Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01 Ran by Wiex (administrator) on WIEX-PC on 26-11-2014 18:29:12 Running from C:\Users\Wiex\Downloads Loaded Profile: Wiex (Available profiles: Wiex & Administrator) Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe (Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Altrixsoft) D:\Programy\Hard Drive Inspector\HDInspector.exe () C:\Program Files\RocketDock\RocketDock.exe (ZONER software) D:\Programy\Zoner\Photo Studio 15\Program32\ZPSTray.exe () D:\Programy\Ashampoo Core Tuner 2\ACT2Service.exe (Comodo Security Solutions, Inc.) D:\Programy\Comodo\Dragon\dragon_updater.exe (CHENGDU YIWO Tech Development Co., Ltd) D:\Programy\EaseUSTodo Backup\bin\Agent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe () D:\Programy\EaseUSTodo Backup\bin\TodoBackupService.exe (Wondershare) D:\Programy\Wondershare\MobileGo f¨ąr Android\MobileGoService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (AltrixSoft (http://www.altrixsoft.com/)) C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe () C:\Users\Wiex\Downloads\fxnug4y9.exe (Farbar) C:\Users\Wiex\Downloads\FRST(1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [HDInspector.exe] => D:\Programy\Hard Drive Inspector\HDInspector.exe [3163088 2013-10-21] (Altrixsoft) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [FileTransferForMobileGo] => D:\Programy\Wondershare\MobileGo f¨r Android\FileTransfer.exe HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-3592015403-793725120-2322176034-1000\...\Run: [StartMenuX] => D:\Programy\Start Menu X\StartMenuX.exe [5376320 2013-11-28] (OrdinarySoft) HKU\S-1-5-21-3592015403-793725120-2322176034-1000\...\Run: [WeatherWatcher] => D:\Programy\Weather Watcher\ww.exe [1110016 2009-07-07] (Singer's Creations) HKU\S-1-5-21-3592015403-793725120-2322176034-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-3592015403-793725120-2322176034-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-29] (Piriform Ltd) HKU\S-1-5-21-3592015403-793725120-2322176034-1000\...\Run: [Zoner Photo Studio Autoupdate] => D:\PROGRAMY\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software) HKU\S-1-5-21-3592015403-793725120-2322176034-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\cardisabled () BootExecute: autocheck autochk ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3592015403-793725120-2322176034-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp HKU\S-1-5-21-3592015403-793725120-2322176034-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x004EBBC95AF1CF01 HKU\S-1-5-21-3592015403-793725120-2322176034-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Tcpip\Parameters: [DhcpNameServer] 217.113.224.134 217.113.224.135 FireFox: ======== FF ProfilePath: C:\Users\Wiex\AppData\Roaming\Mozilla\Firefox\Profiles\l00tk613.default FF Homepage: www.google.pl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> D:\Progamy\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3592015403-793725120-2322176034-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Wiex\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKU\S-1-5-21-3592015403-793725120-2322176034-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Wiex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Extension: Flashblock - C:\Users\Wiex\AppData\Roaming\Mozilla\Firefox\Profiles\l00tk613.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-08-27] FF Extension: Flash and Video Download - C:\Users\Wiex\AppData\Roaming\Mozilla\Firefox\Profiles\l00tk613.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-10-21] FF Extension: FireGestures - C:\Users\Wiex\AppData\Roaming\Mozilla\Firefox\Profiles\l00tk613.default\Extensions\firegestures@xuldev.org.xpi [2014-05-23] FF Extension: Hide IP Easy - C:\Users\Wiex\AppData\Roaming\Mozilla\Firefox\Profiles\l00tk613.default\Extensions\support@easy-hideip.com.xpi [2013-08-21] FF Extension: Thumbnail Zoom Plus - C:\Users\Wiex\AppData\Roaming\Mozilla\Firefox\Profiles\l00tk613.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-11-12] FF Extension: Image Zoom - C:\Users\Wiex\AppData\Roaming\Mozilla\Firefox\Profiles\l00tk613.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2014-11-12] FF Extension: Adblock Plus - C:\Users\Wiex\AppData\Roaming\Mozilla\Firefox\Profiles\l00tk613.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-11] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-09-17] FF Extension: No Name - {20a82645-c095-46ed-80e3-08825760534b} [Not Found] Chrome: ======= CHR Profile: C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Entanglement Web App) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-05-23] CHR Extension: (Radio) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh [2014-05-23] CHR Extension: (Beatlab) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\alnfdikmbdfgkcbdodjcbmedanjinmkk [2014-05-23] CHR Extension: (Dokumenty Google) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-14] CHR Extension: (Dysk Google) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-14] CHR Extension: (Turn Off the Lights) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-08-27] CHR Extension: (Audiotool) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2014-05-23] CHR Extension: (YouTube) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-14] CHR Extension: (Szukaj w Google) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-14] CHR Extension: (WGT Golf Challenge) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2014-05-23] CHR Extension: (Pixlr-o-matic) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2014-05-23] CHR Extension: (Photo Zoom for Facebook) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2013-06-14] CHR Extension: (Virtual Piano Black) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjagcpcbacoaogfljhglghpjhkmmfeeo [2014-05-23] CHR Extension: (Stylish) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-05-23] CHR Extension: (Full Screen Weather) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2014-05-23] CHR Extension: (AdBlock) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-14] CHR Extension: (FabCam) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2014-05-23] CHR Extension: (Pixect) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdeoagndhabdnoenpdcagbkkmjeibmh [2014-05-23] CHR Extension: (Movi Kanti Revo) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdkcgeghhfjiglphfppinecpcpnnbne [2014-05-23] CHR Extension: (Until AM Web App) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2014-05-23] CHR Extension: (Webcam Toy) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-05-23] CHR Extension: (AudioSauna) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2014-05-23] CHR Extension: (Google Wallet) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27] CHR Extension: (Hover Zoom) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2013-06-14] CHR Extension: (PhotoFit Me) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdpbdnchfplfpdjbckgbmpnddnjdijjk [2014-05-23] CHR Extension: (Gmail) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-14] CHR Extension: (ติ๊ก ชีโร่ (มนัสวิน นันทเสน)) - C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pniaakffjlejdpocgnomjcnfofeajagg [2014-05-23] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ACT2_Service; D:\Programy\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] () S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L) S3 DfSdkS; D:\Programy\Ashampoo WinOptimizer 2014\DfsdkS.exe [406016 2009-08-24] (mst software GmbH, Germany) [File not signed] R2 DragonUpdater; D:\Programy\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-24] (Comodo Security Solutions, Inc.) R2 EaseUS Agent; D:\Programy\EaseUSTodo Backup\bin\Agent.exe [37448 2014-08-13] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915784 2014-09-17] (NVIDIA Corporation) R3 HDDSvc; C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe [484304 2013-03-10] (AltrixSoft (http://www.altrixsoft.com/)) R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-10-16] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-10-16] (Hewlett-Packard Co.) [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] S2 MBAMScheduler; D:\Programy\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) S2 MBAMService; D:\Programy\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed] R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed] S2 WiseBootAssistant; D:\Programy\Wise Care 365\BootTime.exe [580232 2014-01-21] (WiseCleaner.com) S2 22c5205d; "C:\Windows\system32\rundll32.exe" "c:\Program Files\VideoCnv\Zet.dll",serv ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 A2DDA; D:\EEK\RUN\a2ddax86.sys [22056 2013-12-17] (Emsisoft GmbH) R2 ACT2PM; D:\Programy\Ashampoo Core Tuner 2\ACT2ProcessMonitor32.sys [14648 2011-06-10] () R3 Andbus; C:\Windows\System32\DRIVERS\lgandbus.sys [14336 2012-03-02] (LG Electronics Inc.) R3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag.sys [20736 2012-03-02] (LG Electronics Inc.) R3 AndGps; C:\Windows\System32\DRIVERS\lgandgps.sys [20096 2012-03-02] (LG Electronics Inc.) R3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem.sys [25088 2012-03-02] (LG Electronics Inc.) S3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [25728 2012-03-02] (Google Inc) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2013-12-08] () S3 cleanhlp; D:\EEK\Run\cleanhlp32.sys [50200 2013-12-17] (Emsisoft GmbH) S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] () R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [51784 2014-08-13] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed] R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [41544 2014-08-13] () [File not signed] R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [15944 2014-08-13] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed] R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [186952 2014-08-13] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed] S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB.sys [16896 2010-05-12] (Danish Wireless Design A/S) S3 gdrv; C:\Windows\gdrv.sys [17488 2014-06-26] (Windows (R) 2000 DDK provider) R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.) R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.) R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-07-11] () R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28312 2013-05-23] (Logitech, Inc.) R3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25752 2009-10-07] () S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation) R1 MpKsl9e9ff51d; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{86F22EB0-1678-42AB-A7BD-946E1A26A61C}\MpKsl9e9ff51d.sys [39464 2014-11-26] (Microsoft Corporation) S3 Passthru; C:\Windows\System32\DRIVERS\PPFlt.sys [24824 2014-09-08] () S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-04-30] (Logitech Inc.) S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.) R3 PrivacyProtectorMP; C:\Windows\System32\DRIVERS\PPFlt.sys [24824 2014-09-08] () R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S0 sjzgxw; No ImagePath U5 UnlockerDriver5; D:\Programy\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S0 zlnimc; No ImagePath U3 kxldqpog; \??\C:\Users\Wiex\AppData\Local\Temp\kxldqpog.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-26 18:16 - 2014-11-26 18:16 - 01109504 _____ (Farbar) C:\Users\Wiex\Downloads\FRST(1).exe 2014-11-26 14:31 - 2014-11-26 14:31 - 00062764 _____ () C:\Users\Wiex\Downloads\Extras.Txt 2014-11-26 14:29 - 2014-11-26 14:29 - 00113400 _____ () C:\Users\Wiex\Downloads\OTL.Txt 2014-11-26 14:16 - 2014-11-26 14:16 - 00602112 _____ (OldTimer Tools) C:\Users\Wiex\Downloads\OTL.com 2014-11-26 14:09 - 2014-11-26 14:09 - 00380416 _____ () C:\Users\Wiex\Downloads\fxnug4y9.exe 2014-11-26 14:05 - 2014-11-26 14:05 - 00103459 _____ () C:\Users\Wiex\Downloads\Shortcut.txt 2014-11-26 14:00 - 2014-11-26 18:30 - 00019514 _____ () C:\Users\Wiex\Downloads\FRST.txt 2014-11-26 14:00 - 2014-11-26 18:29 - 00000000 ____D () C:\FRST 2014-11-26 13:59 - 2014-11-26 13:59 - 01096192 _____ (Farbar) C:\Users\Wiex\Downloads\FRST.exe 2014-11-26 13:20 - 2014-11-26 14:05 - 00049635 _____ () C:\Users\Wiex\Downloads\Addition.txt 2014-11-26 12:10 - 2014-11-26 12:10 - 00000000 ____D () C:\NPE 2014-11-26 12:04 - 2014-11-26 12:33 - 00000000 ____D () C:\Users\Wiex\AppData\Local\NPE 2014-11-26 12:04 - 2014-11-26 12:04 - 00000000 ____D () C:\ProgramData\Norton 2014-11-26 12:01 - 2014-11-26 12:01 - 03060320 ____N (Symantec Corporation) C:\Users\Wiex\Downloads\NPE.exe 2014-11-25 21:30 - 2014-11-26 13:57 - 00059755 _____ () C:\Windows\WindowsUpdate.log 2014-11-25 21:28 - 2014-11-25 21:28 - 00057360 _____ () C:\Users\Wiex\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-25 21:26 - 2014-11-26 13:50 - 00002620 _____ () C:\Windows\PFRO.log 2014-11-25 21:26 - 2014-11-25 21:27 - 00260056 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-25 21:10 - 2014-11-25 21:10 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll 2014-11-25 21:09 - 2014-11-25 21:09 - 02148864 _____ () C:\Users\Wiex\Downloads\adwcleaner_4.102.exe 2014-11-24 14:26 - 2014-11-26 12:08 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-24 14:25 - 2014-11-24 14:25 - 17926832 _____ (Adobe Systems Incorporated) C:\Users\Wiex\Downloads\install_flash_player_15_plugin.exe 2014-11-20 12:39 - 2014-11-20 12:53 - 00000000 ____D () C:\Users\Wiex\Downloads\Gattaca (1997) 2014-11-20 12:27 - 2014-11-20 12:28 - 00000000 ____D () C:\Users\Wiex\Desktop\Tor Browser 2014-11-20 12:22 - 2014-11-20 12:23 - 34288786 _____ () C:\Users\Wiex\Downloads\torbrowser-install-4.0.1_en-US.exe 2014-11-19 11:45 - 2014-10-24 02:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-17 11:28 - 2014-11-17 11:28 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\11bitstudios 2014-11-17 11:27 - 2014-11-17 11:27 - 00000569 _____ () C:\Users\Public\Desktop\This War of Mine.lnk 2014-11-17 11:27 - 2014-11-17 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine 2014-11-17 11:08 - 2014-11-17 11:09 - 00000000 ____D () C:\Users\Wiex\Downloads\This.War.of.Mine-RELOADED 2014-11-14 17:50 - 2014-11-14 17:50 - 02643738 _____ () C:\Users\Wiex\Downloads\star_wars_knight_of_the_old_republic.rar 2014-11-14 17:50 - 2014-11-14 17:50 - 00000000 ____D () C:\Users\Wiex\Downloads\star_wars_knight_of_the_old_republic spolszczenie 2014-11-14 17:46 - 2014-11-14 17:46 - 00000000 ____D () C:\Users\Wiex\Downloads\starwars 2014-11-14 17:41 - 2014-11-14 17:41 - 00001657 _____ () C:\Users\Wiex\Desktop\Star Wars Knights of the Old Republic.lnk 2014-11-14 17:41 - 2014-11-14 17:41 - 00001657 _____ () C:\Users\Administrator\Desktop\Star Wars Knights of the Old Republic.lnk 2014-11-14 17:41 - 2014-11-14 17:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts 2014-11-14 17:31 - 2014-11-24 13:59 - 00000000 ____D () C:\Star Wars Knights of the Old Republic 2014-11-14 17:28 - 2014-11-14 17:28 - 01375577 _____ () C:\Users\Wiex\Downloads\fdx-sk13.rar 2014-11-14 17:00 - 2014-11-14 17:01 - 00000000 ____D () C:\Users\Wiex\Downloads\Star Wars Knights of the Old Republic 2014-11-14 15:52 - 2006-07-04 16:35 - 00000000 ____D () C:\Users\Wiex\Downloads\lego_data 2014-11-14 15:49 - 2014-11-14 15:49 - 00000479 _____ () C:\Users\Administrator\Desktop\LEGO Star Wars.lnk 2014-11-14 15:46 - 2014-11-14 15:46 - 00000073 _____ () C:\gputest.txt 2014-11-12 14:34 - 2014-10-10 02:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-12 14:34 - 2014-10-10 02:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-12 14:34 - 2014-10-10 02:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-12 14:34 - 2014-10-10 00:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-12 14:34 - 2014-08-27 01:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-12 14:34 - 2014-08-27 01:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-12 14:33 - 2014-10-24 02:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-12 14:33 - 2014-09-19 01:50 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-12 14:33 - 2014-08-12 03:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-12 14:32 - 2014-10-18 02:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-12 14:32 - 2014-10-03 02:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-12 14:32 - 2014-10-03 02:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-12 14:32 - 2014-10-03 02:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-12 14:32 - 2014-10-03 02:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-12 14:15 - 2014-10-27 20:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-12 14:15 - 2014-10-27 20:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-12 14:15 - 2014-10-27 20:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-12 14:15 - 2014-10-27 19:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-12 14:15 - 2014-10-27 19:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-12 14:15 - 2014-10-27 19:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-12 14:15 - 2014-10-27 19:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-11-12 14:15 - 2014-10-27 19:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-12 14:15 - 2014-10-27 19:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-12 14:15 - 2014-10-27 19:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-11-12 14:15 - 2014-10-27 19:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-12 14:15 - 2014-10-27 19:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-12 14:15 - 2014-10-27 19:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-12 14:15 - 2014-10-27 19:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-12 14:15 - 2014-10-27 19:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-12 14:15 - 2014-10-27 19:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-12 14:15 - 2014-10-27 19:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-12 14:15 - 2014-10-27 19:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-11-12 14:15 - 2014-10-27 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-11-12 14:15 - 2014-10-27 19:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-11-12 14:15 - 2014-10-27 19:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-12 14:15 - 2014-10-13 00:34 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-08 09:44 - 2014-11-08 09:44 - 00000000 ____D () C:\Users\Wiex\Documents\qvc_record 2014-11-08 09:44 - 2014-11-08 09:44 - 00000000 ____D () C:\Users\Wiex\Documents\qvc_offline 2014-11-08 09:44 - 2014-11-08 09:44 - 00000000 ____D () C:\Users\Wiex\Documents\qqvctest 2014-11-08 09:37 - 2014-11-14 18:13 - 00000000 ____D () C:\Users\Wiex\Downloads\AllinOneVoiceChanger16 2014-11-07 20:22 - 2014-11-24 18:24 - 00000000 ____D () C:\Users\Wiex\AppData\Local\CyberGhost 2014-11-07 20:21 - 2014-11-07 20:21 - 00001720 _____ () C:\Users\Wiex\Desktop\CyberGhost 5.lnk 2014-11-07 20:21 - 2014-11-07 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5 2014-11-07 20:21 - 2014-11-07 20:21 - 00000000 ____D () C:\Program Files\TAP-Windows 2014-11-07 14:02 - 2014-11-07 14:02 - 04977216 _____ (Piriform Ltd) C:\Users\Wiex\Downloads\ccsetup419.exe 2014-11-07 13:55 - 2014-11-07 13:55 - 00000000 ____D () C:\Users\Wiex\Downloads\tdsskiller 2014-11-07 13:54 - 2014-11-07 13:55 - 04163057 _____ () C:\Users\Wiex\Downloads\tdsskiller.zip 2014-11-07 13:25 - 2014-11-07 13:25 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\ProcessLasso 2014-11-07 13:25 - 2014-11-07 13:25 - 00000000 ____D () C:\ProgramData\ProcessLasso 2014-11-07 13:25 - 2014-11-07 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso 2014-11-07 13:25 - 2014-11-07 13:25 - 00000000 ____D () C:\Program Files\Process Lasso 2014-11-07 13:23 - 2014-11-14 18:13 - 00000000 ____D () C:\Users\Wiex\Downloads\ProcessLassoPro71 2014-11-06 15:38 - 2014-11-06 15:38 - 00000000 ____D () C:\Users\Wiex\Downloads\Toots And The Maytals - 20 Massive Hits (2000) vtwin88cube 2014-11-05 21:40 - 2014-11-05 21:40 - 24677393 _____ () C:\Users\Wiex\Downloads\vlc-2.1.3-win32.exe 2014-11-03 10:19 - 2014-11-03 10:20 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Wiex\Downloads\CG_5.0.13.17.exe 2014-11-02 19:42 - 2014-11-02 19:42 - 00000000 ____D () C:\Windows\Twisted Lands 3 - Origin 2014-10-31 11:38 - 2014-10-31 11:47 - 00000000 ____D () C:\Users\Wiex\Downloads\20,000 Days on Earth (2014) 2014-10-31 09:59 - 2014-10-31 09:59 - 00000000 ____D () C:\Users\Wiex\Downloads\Beastie Boys-Check Your Head 1992 ..320kbps (stPaddy) 2014-10-30 13:13 - 2014-10-30 13:13 - 00000000 ____D () C:\Users\Wiex\Documents\Wondershare 2014-10-30 10:39 - 2014-10-30 12:41 - 00000000 ____D () C:\Users\Wiex\Documents\LG PC Suite IV 2014-10-30 10:39 - 2014-10-30 10:39 - 00000628 _____ () C:\Users\Public\Desktop\LG PC Suite IV.lnk 2014-10-30 10:39 - 2014-10-30 10:39 - 00000628 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LG PC Suite IV.lnk 2014-10-30 10:39 - 2014-10-30 10:39 - 00000000 ____D () C:\Users\Wiex\AppData\Local\LG Electronics 2014-10-30 10:39 - 2014-10-30 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite IV 2014-10-30 10:31 - 2014-10-30 10:34 - 88766608 _____ (LG Electronics) C:\Users\Wiex\Downloads\LGPCSuiteIV_Setup.exe 2014-10-30 09:59 - 2014-10-30 09:59 - 00000000 ____D () C:\ProgramData\Wondershare 2014-10-30 09:58 - 2014-10-30 09:58 - 00000000 ____D () C:\Users\Wiex\AppData\Local\Wondershare 2014-10-30 09:58 - 2014-10-30 09:58 - 00000000 ____D () C:\Program Files\Common Files\Wondershare 2014-10-30 09:57 - 2014-10-30 10:01 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\Wondershare 2014-10-30 09:57 - 2014-10-30 09:57 - 00000803 _____ () C:\Users\Public\Desktop\Wondershare MobileGo for Android.lnk 2014-10-30 09:57 - 2014-10-30 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2014-10-30 09:56 - 2014-10-30 09:57 - 00000000 ____D () C:\Users\Public\Documents\Wondershare 2014-10-27 10:16 - 2014-10-27 10:16 - 00000000 ____D () C:\Users\Wiex\Downloads\Soundgarden - Badmotorfinger 2014-10-27 10:11 - 2014-10-27 10:21 - 00000000 ____D () C:\Users\Wiex\Downloads\Lauryn Hill - The Miseducation Of Lauryn Hill 2014-10-27 03:28 - 2014-10-27 03:28 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2014-10-27 03:24 - 2014-10-27 03:24 - 01263728 _____ (Ellora Assets Corporation ) C:\Users\Wiex\Downloads\FreemakeAudioConverterSetup.exe 2014-10-27 03:20 - 2014-10-27 03:20 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\New Version Available 2014-10-27 03:19 - 2014-10-27 03:22 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\Cool Record Edit Pro 2014-10-27 03:19 - 2014-10-27 03:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cool Record Edit Pro 2014-10-27 03:19 - 2006-03-23 12:56 - 00113486 _____ () C:\Windows\system32\NCTWMAProfiles.prx 2014-10-27 03:19 - 2005-05-18 11:52 - 01212416 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioInformation2.dll 2014-10-27 03:19 - 2005-05-17 12:37 - 01986560 _____ (NCT Company Ltd.) C:\Windows\system32\NCTAudioFile2.dll 2014-10-27 03:19 - 2005-04-25 13:01 - 00458752 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioRecord2.dll 2014-10-27 03:19 - 2005-04-25 13:01 - 00458752 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioPlayer2.dll 2014-10-27 03:19 - 2005-04-15 12:08 - 00880640 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioEditor2.dll 2014-10-27 03:19 - 2005-04-04 17:21 - 00602112 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioTransform2.dll 2014-10-27 03:19 - 2005-03-28 15:54 - 00479232 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioVisualization2.dll 2014-10-27 03:19 - 2005-03-28 15:52 - 00417792 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTTextToAudio2.dll 2014-10-27 03:19 - 2005-02-24 11:51 - 00348160 _____ (NCT Company Ltd.) C:\Windows\system32\NCTWMAFile2.dll 2014-10-27 03:19 - 2004-11-04 13:31 - 00835584 _____ (NCT) C:\Windows\system32\NCTAudioCDGrabber2.dll 2014-10-27 03:19 - 2002-01-05 16:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll 2014-10-27 02:04 - 2014-10-27 02:59 - 00000000 ____D () C:\Users\Wiex\Downloads\Bob Marley And The Wailers - 5 Classic Albums [Box Set] (2013) FLAC Beolab1700 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-26 18:07 - 2014-04-08 11:00 - 00000350 _____ () C:\Windows\Tasks\WpsNotifyTask_Wiex.job 2014-11-26 18:01 - 2014-04-08 11:00 - 00000350 _____ () C:\Windows\Tasks\WpsUpdateTask_Wiex.job 2014-11-26 17:51 - 2006-11-02 13:45 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-26 17:51 - 2006-11-02 13:45 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-26 17:44 - 2008-01-21 07:21 - 01654506 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-26 17:44 - 2008-01-21 07:20 - 00728314 _____ () C:\Windows\system32\perfh015.dat 2014-11-26 17:44 - 2008-01-21 07:20 - 00158212 _____ () C:\Windows\system32\perfc015.dat 2014-11-26 14:11 - 2014-02-16 10:37 - 00000356 _____ () C:\Windows\Tasks\Wise Care 365.job 2014-11-26 13:53 - 2014-10-25 08:24 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-26 13:53 - 2014-02-16 10:27 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\Wise Care 365 2014-11-26 13:51 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-26 13:50 - 2013-12-09 15:25 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-26 13:49 - 2006-11-02 13:58 - 00032564 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-11-26 13:02 - 2014-10-10 12:34 - 00000000 ____D () C:\ProgramData\TEMP 2014-11-26 12:54 - 2013-06-14 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2014-11-26 12:28 - 2013-06-23 14:39 - 00000000 ____D () C:\Users\Wiex\Downloads\gfsp110 2014-11-25 12:30 - 2013-06-14 14:59 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\uTorrent 2014-11-24 23:53 - 2013-06-15 13:02 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\AIMP3 2014-11-24 18:03 - 2013-06-24 18:52 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\DAEMON Tools Lite 2014-11-24 18:03 - 2013-06-14 14:34 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\Media Player Classic 2014-11-24 18:02 - 2013-08-14 18:46 - 00000000 ____D () C:\Users\Wiex\AppData\Local\CrashDumps 2014-11-24 15:22 - 2013-06-22 09:56 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-11-24 15:22 - 2013-06-22 09:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-11-23 10:00 - 2014-02-16 10:37 - 00000336 _____ () C:\Windows\Tasks\Wise Turbo Checker.job 2014-11-19 11:58 - 2014-05-23 14:55 - 00000000 ____D () C:\Program Files\Opera Next 2014-11-14 17:32 - 2013-06-13 23:17 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-11-14 17:30 - 2013-06-13 23:16 - 00000000 ____D () C:\Program Files\Common Files\InstallShield 2014-11-14 12:28 - 2013-06-14 08:38 - 00000000 ____D () C:\Users\Wiex\Documents\My Games 2014-11-14 10:22 - 2014-10-03 11:12 - 00000000 ____D () C:\Program Files\CyberGhost 5 2014-11-12 16:56 - 2013-06-13 23:55 - 00000000 ____D () C:\Windows\Panther 2014-11-12 15:41 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-11-12 14:56 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache 2014-11-12 14:36 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-11-12 14:26 - 2014-09-13 03:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-11-12 14:24 - 2013-07-16 18:13 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-12 14:16 - 2006-11-02 11:24 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-11-07 15:23 - 2013-12-31 13:16 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\AlawarEntertainment 2014-11-07 14:03 - 2013-06-14 08:07 - 00000000 ____D () C:\Program Files\CCleaner 2014-11-07 13:22 - 2014-09-08 11:21 - 00000000 ____D () C:\Program Files\Popcorn Time 2014-11-07 13:22 - 2014-08-20 08:24 - 00000000 ____D () C:\Users\Wiex\Downloads\NTFSMechanicStandard211 2014-11-07 13:22 - 2014-04-25 07:54 - 00000000 ____D () C:\Users\Wiex\Downloads\AiseesoftPDFtoWordConverter326 2014-11-07 13:22 - 2013-07-02 23:46 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\To the Moon 2014-11-06 18:23 - 2013-06-26 23:21 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\Skype 2014-11-04 00:08 - 2013-06-24 10:18 - 00000000 ____D () C:\Users\Wiex\Documents\Odzysk Reason 2014-11-03 11:57 - 2013-11-22 12:10 - 00000000 ____D () C:\Users\Wiex\AppData\Local\NVIDIA Corporation 2014-11-02 15:15 - 2013-11-01 21:21 - 00000000 ____D () C:\Users\Wiex\AppData\Roaming\Artifex Mundi 2014-11-02 10:02 - 2014-09-15 05:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-11-02 10:02 - 2014-09-15 05:47 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack 2014-11-02 10:02 - 2013-06-26 23:20 - 00000000 ____D () C:\ProgramData\Skype 2014-10-30 12:45 - 2014-06-17 21:43 - 00000779 _____ () C:\Users\Wiex\Desktop\LGMobile Support Tool.lnk 2014-10-30 12:45 - 2013-08-12 07:43 - 00002411 _____ () C:\Windows\system32\lgAxconfig.ini 2014-10-30 12:24 - 2013-06-14 00:02 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-30 10:37 - 2013-06-13 23:07 - 00000000 ____D () C:\Users\Wiex 2014-10-30 10:35 - 2013-08-12 07:41 - 00000000 ____D () C:\Program Files\LG Electronics 2014-10-30 10:13 - 2013-08-12 07:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool 2014-10-30 09:57 - 2014-01-31 19:27 - 00000000 ____D () C:\Users\Wiex\.android 2014-10-30 01:58 - 2014-10-04 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2014-10-27 01:07 - 2014-10-26 23:43 - 00000000 ____D () C:\Users\Wiex\Downloads\Life.On.Mars.UK.Complete.With.Extras.WS.DVDRip.XviD-SAiNTS Files to move or delete: ==================== C:\ProgramData\D__Programy_HideIPEasy_HideIPEasy.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-26 13:58 ==================== End Of Log ============================