\Erni\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Erni\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Erni\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Users\Erni\AppData\Local\Google\Chrome\Application\plugins\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Version Plugin) - C:\Users\Erni\AppData\Local\Google\Chrome\Application\plugins\nprpjplug.dll (RealNetworks, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () CHR Plugin: (3DVIA player) - C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes) CHR Plugin: (Unity Player) - C:\Users\Erni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Java Deployment Toolkit 7.0.50.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) CHR Extension: (http://arhn.eu/giveaway/) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bklblelhahoiienakgjfhoapbeaoakmn\2013.3.13.41477_0 CHR Extension: (YouTube) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (http://paper-replika.com/index.php?option=com) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnadhngngihfonglbfhiigbbmkinpheg\2013.3.13.41568_0 CHR Extension: (http://www.thinkgeek.com/product/e970/?cpg=16) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabfkhmlpocgpkpgphleeggjennhoeoi\2013.3.13.41481_0 CHR Extension: (http://www.pa-troll.pl/) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcpfmakcbobbmdpcfblinlpgfgohljej\2013.3.13.41733_0 CHR Extension: (https://www.humblebundle.com/downloads?key=y8) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbgofonleappfndnonpicpbfcefafij\2013.3.13.41522_0 CHR Extension: (Meme Town) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmmboocagmacdceaafpankfaofegpldm\1_0 CHR Extension: (https://sko.pkobp.pl/) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lefckglladonmhahfnofnflechmamhkm\2013.3.13.41467_0 CHR Extension: (http://www.thinkgeek.com/product/9d5f/) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkfkcmjfedhkgjbmfkapkbljgalchmbg\2013.9.21.48149_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR StartMenuInternet: Google Chrome - C:\Users\Erni\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= S4 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) S4 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845664 2013-09-23] () R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe [126392 2009-12-09] (Symantec Corporation) S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2010-04-08] (PC Tools) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-07] () ==================== Drivers (Whitelisted) ==================== R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] () R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-03-31] (DT Soft Ltd) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2012-12-21] () S3 epmntdrv; C:\Windows\SysWow64\epmntdrv.sys [14920 2012-12-21] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2012-12-21] () S3 EuGdiDrv; C:\Windows\SysWow64\EuGdiDrv.sys [9160 2012-12-21] () R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20091209.020\ENG64.SYS [116272 2009-12-09] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20091209.020\EX64.SYS [1742896 2009-12-09] (Symantec Corporation) S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.) S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.) S3 SaiK1708; C:\Windows\System32\DRIVERS\SaiK1708.sys [180544 2012-09-20] (Saitek) S3 SaiU1708; C:\Windows\System32\DRIVERS\SaiU1708.sys [47168 2012-09-20] (Saitek) R1 SRTSP; C:\Windows\system32\drivers\NISx64\1105000.07F\SRTSP64.SYS [504880 2009-12-03] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1105000.07F\SRTSPX64.SYS [32304 2009-12-03] (Symantec Corporation) S3 TBPanel; No ImagePath S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-29 14:30 - 2013-10-29 14:30 - 00000000 ___DC C:\FRST 2013-10-28 21:31 - 2013-10-28 21:31 - 00000000 __SDC C:\ComboFix 2013-10-28 21:23 - 2013-10-28 21:31 - 00000000 ___DC C:\Qoobox 2013-10-28 20:49 - 2013-10-28 20:49 - 00000000 ____D C:\Windows\ERDNT 2013-10-28 15:31 - 2013-10-28 15:33 - 00000000 ____D C:\Windows\System32\Tasks\ASUS 2013-10-28 15:30 - 2013-10-28 15:33 - 00000000 ____D C:\Program Files (x86)\ASUS 2013-10-28 15:30 - 2009-09-30 04:33 - 00024576 ____R () C:\Windows\SysWOW64\AsIO.dll 2013-10-28 15:30 - 2009-08-04 03:28 - 00013440 ____R C:\Windows\SysWOW64\Drivers\AsIO.sys 2013-10-28 15:30 - 2008-01-04 13:34 - 00011832 _____ C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys 2013-10-28 15:30 - 2008-01-04 13:34 - 00010216 _____ C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys 2013-10-28 15:28 - 2010-07-09 09:11 - 00000000 ____D C:\Windows\AsDmiHtm 2013-10-27 20:26 - 2013-10-27 20:48 - 00002304 _____ C:\Windows\CompatibilityIssues.txt 2013-10-26 13:15 - 2009-03-05 13:54 - 00067584 _____ C:\Windows\system32\RtNicProp64.dll 2013-10-26 13:13 - 2010-02-02 13:53 - 00000000 ____D C:\Users\Administrator\Desktop\Intel_chipset_V9111025 2013-10-26 13:10 - 2013-10-26 13:10 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll 2013-10-26 13:10 - 2009-11-05 08:53 - 00000000 ____D C:\Users\Administrator\Desktop\RTL8112L_V768202009_WIN7 2013-10-26 13:08 - 2013-10-26 13:03 - 79946859 _____ C:\Users\Administrator\Desktop\VIA_Audio_V6018700a_XpVistaWin7.zip 2013-10-26 13:08 - 2013-10-26 13:03 - 76416062 _____ C:\Users\Administrator\Desktop\VIA_Audio_V6018300_XpVistaWin7.zip 2013-10-26 13:08 - 2013-10-26 12:58 - 05966207 _____ C:\Users\Administrator\Desktop\RTL8112L_V768202009_WIN7.zip 2013-10-26 13:08 - 2013-10-26 12:58 - 00037807 _____ C:\Users\Administrator\Desktop\BUPDATER_V112.zip 2013-10-26 13:08 - 2013-10-26 12:57 - 05882558 _____ C:\Users\Administrator\Desktop\Intel_chipset_V9111025.zip 2013-10-26 12:41 - 2013-10-26 12:41 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Opera Software 2013-10-26 12:41 - 2013-10-26 12:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Opera Software 2013-10-26 11:34 - 2009-09-02 12:09 - 00221696 _____ (Realtek ) C:\Windows\system32\Drivers\Rtlh64.sys 2013-10-26 10:30 - 2013-10-26 10:44 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE 2013-10-26 10:29 - 2013-10-26 10:29 - 00000207 _____ C:\Windows\tweaking.com-regbackup-ERNI-KOMPUTER--(64-bit).dat 2013-10-26 10:26 - 2013-10-26 10:26 - 00000000 ___DC C:\RegBackup 2013-10-26 10:23 - 2013-10-26 10:23 - 00000000 ____D C:\Program Files (x86)\Tweaking.com 2013-10-26 09:32 - 2013-10-27 21:17 - 00008784 _____ C:\Windows\diagwrn.xml 2013-10-26 09:32 - 2013-10-27 21:17 - 00001890 _____ C:\Windows\diagerr.xml 2013-10-26 09:04 - 2013-10-26 09:05 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security 2013-10-23 18:20 - 2013-10-23 18:20 - 00000000 ____D C:\Users\Erni\AppData\Roaming\iSafe 2013-10-23 13:25 - 2013-10-23 13:26 - 27923456 _____ C:\Users\Erni\Desktop\PhysX-9.13.0725-SystemSoftware.msi 2013-10-18 19:53 - 2013-10-18 19:54 - 01581717 _____ C:\Users\Erni\Desktop\Blog_Paper_Toy_papertoy_Gears_Monsuta_templates.zip 2013-10-18 12:41 - 2013-10-18 12:41 - 00001002 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-338348056-1139113899-2560991931-1001Core1cecbf6fbdefece.job 2013-10-14 16:54 - 2013-04-29 08:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys 2013-10-14 16:52 - 2013-10-14 16:52 - 00000000 ____D C:\Program Files (x86)\Panda Security 2013-10-14 16:49 - 2013-10-14 16:50 - 29527448 _____ (Panda Security ) C:\Users\Erni\Downloads\PandaCloudCleaner.exe 2013-10-14 11:03 - 2013-10-14 11:03 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec8c495306170.job 2013-10-11 13:27 - 2013-10-11 13:27 - 00000000 __SHD C:\found.004 2013-10-06 11:15 - 2013-10-06 11:15 - 00001330 _____ C:\Users\Erni\Desktop\Sound Recorder.lnk 2013-10-05 23:02 - 2013-10-05 23:02 - 00000000 ____D C:\Users\Erni\AppData\Local\avgchrome 2013-10-05 20:49 - 2013-10-23 16:15 - 00000000 ____D C:\Program Files (x86)\Opera 2013-10-05 20:49 - 2013-10-05 20:49 - 00001129 _____ C:\Users\Public\Desktop\Opera.lnk 2013-10-05 20:49 - 2013-10-05 20:49 - 00000000 ____D C:\Users\Erni\AppData\Roaming\Opera Software 2013-10-05 20:49 - 2013-10-05 20:49 - 00000000 ____D C:\Users\Erni\AppData\Local\Opera Software 2013-10-05 20:48 - 2013-10-05 20:48 - 32097512 _____ (Opera Software ASA) C:\Users\Erni\Downloads\Opera_16.0.1196.80_Setup.exe 2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Users\Erni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard 2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\ProgramData\BitGuard 2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-05 20:46 - 2013-10-05 20:46 - 00685248 _____ C:\Users\Erni\Desktop\Opera(12614).exe 2013-10-05 20:46 - 2013-10-05 20:46 - 00000000 ____D C:\ProgramData\Babylon 2013-10-05 20:45 - 2013-10-05 20:46 - 00685248 _____ C:\Users\Erni\Downloads\Opera(12614).exe 2013-10-05 14:02 - 2013-10-05 13:47 - 00242335 _____ C:\Users\Erni\Desktop\Minecraft 1.6.1 (1).rar 2013-10-05 13:53 - 2013-10-19 18:55 - 00000000 ____D C:\Users\Erni\AppData\Roaming\.minecraft 2013-10-05 13:53 - 2013-10-05 13:53 - 00000968 _____ C:\Users\Public\Desktop\Minecraft .lnk 2013-10-05 13:49 - 2013-10-05 13:51 - 42971671 _____ (hajducek ) C:\Users\Erni\Downloads\MinecraftSP.exe 2013-10-05 13:47 - 2013-10-05 13:47 - 00242335 _____ C:\Users\Erni\Downloads\Minecraft 1.6.1 (1).rar 2013-10-05 13:39 - 2013-10-05 13:39 - 00367332 _____ (http://magiclauncher.com) C:\Users\Erni\Downloads\MagicLauncher_1.1.7 (1).exe 2013-10-05 13:30 - 2013-10-05 13:29 - 02198654 _____ C:\Users\Erni\Desktop\minecraftforge-installer-1.6.2-9.10.1.861.jar 2013-10-05 13:29 - 2013-10-05 13:29 - 02198654 _____ C:\Users\Erni\Downloads\minecraftforge-installer-1.6.2-9.10.1.861.jar 2013-10-05 13:28 - 2013-10-05 13:28 - 00367332 _____ (http://magiclauncher.com) C:\Users\Erni\Downloads\MagicLauncher_1.1.7.exe 2013-10-05 13:27 - 2013-10-05 13:27 - 00255632 _____ C:\Users\Erni\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip 2013-10-05 13:27 - 2013-10-05 13:27 - 00191853 _____ C:\Users\Erni\Downloads\InventoryTweaks-MC1.6.2-1.56-b77.jar 2013-10-05 13:18 - 2013-10-05 13:19 - 00291854 _____ C:\Users\Erni\Downloads\1.6.4 DamageIndicators v2.9.0.9.zip 2013-10-05 13:18 - 2013-10-05 13:18 - 00577435 _____ C:\Users\Erni\Downloads\TheCampingMod_1.0.2f.jar 2013-10-05 13:06 - 2013-10-05 13:06 - 02290245 _____ C:\Users\Erni\Downloads\PetBuddy 1.6.2 v2.zip 2013-10-05 13:06 - 2013-10-05 13:06 - 00712926 _____ C:\Users\Erni\Downloads\TuxWeapons 0.3 (2).jar 2013-10-05 13:04 - 2013-10-05 13:04 - 00857026 _____ C:\Users\Erni\Downloads\[Forge]FurnitureModv3.1.1(1.6.4).zip 2013-10-05 13:03 - 2013-10-05 13:04 - 05412602 _____ C:\Users\Erni\Downloads\Minions_1.6.2.zip 2013-10-05 12:38 - 2013-10-05 12:38 - 00182824 _____ C:\Users\Erni\Downloads\ModLoader.zip 2013-10-05 12:33 - 2013-10-05 12:33 - 00396525 _____ C:\Users\Erni\Downloads\OptiFine_1.6.2_HD_C4 (1).jar 2013-10-05 12:32 - 2013-10-05 12:32 - 00255630 _____ C:\Users\Erni\Downloads\[1.6.4]ReiMinimap_v3.4_01.zip 2013-10-05 12:10 - 2013-10-05 12:12 - 50107976 _____ (Adobe Systems Incorporated) C:\Users\Erni\Downloads\AdbeRdr11003_en_US.exe 2013-10-04 22:03 - 2013-10-04 22:03 - 54666245 _____ C:\Users\Erni\Desktop\minecraft162 (1).rar 2013-10-04 22:00 - 2013-10-04 22:03 - 54666245 _____ C:\Users\Erni\Downloads\minecraft162 (1).rar 2013-10-04 22:00 - 2013-10-04 22:01 - 00367014 _____ (http://magiclauncher.com) C:\Users\Erni\Downloads\MagicLauncher_1.1.6 (1).exe ==================== One Month Modified Files and Folders ======= 2013-10-29 14:30 - 2013-10-29 14:30 - 00000000 ___DC C:\FRST 2013-10-29 14:28 - 2013-02-05 16:32 - 00004085 _____ C:\Windows\setupact.log 2013-10-29 14:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-28 21:41 - 2011-09-04 13:45 - 01426545 _____ C:\Windows\WindowsUpdate.log 2013-10-28 21:40 - 2011-03-11 17:30 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-338348056-1139113899-2560991931-1001UA.job 2013-10-28 21:31 - 2013-10-28 21:31 - 00000000 __SDC C:\ComboFix 2013-10-28 21:31 - 2013-10-28 21:23 - 00000000 ___DC C:\Qoobox 2013-10-28 21:26 - 2009-07-14 18:55 - 00739524 _____ C:\Windows\system32\perfh015.dat 2013-10-28 21:26 - 2009-07-14 18:55 - 00155282 _____ C:\Windows\system32\perfc015.dat 2013-10-28 21:26 - 2009-07-14 06:13 - 01663484 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-28 21:26 - 2009-07-14 05:45 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-28 21:26 - 2009-07-14 05:45 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-28 21:02 - 2011-02-10 18:37 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-28 20:49 - 2013-10-28 20:49 - 00000000 ____D C:\Windows\ERDNT 2013-10-28 19:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2013-10-28 15:35 - 2011-01-18 15:19 - 00001769 _____ C:\Windows\Language_trs.ini 2013-10-28 15:33 - 2013-10-28 15:31 - 00000000 ____D C:\Windows\System32\Tasks\ASUS 2013-10-28 15:33 - 2013-10-28 15:30 - 00000000 ____D C:\Program Files (x86)\ASUS 2013-10-28 15:33 - 2011-01-18 15:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-28 15:27 - 2011-01-18 15:19 - 00018336 _____ C:\Windows\Ascd_tmp.ini 2013-10-27 21:17 - 2013-10-26 09:32 - 00008784 _____ C:\Windows\diagwrn.xml 2013-10-27 21:17 - 2013-10-26 09:32 - 00001890 _____ C:\Windows\diagerr.xml 2013-10-27 20:48 - 2013-10-27 20:26 - 00002304 _____ C:\Windows\CompatibilityIssues.txt 2013-10-27 20:32 - 2011-09-04 14:02 - 00000000 _____ C:\Windows\setuperr.log 2013-10-26 13:20 - 2011-12-01 14:48 - 00261638 _____ C:\Windows\PFRO.log 2013-10-26 13:10 - 2013-10-26 13:10 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll 2013-10-26 13:03 - 2013-10-26 13:08 - 79946859 _____ C:\Users\Administrator\Desktop\VIA_Audio_V6018700a_XpVistaWin7.zip 2013-10-26 13:03 - 2013-10-26 13:08 - 76416062 _____ C:\Users\Administrator\Desktop\VIA_Audio_V6018300_XpVistaWin7.zip 2013-10-26 12:58 - 2013-10-26 13:08 - 05966207 _____ C:\Users\Administrator\Desktop\RTL8112L_V768202009_WIN7.zip 2013-10-26 12:58 - 2013-10-26 13:08 - 00037807 _____ C:\Users\Administrator\Desktop\BUPDATER_V112.zip 2013-10-26 12:57 - 2013-10-26 13:08 - 05882558 _____ C:\Users\Administrator\Desktop\Intel_chipset_V9111025.zip 2013-10-26 12:41 - 2013-10-26 12:41 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Opera Software 2013-10-26 12:41 - 2013-10-26 12:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Opera Software 2013-10-26 12:41 - 2012-06-27 16:30 - 00000000 ___RD C:\Users\Administrator\Virtual Machines 2013-10-26 12:41 - 2011-02-28 20:38 - 00001421 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-26 12:41 - 2011-02-28 20:38 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-26 12:41 - 2011-02-28 20:38 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-26 11:57 - 2011-02-10 18:37 - 00000000 ____D C:\Program Files\Google 2013-10-26 11:57 - 2011-02-10 18:36 - 00000000 ____D C:\Program Files (x86)\Google 2013-10-26 11:18 - 2011-01-18 19:08 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2013-10-26 11:15 - 2011-02-03 17:47 - 00000551 _____ C:\Windows\disney.ini 2013-10-26 11:15 - 2011-02-02 16:53 - 00000000 ____D C:\Program Files (x86)\Disney Interactive Studios 2013-10-26 11:14 - 2011-02-03 17:53 - 00000000 ____D C:\Users\Erni\AppData\Roaming\Disney Interactive Studios 2013-10-26 11:11 - 2013-01-20 16:29 - 00000000 ____D C:\Program Files (x86)\Call of Duty 2013-10-26 11:10 - 2012-09-02 18:01 - 00000000 ____D C:\Program Files (x86)\Steam 2013-10-26 11:09 - 2011-02-10 18:37 - 00000000 ____D C:\Users\Erni\AppData\Local\Google 2013-10-26 11:09 - 2011-02-10 18:36 - 00000000 ____D C:\ProgramData\Google 2013-10-26 10:58 - 2011-01-18 15:49 - 00061992 _____ C:\Users\Erni\AppData\Local\GDIPFONTCACHEV1.DAT 2013-10-26 10:55 - 2009-07-14 05:45 - 00292768 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-26 10:44 - 2013-10-26 10:30 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE 2013-10-26 10:29 - 2013-10-26 10:29 - 00000207 _____ C:\Windows\tweaking.com-regbackup-ERNI-KOMPUTER--(64-bit).dat 2013-10-26 10:26 - 2013-10-26 10:26 - 00000000 ___DC C:\RegBackup 2013-10-26 10:23 - 2013-10-26 10:23 - 00000000 ____D C:\Program Files (x86)\Tweaking.com 2013-10-26 09:10 - 2011-01-18 15:20 - 00000000 ____D C:\Program Files (x86)\Intel 2013-10-26 09:05 - 2013-10-26 09:04 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security 2013-10-26 09:05 - 2011-05-20 20:11 - 00000000 ____D C:\Windows\system32\Drivers\NISx64 2013-10-26 09:04 - 2011-05-20 20:12 - 00000000 ____D C:\ProgramData\Norton 2013-10-26 09:04 - 2011-01-18 15:20 - 00025798 _____ C:\Windows\Ascd_log.ini 2013-10-23 18:20 - 2013-10-23 18:20 - 00000000 ____D C:\Users\Erni\AppData\Roaming\iSafe 2013-10-23 16:15 - 2013-10-05 20:49 - 00000000 ____D C:\Program Files (x86)\Opera 2013-10-23 14:15 - 2012-11-04 14:54 - 00000000 ____D C:\Program Files (x86)\Origin 2013-10-23 13:30 - 2011-01-18 20:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-10-23 13:28 - 2013-07-02 09:46 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-10-23 13:26 - 2013-10-23 13:25 - 27923456 _____ C:\Users\Erni\Desktop\PhysX-9.13.0725-SystemSoftware.msi 2013-10-23 13:25 - 2011-01-18 19:15 - 00000000 ____D C:\Users\Erni\AppData\Local\CrashDumps 2013-10-19 18:55 - 2013-10-05 13:53 - 00000000 ____D C:\Users\Erni\AppData\Roaming\.minecraft 2013-10-19 18:06 - 2011-07-11 16:50 - 00000264 _____ C:\Windows\Tasks\RMSchedule.job 2013-10-18 19:54 - 2013-10-18 19:53 - 01581717 _____ C:\Users\Erni\Desktop\Blog_Paper_Toy_papertoy_Gears_Monsuta_templates.zip 2013-10-18 13:07 - 2013-07-29 13:01 - 00000104 _____ C:\Users\Erni\AppData\Roaming\WB.CFG 2013-10-18 13:07 - 2013-06-14 13:01 - 00000006 _____ C:\Users\Erni\AppData\Roaming\WBPU-TTL.DAT 2013-10-18 12:41 - 2013-10-18 12:41 - 00001002 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-338348056-1139113899-2560991931-1001Core1cecbf6fbdefece.job 2013-10-14 16:52 - 2013-10-14 16:52 - 00000000 ____D C:\Program Files (x86)\Panda Security 2013-10-14 16:50 - 2013-10-14 16:49 - 29527448 _____ (Panda Security ) C:\Users\Erni\Downloads\PandaCloudCleaner.exe 2013-10-14 16:42 - 2011-01-18 15:52 - 00007674 _____ C:\Users\Erni\AppData\Local\Resmon.ResmonCfg 2013-10-14 11:03 - 2013-10-14 11:03 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec8c495306170.job 2013-10-13 21:39 - 2013-09-06 18:39 - 00000000 ____D C:\Users\Erni\AppData\Roaming\Skype 2013-10-12 09:20 - 2013-03-13 22:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-12 09:20 - 2013-03-13 22:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-12 01:06 - 2012-03-18 15:40 - 01642084 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-10-11 16:43 - 2013-02-28 21:18 - 00000000 ____D C:\Users\Erni\Desktop\sandtrack 2013-10-11 14:56 - 2013-09-21 16:52 - 00001067 _____ C:\Users\Public\Desktop\Gameforge Live.lnk 2013-10-11 14:56 - 2013-09-21 16:52 - 00000000 ____D C:\Program Files (x86)\GameforgeLive 2013-10-11 14:29 - 2013-07-25 00:02 - 00000000 ____D C:\Windows\system32\MRT 2013-10-11 14:25 - 2011-01-18 17:24 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-10-11 13:27 - 2013-10-11 13:27 - 00000000 __SHD C:\found.004 2013-10-11 13:02 - 2011-01-18 15:14 - 00000000 ____D C:\Users\Erni 2013-10-06 11:15 - 2013-10-06 11:15 - 00001330 _____ C:\Users\Erni\Desktop\Sound Recorder.lnk 2013-10-06 10:17 - 2013-02-08 21:41 - 00584015 _____ C:\Windows\DirectX.log 2013-10-05 23:02 - 2013-10-05 23:02 - 00000000 ____D C:\Users\Erni\AppData\Local\avgchrome 2013-10-05 20:49 - 2013-10-05 20:49 - 00001129 _____ C:\Users\Public\Desktop\Opera.lnk 2013-10-05 20:49 - 2013-10-05 20:49 - 00000000 ____D C:\Users\Erni\AppData\Roaming\Opera Software 2013-10-05 20:49 - 2013-10-05 20:49 - 00000000 ____D C:\Users\Erni\AppData\Local\Opera Software 2013-10-05 20:48 - 2013-10-05 20:48 - 32097512 _____ (Opera Software ASA) C:\Users\Erni\Downloads\Opera_16.0.1196.80_Setup.exe 2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Users\Erni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard 2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\ProgramData\BitGuard 2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-05 20:46 - 2013-10-05 20:46 - 00685248 _____ C:\Users\Erni\Desktop\Opera(12614).exe 2013-10-05 20:46 - 2013-10-05 20:46 - 00000000 ____D C:\ProgramData\Babylon 2013-10-05 20:46 - 2013-10-05 20:45 - 00685248 _____ C:\Users\Erni\Downloads\Opera(12614).exe 2013-10-05 14:08 - 2013-02-23 15:32 - 00000000 ____D C:\Users\Erni\Desktop\gry 2013-10-05 13:53 - 2013-10-05 13:53 - 00000968 _____ C:\Users\Public\Desktop\Minecraft .lnk 2013-10-05 13:51 - 2013-10-05 13:49 - 42971671 _____ (hajducek ) C:\Users\Erni\Downloads\MinecraftSP.exe 2013-10-05 13:47 - 2013-10-05 14:02 - 00242335 _____ C:\Users\Erni\Desktop\Minecraft 1.6.1 (1).rar 2013-10-05 13:47 - 2013-10-05 13:47 - 00242335 _____ C:\Users\Erni\Downloads\Minecraft 1.6.1 (1).rar 2013-10-05 13:39 - 2013-10-05 13:39 - 00367332 _____ (http://magiclauncher.com) C:\Users\Erni\Downloads\MagicLauncher_1.1.7 (1).exe 2013-10-05 13:29 - 2013-10-05 13:30 - 02198654 _____ C:\Users\Erni\Desktop\minecraftforge-installer-1.6.2-9.10.1.861.jar 2013-10-05 13:29 - 2013-10-05 13:29 - 02198654 _____ C:\Users\Erni\Downloads\minecraftforge-installer-1.6.2-9.10.1.861.jar 2013-10-05 13:28 - 2013-10-05 13:28 - 00367332 _____ (http://magiclauncher.com) C:\Users\Erni\Downloads\MagicLauncher_1.1.7.exe 2013-10-05 13:27 - 2013-10-05 13:27 - 00255632 _____ C:\Users\Erni\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip 2013-10-05 13:27 - 2013-10-05 13:27 - 00191853 _____ C:\Users\Erni\Downloads\InventoryTweaks-MC1.6.2-1.56-b77.jar 2013-10-05 13:25 - 2013-09-14 20:52 - 00000000 ____D C:\Users\Erni\Desktop\saves 2013-10-05 13:19 - 2013-10-05 13:18 - 00291854 _____ C:\Users\Erni\Downloads\1.6.4 DamageIndicators v2.9.0.9.zip 2013-10-05 13:18 - 2013-10-05 13:18 - 00577435 _____ C:\Users\Erni\Downloads\TheCampingMod_1.0.2f.jar 2013-10-05 13:06 - 2013-10-05 13:06 - 02290245 _____ C:\Users\Erni\Downloads\PetBuddy 1.6.2 v2.zip 2013-10-05 13:06 - 2013-10-05 13:06 - 00712926 _____ C:\Users\Erni\Downloads\TuxWeapons 0.3 (2).jar 2013-10-05 13:04 - 2013-10-05 13:04 - 00857026 _____ C:\Users\Erni\Downloads\[Forge]FurnitureModv3.1.1(1.6.4).zip 2013-10-05 13:04 - 2013-10-05 13:03 - 05412602 _____ C:\Users\Erni\Downloads\Minions_1.6.2.zip 2013-10-05 12:38 - 2013-10-05 12:38 - 00182824 _____ C:\Users\Erni\Downloads\ModLoader.zip 2013-10-05 12:33 - 2013-10-05 12:33 - 00396525 _____ C:\Users\Erni\Downloads\OptiFine_1.6.2_HD_C4 (1).jar 2013-10-05 12:32 - 2013-10-05 12:32 - 00255630 _____ C:\Users\Erni\Downloads\[1.6.4]ReiMinimap_v3.4_01.zip 2013-10-05 12:12 - 2013-10-05 12:10 - 50107976 _____ (Adobe Systems Incorporated) C:\Users\Erni\Downloads\AdbeRdr11003_en_US.exe 2013-10-05 12:10 - 2011-01-24 13:14 - 00000000 ____D C:\Users\Erni\AppData\Local\Adobe 2013-10-05 12:08 - 2013-02-26 17:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-05 12:08 - 2013-02-26 17:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-04 22:03 - 2013-10-04 22:03 - 54666245 _____ C:\Users\Erni\Desktop\minecraft162 (1).rar 2013-10-04 22:03 - 2013-10-04 22:00 - 54666245 _____ C:\Users\Erni\Downloads\minecraft162 (1).rar 2013-10-04 22:01 - 2013-10-04 22:00 - 00367014 _____ (http://magiclauncher.com) C:\Users\Erni\Downloads\MagicLauncher_1.1.6 (1).exe Some content of TEMP: ==================== C:\Users\Erni\AppData\Local\Temp\AutoRun.exe C:\Users\Erni\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Erni\AppData\Local\Temp\comver.dll C:\Users\Erni\AppData\Local\Temp\EAInstall.dll C:\Users\Erni\AppData\Local\Temp\eauninstall.exe C:\Users\Erni\AppData\Local\Temp\fx-runtime.exe C:\Users\Erni\AppData\Local\Temp\InstStub.exe C:\Users\Erni\AppData\Local\Temp\MSN9359.exe C:\Users\Erni\AppData\Local\Temp\msvcp60.dll C:\Users\Erni\AppData\Local\Temp\nsu6069.exe C:\Users\Erni\AppData\Local\Temp\nsuDE10.exe C:\Users\Erni\AppData\Local\Temp\nvStInst.exe C:\Users\Erni\AppData\Local\Temp\QtraxNotification.exe C:\Users\Erni\AppData\Local\Temp\sonarinst.exe C:\Users\Erni\AppData\Local\Temp\twapi-2.0a2.dll C:\Users\Erni\AppData\Local\Temp\uninst1.exe C:\Users\Erni\AppData\Local\Temp\Uninstall.exe C:\Users\Erni\AppData\Local\Temp\_is13FD.exe C:\Users\Erni\AppData\Local\Temp\_is49BC.exe C:\Users\Erni\AppData\Local\Temp\_is7B49.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-28 15:54 ==================== End Of Log ============================