Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2013
Ran by Erni (administrator) on ERNI-KOMPUTER on 01-11-2013 14:54:48
Running from C:\Users\Erni\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(OldTimer Tools) C:\Users\Erni\Desktop\OTL.scr

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [Google Update] - C:\Users\Erni\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-02-10] (Google Inc.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: F - F:\Bin\ASSETUP.exe
MountPoints2: {c9b54d03-2307-11e0-a448-806e6f6e6963} - F:\Bin\ASSETUP.exe
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [EaseUS EPM tray] - E:\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe [2086984 2012-11-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StereoLinksInstall] - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [1041696 2013-01-18] (NVIDIA Corporation)
HKU\Administrator\...\Run: [TBPanel] - C:\Program Files (x86)\Vtune\TBPANEL.exe [2158592 2010-10-22] ()
HKU\Administrator\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Administrator\...\Policies\system: [LogonHoursAction] 2
HKU\Administrator\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
SearchScopes: HKCU - {0DF62BFA-728C-4079-B7A2-3E3D7F485A7E} URL = http://www.allegro.pl/search.php?sg=0&string={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1      www.pobieraczek.pl
Tcpip\Parameters: [DhcpNameServer] 178.212.48.1 192.168.0.1

Chrome: 
=======
CHR Extension: (http://arhn.eu/giveaway/) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bklblelhahoiienakgjfhoapbeaoakmn\2013.3.13.41477_0
CHR Extension: (YouTube) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (http://paper-replika.com/index.php?option=com) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnadhngngihfonglbfhiigbbmkinpheg\2013.3.13.41568_0
CHR Extension: (http://www.thinkgeek.com/product/e970/?cpg=16) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabfkhmlpocgpkpgphleeggjennhoeoi\2013.3.13.41481_0
CHR Extension: (http://www.pa-troll.pl/) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcpfmakcbobbmdpcfblinlpgfgohljej\2013.3.13.41733_0
CHR Extension: (https://www.humblebundle.com/downloads?key=y8) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbgofonleappfndnonpicpbfcefafij\2013.3.13.41522_0
CHR Extension: (Meme Town) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmmboocagmacdceaafpankfaofegpldm\1_0
CHR Extension: (https://sko.pkobp.pl/) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lefckglladonmhahfnofnflechmamhkm\2013.3.13.41467_0
CHR Extension: (http://www.thinkgeek.com/product/9d5f/) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkfkcmjfedhkgjbmfkapkbljgalchmbg\2013.9.21.48149_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Erni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR StartMenuInternet: Google Chrome - C:\Users\Erni\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S4 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-07] ()
S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [x]
S2 UNS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [x]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-03-31] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2012-12-21] ()
S3 epmntdrv; C:\Windows\SysWow64\epmntdrv.sys [14920 2012-12-21] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2012-12-21] ()
S3 EuGdiDrv; C:\Windows\SysWow64\EuGdiDrv.sys [9160 2012-12-21] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
S3 SaiK1708; C:\Windows\System32\DRIVERS\SaiK1708.sys [180544 2012-09-20] (Saitek)
S3 SaiU1708; C:\Windows\System32\DRIVERS\SaiU1708.sys [47168 2012-09-20] (Saitek)
S3 TBPanel; No ImagePath
S0 97019336; system32\drivers\97765002.sys [x]
S3 RTL8169; system32\DRIVERS\Rtlh64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 VIAHdAudAddService; system32\drivers\viahduaa.sys [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-01 14:44 - 2013-11-01 14:44 - 00082328 _____ C:\Users\Erni\Desktop\OTL.Txt
2013-11-01 14:22 - 2012-09-10 22:23 - 00559528 _____ (Helge Klein) C:\Windows\SetACL.exe
2013-11-01 13:53 - 2013-11-01 14:04 - 00000000 ____D C:\Users\Erni\Desktop\setacl
2013-11-01 13:53 - 2013-11-01 13:53 - 00000000 ____D C:\Windows\64 bit
2013-11-01 13:53 - 2013-11-01 13:53 - 00000000 ____D C:\Users\Erni\Desktop\32 bit
2013-11-01 13:53 - 2013-11-01 13:51 - 00003476 _____ C:\fix2.txt
2013-11-01 13:53 - 2013-11-01 13:50 - 00001782 _____ C:\fix1.txt
2013-11-01 13:53 - 2013-11-01 13:49 - 00001119 _____ C:\fix.txt
2013-11-01 13:20 - 2013-11-01 13:20 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2013-11-01 13:19 - 2013-11-01 13:19 - 00002817 _____ C:\Users\Erni\Desktop\AdwCleaner[S0].txt
2013-11-01 13:12 - 2013-11-01 13:15 - 00000000 ___DC C:\AdwCleaner
2013-11-01 12:50 - 2013-10-31 18:12 - 00602112 _____ (OldTimer Tools) C:\Users\Erni\Desktop\OTL.scr
2013-11-01 12:50 - 2013-10-31 18:07 - 00448512 _____ (OldTimer Tools) C:\Users\Erni\Desktop\TFC.exe
2013-11-01 12:49 - 2013-10-31 18:11 - 01956614 _____ (Farbar) C:\Users\Erni\Desktop\FRST64.exe
2013-11-01 12:49 - 2013-10-31 18:08 - 01060070 _____ C:\Users\Erni\Desktop\AdwCleaner.exe
2013-10-29 14:52 - 2013-10-29 14:52 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-10-29 14:30 - 2013-10-29 14:30 - 00000000 ___DC C:\FRST
2013-10-28 21:23 - 2013-10-28 21:31 - 00000000 ___DC C:\Qoobox
2013-10-28 20:49 - 2013-10-28 20:49 - 00000000 ____D C:\Windows\ERDNT
2013-10-28 15:31 - 2013-10-28 15:33 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2013-10-28 15:30 - 2013-10-28 15:33 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-10-28 15:30 - 2009-09-30 04:33 - 00024576 ____R () C:\Windows\SysWOW64\AsIO.dll
2013-10-28 15:30 - 2009-08-04 03:28 - 00013440 ____R C:\Windows\SysWOW64\Drivers\AsIO.sys
2013-10-28 15:30 - 2008-01-04 13:34 - 00011832 _____ C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2013-10-28 15:30 - 2008-01-04 13:34 - 00010216 _____ C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys
2013-10-28 15:28 - 2010-07-09 09:11 - 00000000 ____D C:\Windows\AsDmiHtm
2013-10-27 20:26 - 2013-10-27 20:48 - 00002304 _____ C:\Windows\CompatibilityIssues.txt
2013-10-26 13:15 - 2009-03-05 13:54 - 00067584 _____ C:\Windows\system32\RtNicProp64.dll
2013-10-26 13:13 - 2010-02-02 13:53 - 00000000 ____D C:\Users\Administrator\Desktop\Intel_chipset_V9111025
2013-10-26 13:10 - 2013-10-26 13:10 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2013-10-26 13:10 - 2009-11-05 08:53 - 00000000 ____D C:\Users\Administrator\Desktop\RTL8112L_V768202009_WIN7
2013-10-26 13:08 - 2013-10-26 13:03 - 79946859 _____ C:\Users\Administrator\Desktop\VIA_Audio_V6018700a_XpVistaWin7.zip
2013-10-26 13:08 - 2013-10-26 13:03 - 76416062 _____ C:\Users\Administrator\Desktop\VIA_Audio_V6018300_XpVistaWin7.zip
2013-10-26 13:08 - 2013-10-26 12:58 - 05966207 _____ C:\Users\Administrator\Desktop\RTL8112L_V768202009_WIN7.zip
2013-10-26 13:08 - 2013-10-26 12:58 - 00037807 _____ C:\Users\Administrator\Desktop\BUPDATER_V112.zip
2013-10-26 13:08 - 2013-10-26 12:57 - 05882558 _____ C:\Users\Administrator\Desktop\Intel_chipset_V9111025.zip
2013-10-26 12:41 - 2013-10-26 12:41 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Opera Software
2013-10-26 12:41 - 2013-10-26 12:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Opera Software
2013-10-26 10:30 - 2013-10-26 10:44 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-10-26 10:29 - 2013-10-26 10:29 - 00000207 _____ C:\Windows\tweaking.com-regbackup-ERNI-KOMPUTER--(64-bit).dat
2013-10-26 10:26 - 2013-10-26 10:26 - 00000000 ___DC C:\RegBackup
2013-10-26 10:23 - 2013-10-26 10:23 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-10-26 09:32 - 2013-10-27 21:17 - 00008784 _____ C:\Windows\diagwrn.xml
2013-10-26 09:32 - 2013-10-27 21:17 - 00001890 _____ C:\Windows\diagerr.xml
2013-10-23 18:20 - 2013-10-23 18:20 - 00000000 ____D C:\Users\Erni\AppData\Roaming\iSafe
2013-10-23 13:25 - 2013-10-23 13:26 - 27923456 _____ C:\Users\Erni\Desktop\PhysX-9.13.0725-SystemSoftware.msi
2013-10-18 19:53 - 2013-10-18 19:54 - 01581717 _____ C:\Users\Erni\Desktop\Blog_Paper_Toy_papertoy_Gears_Monsuta_templates.zip
2013-10-18 12:41 - 2013-10-18 12:41 - 00001002 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-338348056-1139113899-2560991931-1001Core1cecbf6fbdefece.job
2013-10-14 16:54 - 2013-04-29 08:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2013-10-14 16:49 - 2013-10-14 16:50 - 29527448 _____ (Panda Security                                              ) C:\Users\Erni\Downloads\PandaCloudCleaner.exe
2013-10-14 11:03 - 2013-10-14 11:03 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec8c495306170.job
2013-10-11 13:27 - 2013-10-11 13:27 - 00000000 __SHD C:\found.004
2013-10-06 11:15 - 2013-10-06 11:15 - 00001330 _____ C:\Users\Erni\Desktop\Sound Recorder.lnk
2013-10-05 20:49 - 2013-10-23 16:15 - 00000000 ____D C:\Program Files (x86)\Opera
2013-10-05 20:49 - 2013-10-05 20:49 - 00001129 _____ C:\Users\Public\Desktop\Opera.lnk
2013-10-05 20:49 - 2013-10-05 20:49 - 00000000 ____D C:\Users\Erni\AppData\Roaming\Opera Software
2013-10-05 20:49 - 2013-10-05 20:49 - 00000000 ____D C:\Users\Erni\AppData\Local\Opera Software
2013-10-05 20:48 - 2013-10-05 20:48 - 32097512 _____ (Opera Software ASA) C:\Users\Erni\Downloads\Opera_16.0.1196.80_Setup.exe
2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-05 20:46 - 2013-10-05 20:46 - 00685248 _____ C:\Users\Erni\Desktop\Opera(12614).exe
2013-10-05 20:45 - 2013-10-05 20:46 - 00685248 _____ C:\Users\Erni\Downloads\Opera(12614).exe
2013-10-05 14:02 - 2013-10-05 13:47 - 00242335 _____ C:\Users\Erni\Desktop\Minecraft 1.6.1 (1).rar
2013-10-05 13:53 - 2013-10-19 18:55 - 00000000 ____D C:\Users\Erni\AppData\Roaming\.minecraft
2013-10-05 13:53 - 2013-10-05 13:53 - 00000968 _____ C:\Users\Public\Desktop\Minecraft .lnk
2013-10-05 13:49 - 2013-10-05 13:51 - 42971671 _____ (hajducek                                                    ) C:\Users\Erni\Downloads\MinecraftSP.exe
2013-10-05 13:47 - 2013-10-05 13:47 - 00242335 _____ C:\Users\Erni\Downloads\Minecraft 1.6.1 (1).rar
2013-10-05 13:39 - 2013-10-05 13:39 - 00367332 _____ (http://magiclauncher.com) C:\Users\Erni\Downloads\MagicLauncher_1.1.7 (1).exe
2013-10-05 13:30 - 2013-10-05 13:29 - 02198654 _____ C:\Users\Erni\Desktop\minecraftforge-installer-1.6.2-9.10.1.861.jar
2013-10-05 13:29 - 2013-10-05 13:29 - 02198654 _____ C:\Users\Erni\Downloads\minecraftforge-installer-1.6.2-9.10.1.861.jar
2013-10-05 13:28 - 2013-10-05 13:28 - 00367332 _____ (http://magiclauncher.com) C:\Users\Erni\Downloads\MagicLauncher_1.1.7.exe
2013-10-05 13:27 - 2013-10-05 13:27 - 00255632 _____ C:\Users\Erni\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip
2013-10-05 13:27 - 2013-10-05 13:27 - 00191853 _____ C:\Users\Erni\Downloads\InventoryTweaks-MC1.6.2-1.56-b77.jar
2013-10-05 13:18 - 2013-10-05 13:19 - 00291854 _____ C:\Users\Erni\Downloads\1.6.4 DamageIndicators v2.9.0.9.zip
2013-10-05 13:18 - 2013-10-05 13:18 - 00577435 _____ C:\Users\Erni\Downloads\TheCampingMod_1.0.2f.jar
2013-10-05 13:06 - 2013-10-05 13:06 - 02290245 _____ C:\Users\Erni\Downloads\PetBuddy 1.6.2 v2.zip
2013-10-05 13:06 - 2013-10-05 13:06 - 00712926 _____ C:\Users\Erni\Downloads\TuxWeapons 0.3 (2).jar
2013-10-05 13:04 - 2013-10-05 13:04 - 00857026 _____ C:\Users\Erni\Downloads\[Forge]FurnitureModv3.1.1(1.6.4).zip
2013-10-05 13:03 - 2013-10-05 13:04 - 05412602 _____ C:\Users\Erni\Downloads\Minions_1.6.2.zip
2013-10-05 12:38 - 2013-10-05 12:38 - 00182824 _____ C:\Users\Erni\Downloads\ModLoader.zip
2013-10-05 12:33 - 2013-10-05 12:33 - 00396525 _____ C:\Users\Erni\Downloads\OptiFine_1.6.2_HD_C4 (1).jar
2013-10-05 12:32 - 2013-10-05 12:32 - 00255630 _____ C:\Users\Erni\Downloads\[1.6.4]ReiMinimap_v3.4_01.zip
2013-10-05 12:10 - 2013-10-05 12:12 - 50107976 _____ (Adobe Systems Incorporated) C:\Users\Erni\Downloads\AdbeRdr11003_en_US.exe
2013-10-04 22:03 - 2013-10-04 22:03 - 54666245 _____ C:\Users\Erni\Desktop\minecraft162 (1).rar
2013-10-04 22:00 - 2013-10-04 22:03 - 54666245 _____ C:\Users\Erni\Downloads\minecraft162 (1).rar
2013-10-04 22:00 - 2013-10-04 22:01 - 00367014 _____ (http://magiclauncher.com) C:\Users\Erni\Downloads\MagicLauncher_1.1.6 (1).exe

==================== One Month Modified Files and Folders =======

2013-11-01 14:44 - 2013-11-01 14:44 - 00082328 _____ C:\Users\Erni\Desktop\OTL.Txt
2013-11-01 14:40 - 2011-03-11 17:30 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-338348056-1139113899-2560991931-1001UA.job
2013-11-01 14:38 - 2009-07-14 18:55 - 00739524 _____ C:\Windows\system32\perfh015.dat
2013-11-01 14:38 - 2009-07-14 18:55 - 00155282 _____ C:\Windows\system32\perfc015.dat
2013-11-01 14:38 - 2009-07-14 06:13 - 01663484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-01 14:38 - 2009-07-14 05:45 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-01 14:38 - 2009-07-14 05:45 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-01 14:37 - 2011-09-04 13:45 - 01330595 _____ C:\Windows\WindowsUpdate.log
2013-11-01 14:30 - 2013-02-05 16:32 - 00004869 _____ C:\Windows\setupact.log
2013-11-01 14:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-01 14:04 - 2013-11-01 13:53 - 00000000 ____D C:\Users\Erni\Desktop\setacl
2013-11-01 13:53 - 2013-11-01 13:53 - 00000000 ____D C:\Windows\64 bit
2013-11-01 13:53 - 2013-11-01 13:53 - 00000000 ____D C:\Users\Erni\Desktop\32 bit
2013-11-01 13:51 - 2013-11-01 13:53 - 00003476 _____ C:\fix2.txt
2013-11-01 13:50 - 2013-11-01 13:53 - 00001782 _____ C:\fix1.txt
2013-11-01 13:49 - 2013-11-01 13:53 - 00001119 _____ C:\fix.txt
2013-11-01 13:44 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-01 13:20 - 2013-11-01 13:20 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2013-11-01 13:19 - 2013-11-01 13:19 - 00002817 _____ C:\Users\Erni\Desktop\AdwCleaner[S0].txt
2013-11-01 13:15 - 2013-11-01 13:12 - 00000000 ___DC C:\AdwCleaner
2013-11-01 13:15 - 2011-01-18 15:14 - 00000000 ____D C:\Users\Erni
2013-10-31 18:12 - 2013-11-01 12:50 - 00602112 _____ (OldTimer Tools) C:\Users\Erni\Desktop\OTL.scr
2013-10-31 18:11 - 2013-11-01 12:49 - 01956614 _____ (Farbar) C:\Users\Erni\Desktop\FRST64.exe
2013-10-31 18:08 - 2013-11-01 12:49 - 01060070 _____ C:\Users\Erni\Desktop\AdwCleaner.exe
2013-10-31 18:07 - 2013-11-01 12:50 - 00448512 _____ (OldTimer Tools) C:\Users\Erni\Desktop\TFC.exe
2013-10-30 18:33 - 2011-12-01 14:48 - 00282656 _____ C:\Windows\PFRO.log
2013-10-29 21:31 - 2011-07-11 16:50 - 00000264 _____ C:\Windows\Tasks\RMSchedule.job
2013-10-29 14:52 - 2013-10-29 14:52 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-10-29 14:30 - 2013-10-29 14:30 - 00000000 ___DC C:\FRST
2013-10-28 21:31 - 2013-10-28 21:23 - 00000000 ___DC C:\Qoobox
2013-10-28 20:49 - 2013-10-28 20:49 - 00000000 ____D C:\Windows\ERDNT
2013-10-28 19:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-28 15:35 - 2011-01-18 15:19 - 00001769 _____ C:\Windows\Language_trs.ini
2013-10-28 15:33 - 2013-10-28 15:31 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2013-10-28 15:33 - 2013-10-28 15:30 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-10-28 15:33 - 2011-01-18 15:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-28 15:27 - 2011-01-18 15:19 - 00018336 _____ C:\Windows\Ascd_tmp.ini
2013-10-27 21:17 - 2013-10-26 09:32 - 00008784 _____ C:\Windows\diagwrn.xml
2013-10-27 21:17 - 2013-10-26 09:32 - 00001890 _____ C:\Windows\diagerr.xml
2013-10-27 20:48 - 2013-10-27 20:26 - 00002304 _____ C:\Windows\CompatibilityIssues.txt
2013-10-27 20:32 - 2011-09-04 14:02 - 00000000 _____ C:\Windows\setuperr.log
2013-10-26 13:10 - 2013-10-26 13:10 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2013-10-26 13:03 - 2013-10-26 13:08 - 79946859 _____ C:\Users\Administrator\Desktop\VIA_Audio_V6018700a_XpVistaWin7.zip
2013-10-26 13:03 - 2013-10-26 13:08 - 76416062 _____ C:\Users\Administrator\Desktop\VIA_Audio_V6018300_XpVistaWin7.zip
2013-10-26 12:58 - 2013-10-26 13:08 - 05966207 _____ C:\Users\Administrator\Desktop\RTL8112L_V768202009_WIN7.zip
2013-10-26 12:58 - 2013-10-26 13:08 - 00037807 _____ C:\Users\Administrator\Desktop\BUPDATER_V112.zip
2013-10-26 12:57 - 2013-10-26 13:08 - 05882558 _____ C:\Users\Administrator\Desktop\Intel_chipset_V9111025.zip
2013-10-26 12:41 - 2013-10-26 12:41 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Opera Software
2013-10-26 12:41 - 2013-10-26 12:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Opera Software
2013-10-26 12:41 - 2012-06-27 16:30 - 00000000 ___RD C:\Users\Administrator\Virtual Machines
2013-10-26 12:41 - 2011-02-28 20:38 - 00001421 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-26 12:41 - 2011-02-28 20:38 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-26 12:41 - 2011-02-28 20:38 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-26 11:57 - 2011-02-10 18:37 - 00000000 ____D C:\Program Files\Google
2013-10-26 11:57 - 2011-02-10 18:36 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-26 11:18 - 2011-01-18 19:08 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-10-26 11:15 - 2011-02-03 17:47 - 00000551 _____ C:\Windows\disney.ini
2013-10-26 11:15 - 2011-02-02 16:53 - 00000000 ____D C:\Program Files (x86)\Disney Interactive Studios
2013-10-26 11:14 - 2011-02-03 17:53 - 00000000 ____D C:\Users\Erni\AppData\Roaming\Disney Interactive Studios
2013-10-26 11:11 - 2013-01-20 16:29 - 00000000 ____D C:\Program Files (x86)\Call of Duty
2013-10-26 11:10 - 2012-09-02 18:01 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-26 11:09 - 2011-02-10 18:37 - 00000000 ____D C:\Users\Erni\AppData\Local\Google
2013-10-26 11:09 - 2011-02-10 18:36 - 00000000 ____D C:\ProgramData\Google
2013-10-26 10:58 - 2011-01-18 15:49 - 00061992 _____ C:\Users\Erni\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-26 10:55 - 2009-07-14 05:45 - 00292768 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-26 10:44 - 2013-10-26 10:30 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-10-26 10:29 - 2013-10-26 10:29 - 00000207 _____ C:\Windows\tweaking.com-regbackup-ERNI-KOMPUTER--(64-bit).dat
2013-10-26 10:26 - 2013-10-26 10:26 - 00000000 ___DC C:\RegBackup
2013-10-26 10:23 - 2013-10-26 10:23 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-10-26 09:10 - 2011-01-18 15:20 - 00000000 ____D C:\Program Files (x86)\Intel
2013-10-26 09:05 - 2011-05-20 20:11 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2013-10-26 09:04 - 2011-01-18 15:20 - 00025798 _____ C:\Windows\Ascd_log.ini
2013-10-23 18:20 - 2013-10-23 18:20 - 00000000 ____D C:\Users\Erni\AppData\Roaming\iSafe
2013-10-23 16:15 - 2013-10-05 20:49 - 00000000 ____D C:\Program Files (x86)\Opera
2013-10-23 14:15 - 2012-11-04 14:54 - 00000000 ____D C:\Program Files (x86)\Origin
2013-10-23 13:30 - 2011-01-18 20:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-23 13:28 - 2013-07-02 09:46 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-23 13:26 - 2013-10-23 13:25 - 27923456 _____ C:\Users\Erni\Desktop\PhysX-9.13.0725-SystemSoftware.msi
2013-10-23 13:25 - 2011-01-18 19:15 - 00000000 ____D C:\Users\Erni\AppData\Local\CrashDumps
2013-10-19 18:55 - 2013-10-05 13:53 - 00000000 ____D C:\Users\Erni\AppData\Roaming\.minecraft
2013-10-18 19:54 - 2013-10-18 19:53 - 01581717 _____ C:\Users\Erni\Desktop\Blog_Paper_Toy_papertoy_Gears_Monsuta_templates.zip
2013-10-18 13:07 - 2013-07-29 13:01 - 00000104 _____ C:\Users\Erni\AppData\Roaming\WB.CFG
2013-10-18 13:07 - 2013-06-14 13:01 - 00000006 _____ C:\Users\Erni\AppData\Roaming\WBPU-TTL.DAT
2013-10-18 12:41 - 2013-10-18 12:41 - 00001002 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-338348056-1139113899-2560991931-1001Core1cecbf6fbdefece.job
2013-10-14 16:50 - 2013-10-14 16:49 - 29527448 _____ (Panda Security                                              ) C:\Users\Erni\Downloads\PandaCloudCleaner.exe
2013-10-14 16:42 - 2011-01-18 15:52 - 00007674 _____ C:\Users\Erni\AppData\Local\Resmon.ResmonCfg
2013-10-14 11:03 - 2013-10-14 11:03 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec8c495306170.job
2013-10-13 21:39 - 2013-09-06 18:39 - 00000000 ____D C:\Users\Erni\AppData\Roaming\Skype
2013-10-12 09:20 - 2013-03-13 22:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-12 09:20 - 2013-03-13 22:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-12 01:06 - 2012-03-18 15:40 - 01642084 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-11 16:43 - 2013-02-28 21:18 - 00000000 ____D C:\Users\Erni\Desktop\sandtrack
2013-10-11 14:56 - 2013-09-21 16:52 - 00001067 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2013-10-11 14:56 - 2013-09-21 16:52 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-10-11 14:29 - 2013-07-25 00:02 - 00000000 ____D C:\Windows\system32\MRT
2013-10-11 14:25 - 2011-01-18 17:24 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-11 13:27 - 2013-10-11 13:27 - 00000000 __SHD C:\found.004
2013-10-06 11:15 - 2013-10-06 11:15 - 00001330 _____ C:\Users\Erni\Desktop\Sound Recorder.lnk
2013-10-06 10:17 - 2013-02-08 21:41 - 00584015 _____ C:\Windows\DirectX.log
2013-10-05 20:49 - 2013-10-05 20:49 - 00001129 _____ C:\Users\Public\Desktop\Opera.lnk
2013-10-05 20:49 - 2013-10-05 20:49 - 00000000 ____D C:\Users\Erni\AppData\Roaming\Opera Software
2013-10-05 20:49 - 2013-10-05 20:49 - 00000000 ____D C:\Users\Erni\AppData\Local\Opera Software
2013-10-05 20:48 - 2013-10-05 20:48 - 32097512 _____ (Opera Software ASA) C:\Users\Erni\Downloads\Opera_16.0.1196.80_Setup.exe
2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-05 20:47 - 2013-10-05 20:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-05 20:46 - 2013-10-05 20:46 - 00685248 _____ C:\Users\Erni\Desktop\Opera(12614).exe
2013-10-05 20:46 - 2013-10-05 20:45 - 00685248 _____ C:\Users\Erni\Downloads\Opera(12614).exe
2013-10-05 14:08 - 2013-02-23 15:32 - 00000000 ____D C:\Users\Erni\Desktop\gry
2013-10-05 13:53 - 2013-10-05 13:53 - 00000968 _____ C:\Users\Public\Desktop\Minecraft .lnk
2013-10-05 13:51 - 2013-10-05 13:49 - 42971671 _____ (hajducek                                                    ) C:\Users\Erni\Downloads\MinecraftSP.exe
2013-10-05 13:47 - 2013-10-05 14:02 - 00242335 _____ C:\Users\Erni\Desktop\Minecraft 1.6.1 (1).rar
2013-10-05 13:47 - 2013-10-05 13:47 - 00242335 _____ C:\Users\Erni\Downloads\Minecraft 1.6.1 (1).rar
2013-10-05 13:39 - 2013-10-05 13:39 - 00367332 _____ (http://magiclauncher.com) C:\Users\Erni\Downloads\MagicLauncher_1.1.7 (1).exe
2013-10-05 13:29 - 2013-10-05 13:30 - 02198654 _____ C:\Users\Erni\Desktop\minecraftforge-installer-1.6.2-9.10.1.861.jar
2013-10-05 13:29 - 2013-10-05 13:29 - 02198654 _____ C:\Users\Erni\Downloads\minecraftforge-installer-1.6.2-9.10.1.861.jar
2013-10-05 13:28 - 2013-10-05 13:28 - 00367332 _____ (http://magiclauncher.com) C:\Users\Erni\Downloads\MagicLauncher_1.1.7.exe
2013-10-05 13:27 - 2013-10-05 13:27 - 00255632 _____ C:\Users\Erni\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip
2013-10-05 13:27 - 2013-10-05 13:27 - 00191853 _____ C:\Users\Erni\Downloads\InventoryTweaks-MC1.6.2-1.56-b77.jar
2013-10-05 13:25 - 2013-09-14 20:52 - 00000000 ____D C:\Users\Erni\Desktop\saves
2013-10-05 13:19 - 2013-10-05 13:18 - 00291854 _____ C:\Users\Erni\Downloads\1.6.4 DamageIndicators v2.9.0.9.zip
2013-10-05 13:18 - 2013-10-05 13:18 - 00577435 _____ C:\Users\Erni\Downloads\TheCampingMod_1.0.2f.jar
2013-10-05 13:06 - 2013-10-05 13:06 - 02290245 _____ C:\Users\Erni\Downloads\PetBuddy 1.6.2 v2.zip
2013-10-05 13:06 - 2013-10-05 13:06 - 00712926 _____ C:\Users\Erni\Downloads\TuxWeapons 0.3 (2).jar
2013-10-05 13:04 - 2013-10-05 13:04 - 00857026 _____ C:\Users\Erni\Downloads\[Forge]FurnitureModv3.1.1(1.6.4).zip
2013-10-05 13:04 - 2013-10-05 13:03 - 05412602 _____ C:\Users\Erni\Downloads\Minions_1.6.2.zip
2013-10-05 12:38 - 2013-10-05 12:38 - 00182824 _____ C:\Users\Erni\Downloads\ModLoader.zip
2013-10-05 12:33 - 2013-10-05 12:33 - 00396525 _____ C:\Users\Erni\Downloads\OptiFine_1.6.2_HD_C4 (1).jar
2013-10-05 12:32 - 2013-10-05 12:32 - 00255630 _____ C:\Users\Erni\Downloads\[1.6.4]ReiMinimap_v3.4_01.zip
2013-10-05 12:12 - 2013-10-05 12:10 - 50107976 _____ (Adobe Systems Incorporated) C:\Users\Erni\Downloads\AdbeRdr11003_en_US.exe
2013-10-05 12:10 - 2011-01-24 13:14 - 00000000 ____D C:\Users\Erni\AppData\Local\Adobe
2013-10-05 12:08 - 2013-02-26 17:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-05 12:08 - 2013-02-26 17:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-04 22:03 - 2013-10-04 22:03 - 54666245 _____ C:\Users\Erni\Desktop\minecraft162 (1).rar
2013-10-04 22:03 - 2013-10-04 22:00 - 54666245 _____ C:\Users\Erni\Downloads\minecraft162 (1).rar
2013-10-04 22:01 - 2013-10-04 22:00 - 00367014 _____ (http://magiclauncher.com) C:\Users\Erni\Downloads\MagicLauncher_1.1.6 (1).exe

Some content of TEMP:
====================
C:\Users\Erni\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-28 15:54

==================== End Of Log ============================