Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by admn (administrator) on AMD on 23-10-2014 22:45:27
Running from C:\Users\admn\Downloads
Loaded Profile: admn (Available profiles: admn)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ArtistScope Pty Ltd) C:\Program Files\Common Files\ArtistScope\CSHelper64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) D:\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) D:\LogMeIn Hamachi\LMIGuardianSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) D:\LogMeIn Hamachi\hamachi-2-ui.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(LogMeIn, Inc.) D:\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BioWare) D:\Gry\R.G Mechanics\Dragon Age - Origins\bin_ship\daorigins.exe
(OldTimer Tools) C:\Users\admn\Downloads\OTL.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1612504 2013-11-11] (COMODO)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2013-10-02] (FNet Co., Ltd.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-08-14] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
HKU\S-1-5-21-1421870451-3438031528-2816671759-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-02-15] (AMD)
HKU\S-1-5-21-1421870451-3438031528-2816671759-1000\...\Run: [uTorrent] => C:\Users\admn\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-19] (BitTorrent Inc.)
HKU\S-1-5-21-1421870451-3438031528-2816671759-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3678424 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-1421870451-3438031528-2816671759-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe [531336 2013-12-11] (Adobe Systems Incorporated)
HKU\S-1-5-21-1421870451-3438031528-2816671759-1000\...\MountPoints2: K - K:\setup.exe
HKU\S-1-5-21-1421870451-3438031528-2816671759-1000\...\MountPoints2: {4bc665fd-1569-11e4-a49c-bc5ff4ccbff3} - F:\OblivionLauncher.exe
HKU\S-1-5-21-1421870451-3438031528-2816671759-1000\...\MountPoints2: {b6901363-2b1d-11e3-b7bb-806e6f6e6963} - E:\ASRSetup.exe
HKU\S-1-5-21-1421870451-3438031528-2816671759-1000\...\MountPoints2: {ba759bd6-a55a-11e3-994e-bc5ff4ccbff3} - J:\Baldur.exe
HKU\S-1-5-21-1421870451-3438031528-2816671759-1000\...\MountPoints2: {df81de26-2aee-11e3-a781-806e6f6e6963} - E:\AUTORUN.EXE

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\admn\AppData\Roaming\Mozilla\Firefox\Profiles\6y8l7h31.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @artistscope.com/ArtistScope Plugin -> C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope.dll (ArtistScope Pty Ltd)
FF Plugin-x32: @artistscope.com/ArtistScope Plugin 5 -> C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope5.dll (ArtistScope Pty Ltd)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk -> D:\Garena\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @artistscope.com/ArtistScope Plugin -> C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope.dll (ArtistScope Pty Ltd)
FF Plugin HKCU: @artistscope.com/ArtistScope Plugin 5 -> C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope5.dll (ArtistScope Pty Ltd)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\admn\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\admn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-03]
CHR Extension: (Dysk Google) - C:\Users\admn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-03]
CHR Extension: (YouTube) - C:\Users\admn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-03]
CHR Extension: (PrivDog) - C:\Users\admn\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja [2013-10-03]
CHR Extension: (Szukaj w Google) - C:\Users\admn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-03]
CHR Extension: (AdBlock) - C:\Users\admn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-10-07]
CHR Extension: (Google Wallet) - C:\Users\admn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Gmail) - C:\Users\admn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-03]
CHR HKLM-x32\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Program Files (x86)\AdTrustMedia\PrivDog\PrivDog_chrome.crx [2013-10-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-07] (Advanced Micro Devices, Inc.) [File not signed]
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6254152 2013-10-20] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [164056 2013-09-24] (COMODO)
R2 CSHelper; C:\Program Files\Common Files\ArtistScope\CSHelper64.exe [361552 2014-01-06] (ArtistScope Pty Ltd)
R2 Hamachi2Svc; D:\LogMeIn Hamachi\hamachi-2.exe [2525008 2014-09-04] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4600264 2013-11-05] (INCA Internet Co., Ltd.)
S2 TeamViewer9; "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-03-06] ()
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-09-24] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [709144 2013-11-14] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48872 2013-09-24] (COMODO)
R1 CSDriver; C:\Program Files\Common Files\ArtistScope\CSDriver64.sys [61424 2014-01-06] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-20] (Disc Soft Ltd)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-04-15] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2013-10-02] (FNet Co., Ltd.)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [96800 2013-09-24] (COMODO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-03-06] ()
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [70400 2004-04-08] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-03-06] (Duplex Secure Ltd.)
U5 UnlockerDriver5; D:\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U3 ax1t668b; C:\Windows\System32\Drivers\ax1t668b.sys [0 ] (Advanced Micro Devices)
S3 GGSAFERDriver; \??\D:\Garena\Garena Plus\Room\safedrv.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]
U3 ufdorpog; \??\C:\Users\admn\AppData\Local\Temp\ufdorpog.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 22:40 - 2014-10-23 22:40 - 00086352 _____ () C:\Users\admn\Downloads\OTL.Txt
2014-10-23 22:24 - 2014-10-23 22:46 - 00017493 _____ () C:\Users\admn\Downloads\FRST.txt
2014-10-23 22:24 - 2014-10-23 22:45 - 00000000 ____D () C:\FRST
2014-10-23 22:24 - 2014-10-23 22:24 - 00001050 _____ () C:\Users\admn\Documents\log.log
2014-10-23 22:22 - 2014-10-23 22:23 - 02112000 _____ (Farbar) C:\Users\admn\Downloads\FRST64.exe
2014-10-23 22:22 - 2014-10-23 22:22 - 00380416 _____ () C:\Users\admn\Downloads\iluo888m.exe
2014-10-23 19:51 - 2014-10-23 19:51 - 00012536 _____ () C:\Users\admn\Downloads\clickerHeroSave.txt
2014-10-23 16:49 - 2014-10-23 16:50 - 00602112 _____ (OldTimer Tools) C:\Users\admn\Downloads\OTL.exe
2014-10-23 16:48 - 2014-10-23 16:48 - 00602112 _____ (OldTimer Tools) C:\Users\admn\Downloads\Niepotwierdzony 459966.crdownload
2014-10-23 16:19 - 2014-10-23 16:19 - 01142392 _____ () C:\Users\admn\Downloads\SteamSetup (1).exe
2014-10-23 16:19 - 2014-10-23 16:19 - 00000523 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-10-22 22:30 - 2014-10-22 22:30 - 00250674 _____ () C:\Users\admn\Downloads\Darek.zip
2014-10-22 16:37 - 2014-10-22 16:37 - 00000775 _____ () C:\Users\admn\Desktop\Baldur's Gate II.lnk
2014-10-22 16:37 - 2014-10-22 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bioware
2014-10-17 18:46 - 2014-10-17 18:46 - 00014656 _____ () C:\Users\admn\Desktop\Strona.zip
2014-10-16 17:44 - 2014-10-16 17:44 - 00000535 _____ () C:\Users\admn\Desktop\JTHTML.lnk
2014-10-16 17:44 - 2014-10-16 17:44 - 00000000 ____D () C:\Users\admn\AppData\Roaming\JTHTML
2014-10-16 17:44 - 2014-10-16 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JTHTML
2014-10-16 17:43 - 2014-10-16 17:44 - 02939834 _____ (Janusz Tomczak ) C:\Users\admn\Downloads\JTHTML.exe
2014-10-16 17:41 - 2014-10-16 17:41 - 00000004 _____ () C:\wersja.txt
2014-10-16 17:40 - 2014-10-16 17:41 - 00000000 ____D () C:\Users\admn\AppData\Roaming\AgerWebEdytor
2014-10-16 17:39 - 2014-10-16 17:40 - 06130708 _____ (StatJacek ) C:\Users\admn\Downloads\setup (1).exe
2014-10-16 17:36 - 2014-10-16 17:36 - 00000000 __SHD () C:\Windows\ftpcache
2014-10-16 17:33 - 2014-10-16 17:34 - 17764456 _____ () C:\Users\admn\Downloads\EdHTMLv5.0.exe
2014-10-16 17:23 - 2014-10-17 18:42 - 00000000 ____D () C:\Users\admn\Desktop\Strona
2014-10-16 16:55 - 2014-10-16 16:56 - 10001448 _____ () C:\Users\admn\Downloads\ffviipl.rar
2014-10-16 16:54 - 2014-10-16 16:55 - 10302440 _____ () C:\Users\admn\Downloads\ffviipl_1.01.rar
2014-10-15 23:16 - 2014-10-15 23:16 - 00000000 ____D () C:\Users\admn\Documents\Square Enix
2014-10-15 23:04 - 2014-10-15 23:04 - 00000694 _____ () C:\Users\Public\Desktop\Final Fantasy VII.lnk
2014-10-15 23:04 - 2014-10-15 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Final Fantasy VII
2014-10-15 20:47 - 2014-10-15 20:48 - 03997215 _____ () C:\Users\admn\Downloads\Dragon Age Ultimate Edition - spolszczenie 1.0.2.zip
2014-10-14 13:05 - 2014-10-14 13:05 - 07671808 _____ () C:\Users\admn\Downloads\xnafx31_redist.msi
2014-10-14 13:05 - 2014-10-14 13:05 - 02959376 _____ (Microsoft Corporation) C:\Users\admn\Downloads\dotnetfx35setup.exe
2014-10-14 13:02 - 2014-10-14 13:02 - 00000543 _____ () C:\Users\Public\Desktop\Magicka.lnk
2014-10-14 13:02 - 2014-10-14 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magicka
2014-10-12 12:46 - 2014-10-12 12:46 - 00000741 _____ () C:\Users\admn\Desktop\Europa Universalis IV Res Publica.lnk
2014-10-12 12:21 - 2014-10-12 12:21 - 00000891 _____ () C:\Users\admn\Desktop\NTerraria — skrót.lnk
2014-10-12 11:50 - 2014-10-12 11:50 - 00279419 _____ () C:\Users\admn\Downloads\Scenario_Editor_0.8.6.zip
2014-10-12 11:50 - 2014-10-12 11:50 - 00000000 ____D () C:\Users\admn\Downloads\Clausewitz Scenario Editor
2014-10-07 23:14 - 2014-10-07 23:14 - 00649108 _____ () C:\Users\admn\Downloads\Bound_by_Flame_-_spolszczenie_(www_dodane_pl).7z
2014-10-07 23:07 - 2014-10-07 23:07 - 00000679 _____ () C:\Users\admn\Desktop\Bound By Flame.lnk
2014-10-06 21:18 - 2014-10-06 21:18 - 00000000 ____D () C:\Users\admn\Documents\WB Games
2014-10-06 21:00 - 2014-10-06 21:00 - 00000842 _____ () C:\Users\admn\Desktop\Middle Earth Shadow of Mordor.lnk
2014-10-06 21:00 - 2014-10-06 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle Earth Shadow of Mordor
2014-10-05 12:18 - 2014-10-05 12:18 - 00000968 _____ () C:\Users\admn\Desktop\DungeonSiege2 — skrót.lnk
2014-10-05 12:17 - 2014-10-05 12:17 - 02915783 _____ () C:\Users\admn\Downloads\dungeon_siege_2_pl_patch_text_fix.zip
2014-10-05 11:53 - 2014-10-05 11:54 - 12445432 _____ () C:\Users\admn\Downloads\Dungeon Siege 2 Patch 2.2.exe
2014-10-05 11:53 - 2014-10-05 11:54 - 06910808 _____ () C:\Users\admn\Downloads\Dungeon Siege 2 Crack 2.2.7z
2014-10-05 11:12 - 2014-10-05 11:12 - 00000210 _____ () C:\Users\admn\Desktop\Game Launcher.url
2014-10-05 11:09 - 2014-10-05 11:09 - 00741952 _____ (Eikester ) C:\Users\admn\Downloads\Game Launcher Installer (1).exe
2014-10-05 11:07 - 2014-10-05 11:08 - 03221675 _____ () C:\Users\admn\Downloads\N Terraria 5.zip
2014-10-03 22:52 - 2014-10-03 22:52 - 00011311 _____ () C:\Users\admn\Downloads\Languages.dat
2014-10-03 21:47 - 2011-02-11 09:41 - 00419940 _____ () C:\Users\admn\Downloads\MultiXapInstall.exe
2014-10-03 21:46 - 2014-10-03 21:46 - 00359127 _____ () C:\Users\admn\Downloads\MultiXapInstall_v1.1.zip
2014-10-03 21:44 - 2014-10-03 21:44 - 03541328 _____ (Microsoft Corporation) C:\Users\admn\Downloads\vm_web2.exe
2014-10-03 19:53 - 2014-10-03 19:53 - 06745792 _____ (Microsoft Corporation) C:\Users\admn\Downloads\WindowsPhone.exe
2014-10-03 19:53 - 2014-10-03 19:53 - 00000000 ____D () C:\ProgramData\Applications
2014-10-03 19:31 - 2014-10-03 19:33 - 64544266 _____ () C:\Users\admn\Downloads\angry-birds-epic.xap
2014-10-01 19:35 - 2014-10-01 19:35 - 00004544 _____ () C:\Users\admn\Desktop\Nowy dokument dziennika.jnt
2014-09-29 18:36 - 2014-09-29 18:36 - 00000679 _____ () C:\Users\admn\Desktop\ToonCar.lnk
2014-09-29 18:36 - 2014-09-29 18:36 - 00000000 ____D () C:\Users\admn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ToonCar
2014-09-29 18:36 - 2014-09-29 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToonCar
2014-09-29 18:20 - 2014-09-29 18:20 - 00025937 _____ () C:\Users\admn\Downloads\Toon Car - odjazdowy rajd PL.torrent
2014-09-28 12:43 - 2014-09-28 12:43 - 00001344 _____ () C:\Users\admn\Desktop\WA — skrót.lnk
2014-09-27 16:37 - 2014-09-27 16:37 - 00000000 ____D () C:\Users\admn\AppData\Local\EMU
2014-09-27 16:34 - 2014-09-27 16:34 - 00000000 ___HD () C:\Windows\PIF
2014-09-27 16:34 - 2014-09-27 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms Clan Wars
2014-09-27 14:41 - 2014-09-27 14:41 - 00000535 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-27 11:56 - 2014-09-27 13:12 - 00000000 ____D () C:\Users\admn\Documents\Endless Legend
2014-09-27 11:03 - 2014-09-27 11:59 - 00000579 _____ () C:\Users\Public\Desktop\Endless Legend.lnk
2014-09-27 11:03 - 2014-09-27 11:03 - 00000499 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Endless Legend.lnk
2014-09-27 00:41 - 2014-09-27 00:42 - 31234395 _____ () C:\Users\admn\Downloads\_ingame_voice_ Mod do Wot _Kapitan Bomba_ 0.9.0 v1.5 (1).rar
2014-09-26 20:04 - 2014-09-26 20:04 - 09215527 _____ () C:\Users\admn\Downloads\Benozs XVM Normal.zip
2014-09-25 14:03 - 2014-09-25 14:03 - 00000881 _____ () C:\Users\Public\Desktop\Worms Forts - Oblężenie.lnk
2014-09-25 13:59 - 2014-09-25 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team17 Software Ltd
2014-09-24 21:51 - 2014-09-24 21:51 - 00000000 ____D () C:\Users\admn\Documents\Larian Studios
2014-09-24 21:39 - 2014-09-24 21:39 - 00000964 _____ () C:\Users\admn\Desktop\Divinity - Original Sin.lnk
2014-09-24 21:39 - 2014-09-24 21:39 - 00000000 ____D () C:\Users\admn\AppData\Roaming\Divinity - Original Sin
2014-09-23 15:09 - 2014-09-23 15:09 - 13429504 _____ (Disc Soft Ltd) C:\Users\admn\Downloads\DTLite4491-0356.exe
2014-09-23 15:08 - 2014-09-23 15:08 - 01788824 _____ () C:\Users\admn\Downloads\wrar511pl.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 18:17 - 2013-10-06 15:04 - 00000000 ____D () C:\Users\admn\AppData\Roaming\uTorrent
2014-10-23 18:04 - 2013-10-02 00:53 - 01924552 _____ () C:\Windows\WindowsUpdate.log
2014-10-23 17:20 - 2013-11-06 21:38 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-10-23 17:14 - 2013-10-02 00:53 - 00000000 ____D () C:\Users\admn
2014-10-23 13:53 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-23 13:53 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-23 13:47 - 2014-06-17 20:50 - 00000000 ____D () C:\Users\admn\AppData\Local\LogMeIn Hamachi
2014-10-23 13:46 - 2009-07-14 06:51 - 00085790 _____ () C:\Windows\setupact.log
2014-10-22 21:38 - 2013-12-23 13:46 - 00000000 ____D () C:\Users\admn\AppData\Roaming\CodeBlocks
2014-10-22 16:32 - 2014-03-06 20:08 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-10-18 16:25 - 2013-10-03 20:24 - 00000000 ____D () C:\Users\admn\AppData\Local\CrashDumps
2014-10-16 17:40 - 2013-10-02 00:53 - 00000000 ____D () C:\Users\admn\AppData\Local\VirtualStore
2014-10-14 14:21 - 2014-02-15 12:56 - 00000000 ____D () C:\Users\admn\Documents\gothic3
2014-10-14 13:09 - 2013-10-03 20:47 - 00000000 ____D () C:\Users\admn\AppData\Local\SKIDROW
2014-10-12 12:46 - 2014-07-28 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV Res Publica
2014-10-11 23:58 - 2014-06-05 15:12 - 00000000 ____D () C:\Users\admn\Documents\Bound by Flame
2014-10-11 20:51 - 2014-06-09 22:05 - 00000000 ____D () C:\Users\admn\Documents\Paradox Interactive
2014-10-08 21:16 - 2014-07-24 18:51 - 00000000 ____D () C:\ProgramData\Origin
2014-10-07 23:07 - 2014-06-05 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bound By Flame
2014-10-05 11:56 - 2013-10-19 20:44 - 00000000 ____D () C:\Users\admn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-10-05 11:56 - 2013-10-04 19:09 - 00000000 ____D () C:\Users\admn\Documents\My Games
2014-09-30 23:47 - 2013-10-12 11:30 - 00000000 ____D () C:\Users\admn\AppData\Roaming\Skype
2014-09-28 11:39 - 2010-11-21 05:47 - 00466206 _____ () C:\Windows\PFRO.log
2014-09-27 16:35 - 2013-10-03 20:07 - 00435679 _____ () C:\Windows\DirectX.log
2014-09-27 11:01 - 2009-07-14 06:45 - 00346120 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-26 20:06 - 2013-10-02 01:24 - 00076736 _____ () C:\Users\admn\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-25 13:59 - 2013-10-02 01:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-24 21:39 - 2014-06-11 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics

Files to move or delete:
====================
C:\Users\admn\AppData\Roaming\Origin\update.vbe


Some content of TEMP:
====================
C:\Users\admn\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\admn\AppData\Local\Temp\deploy.exe
C:\Users\admn\AppData\Local\Temp\Ionic.Zip.dll
C:\Users\admn\AppData\Local\Temp\jansi-64-1.8.dll
C:\Users\admn\AppData\Local\Temp\MultiXapInstall.exe
C:\Users\admn\AppData\Local\Temp\ubi571.tmp.exe
C:\Users\admn\AppData\Local\Temp\update.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-12-11 16:22

==================== End Of Log ============================