Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win 7 infected with astromenda


  • This topic is locked This topic is locked
2 replies to this topic

#1 kwiku

kwiku

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 09 November 2014 - 08:07 AM

I have a problem my computer is infected with astromenda and i don't know what to do any more.
I even reinstall Google Chrome and it didn't work. Please help me.

 

Qysk.png

 

I did FRST but i don't know what to do from that point.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014
Ran by kwikumila (administrator) on KWIKMILA on 09-11-2014 13:54:44
Running from C:\Users\kwikumila\Desktop
Loaded Profile: kwikumila (Available profiles: kwikumila)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
() C:\Program Files (x86)\Opera\25.0.1614.68\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6470760 2012-05-08] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKU\S-1-5-21-4248575868-1959609491-3380166530-1000\...\Run: [Google Update] => C:\Users\kwikumila\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-06] (Google Inc.)
HKU\S-1-5-21-4248575868-1959609491-3380166530-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-4248575868-1959609491-3380166530-1000\...\MountPoints2: {a04b98ce-b7d4-11e3-88eb-d43d7e18f998} - E:\Startme.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com/web/?type=ds&ts=1398267527&from=smt&uid=ST1000DL002-9TT153_W1V19EYKXXXXW1V19EYK&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1398267527&from=smt&uid=ST1000DL002-9TT153_W1V19EYKXXXXW1V19EYK
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.qone8.com/web/?type=ds&ts=1398267527&from=smt&uid=ST1000DL002-9TT153_W1V19EYKXXXXW1V19EYK&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.qone8.com/web/?type=ds&ts=1398267527&from=smt&uid=ST1000DL002-9TT153_W1V19EYKXXXXW1V19EYK&q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Mega Browse -> {4e6cd411-ce62-4584-97ff-6afbcf6900af} -> C:\Program Files (x86)\Mega Browse\MegaBrowsebho.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @naver.com/npNLiveCast -> C:\Users\kwikumila\AppData\Roaming\Mozillia\Plugins\NPNLiveCast.dll No File
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\kwikumila\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\kwikumila\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\kwikumila\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\kwikumila\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\kwikumila\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\kwikumila\AppData\Roaming\mozilla\plugins\NPNLiveCast.dll (NHN Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\kwikumila\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-08-08]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.pl/
CHR StartupUrls: Default -> "https://www.google.pl/", "hxxp://start.qone8.com/?type=hppp&ts=1398278970&from=smt&uid=ST1000DL002-9TT153_W1V19EYKXXXXW1V19EYK"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\kwikumila\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\kwikumila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-22]
CHR Extension: (MakeGIF Video Capture) - C:\Users\kwikumila\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhdjbfjheoohmhpakglckehdcgfffbl [2014-11-05]
CHR Extension: (Adblock Super) - C:\Users\kwikumila\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljnlmbpodflckinmdhklgnpejcoaendc [2014-10-22]
CHR Extension: (Google Wallet) - C:\Users\kwikumila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-22]
CHR Extension: (Adblock Pro) - C:\Users\kwikumila\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2014-10-22]
CHR Extension: (Mój motyw Chrome) - C:\Users\kwikumila\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-10-22]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-04] (Electronic Arts)
S2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe -service [X]
S2 Update Mega Browse; "C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe" [X] <==== ATTENTION
S2 Util Mega Browse; "C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe" [X] <==== ATTENTION
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-23] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-09 13:54 - 2014-11-09 13:55 - 00016923 _____ () C:\Users\kwikumila\Desktop\FRST.txt
2014-11-09 13:54 - 2014-11-09 13:54 - 00000000 ____D () C:\FRST
2014-11-09 13:53 - 2014-11-09 13:53 - 02115584 _____ (Farbar) C:\Users\kwikumila\Desktop\FRST64.exe
2014-11-09 13:52 - 2014-11-09 13:52 - 00060619 _____ () C:\Users\kwikumila\Documents\bookmarks_09.11.2014.html
2014-11-09 13:45 - 2014-11-09 13:45 - 00002265 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-09 13:45 - 2014-11-09 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-09 13:43 - 2014-11-09 13:48 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 13:43 - 2014-11-09 13:48 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 13:43 - 2014-11-09 13:43 - 00880272 _____ (Google Inc.) C:\Users\kwikumila\Desktop\ChromeSetup.exe
2014-11-09 13:43 - 2014-11-09 13:43 - 00004050 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-09 13:43 - 2014-11-09 13:43 - 00003798 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-09 13:18 - 2014-11-09 13:18 - 03013652 _____ () C:\Users\kwikumila\Desktop\1124481.mp4
2014-11-09 13:18 - 2014-11-09 13:18 - 00005671 _____ () C:\Users\kwikumila\Desktop\The Originals  The Awakening - First Sneak Peek.html
2014-11-09 13:18 - 2014-11-09 13:18 - 00000000 ____D () C:\Users\kwikumila\Desktop\The Originals  The Awakening - First Sneak Peek_files
2014-11-09 09:40 - 2014-11-09 09:40 - 00000112 _____ () C:\Windows\setupact.log
2014-11-09 09:40 - 2014-11-09 09:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-09 01:11 - 2014-11-09 01:11 - 10057667 _____ () C:\Users\kwikumila\Desktop\Tazza-The_Hidden_Card_(2014)_AIRENs357.net.part3.rar
2014-11-09 00:48 - 2014-11-09 00:55 - 408944640 _____ () C:\Users\kwikumila\Desktop\Tazza-The_Hidden_Card_(2014)_AIRENs357.net.part2.rar
2014-11-09 00:09 - 2014-11-09 00:16 - 408944640 _____ () C:\Users\kwikumila\Desktop\Tazza-The_Hidden_Card_(2014)_AIRENs357.net.part1.rar
2014-11-06 15:19 - 2014-11-06 15:19 - 00000000 ____D () C:\Users\kwikumila\AppData\Roaming\Naver
2014-11-06 15:19 - 2014-11-06 15:19 - 00000000 ____D () C:\Users\kwikumila\AppData\Local\Naver
2014-11-06 13:49 - 2014-10-30 01:56 - 00614728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-06 13:45 - 2014-10-30 05:53 - 31890064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 24554824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 20922696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 19966856 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 17258696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 14029400 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 13942368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 13189832 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-06 13:45 - 2014-10-30 05:53 - 11395672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 11333848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 04289856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 04011840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434460.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434460.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 00961224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 00932168 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 00922944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 00896144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 00870112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-11-06 13:45 - 2014-10-30 05:53 - 00027024 _____ () C:\Windows\system32\nvinfo.pb
2014-11-04 17:06 - 2014-11-04 17:06 - 01511202 _____ () C:\Users\kwikumila\Downloads\bills to pay Bruce.xlsx
2014-11-04 15:04 - 2014-11-04 15:04 - 00000000 ____D () C:\Users\kwikumila\AppData\Roaming\Mozilla
2014-11-04 01:32 - 2014-11-04 01:36 - 167406026 _____ () C:\Users\kwikumila\Downloads\141025 [HD]YG Family in Taiwan Encore Fantastic Baby&江南STYLE 延伸舞台近距離.mp4
2014-11-01 16:09 - 2014-11-01 16:09 - 00000000 ____D () C:\Users\kwikumila\AppData\Local\DDMSettings
2014-10-31 07:02 - 2014-10-31 07:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-29 09:42 - 2014-10-29 09:42 - 00001300 _____ () C:\Users\kwikumila\Desktop\photoFXlab (64-bit).lnk
2014-10-29 09:42 - 2014-10-29 09:42 - 00000000 ____D () C:\Users\kwikumila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs
2014-10-29 09:42 - 2014-10-29 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs
2014-10-29 09:20 - 2014-10-29 09:20 - 00000000 ____D () C:\Users\kwikumila\AppData\Local\PackageAware
2014-10-26 16:23 - 2014-10-26 16:24 - 00233984 _____ () C:\Users\kwikumila\Desktop\Elena and Stefan ---- Stefan, i love you....mp4.sfk
2014-10-26 16:23 - 2014-10-26 16:24 - 00183520 _____ () C:\Users\kwikumila\Desktop\Damon and Elena 4x10(I Love You Damon).mp4.sfk
2014-10-26 16:23 - 2014-10-26 16:24 - 00167288 _____ () C:\Users\kwikumila\Desktop\Sam Tsui - Next Best Thing.mp3.sfk
2014-10-26 16:16 - 2014-10-26 16:17 - 21272147 _____ () C:\Users\kwikumila\Desktop\Damon and Elena 4x10(I Love You Damon).mp4
2014-10-26 16:16 - 2014-10-26 16:16 - 10389007 _____ () C:\Users\kwikumila\Desktop\Elena and Stefan ---- Stefan, i love you....mp4
2014-10-25 18:04 - 2014-10-30 14:36 - 00003872 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1414256670
2014-10-25 18:04 - 2014-10-25 18:04 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-10-22 17:27 - 2014-11-09 13:44 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-22 17:03 - 2014-10-16 17:54 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434448.dll
2014-10-22 17:03 - 2014-10-16 17:54 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434448.dll
2014-10-19 17:32 - 2014-10-19 17:32 - 00000000 __SHD () C:\Users\kwikumila\AppData\Local\EmieUserList
2014-10-19 17:32 - 2014-10-19 17:32 - 00000000 __SHD () C:\Users\kwikumila\AppData\Local\EmieSiteList
2014-10-18 21:37 - 2014-10-18 21:40 - 57072318 _____ () C:\Users\kwikumila\Desktop\D-LITE (DAESUNG of BIGBANG) - SHUT UP M-V.mp4
2014-10-16 09:05 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 09:05 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 09:05 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 09:05 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 09:05 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 09:05 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 09:05 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 09:05 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 09:05 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 09:05 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 09:05 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 09:05 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 09:05 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 09:05 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 09:05 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 09:05 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 09:05 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 09:05 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 09:05 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 09:05 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 09:05 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 09:05 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 09:05 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 09:05 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 09:05 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 09:05 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 09:05 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 09:05 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 09:05 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 09:05 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 09:05 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 09:05 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 09:05 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 09:05 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 09:05 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 09:05 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 09:05 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 09:05 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 09:05 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 09:05 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 09:05 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 09:05 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 09:05 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 09:05 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 09:05 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 09:05 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 09:05 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 09:05 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 09:05 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 09:05 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 09:05 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 09:05 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 09:05 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 09:05 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 09:05 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 09:05 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 09:04 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 09:04 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 09:04 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 09:04 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 09:04 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 09:04 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 09:04 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 09:04 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 09:04 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 09:04 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 09:04 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 09:04 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 09:04 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 09:04 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 09:04 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 09:04 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 09:04 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 09:04 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 09:04 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 09:04 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 09:04 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 09:04 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 09:04 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 09:04 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 09:04 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 09:04 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 09:04 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 09:04 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 09:04 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 09:04 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 09:04 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 09:04 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 08:38 - 2014-10-14 08:38 - 181974298 _____ () C:\Users\kwikumila\AppData\Local\ACCCx2_8_0_447.zip.aamdownload
2014-10-14 08:38 - 2014-10-14 08:38 - 00002174 _____ () C:\Users\kwikumila\AppData\Local\ACCCx2_8_0_447.zip.aamdownload.aamd
2014-10-12 13:46 - 2014-10-13 11:47 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-12 13:46 - 2014-10-12 13:46 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-11 18:42 - 2014-11-09 13:44 - 00001496 _____ () C:\Users\kwikumila\AppData\Local\Adobe Zapisz dla Internetu 13.0 Prefs
2014-10-11 18:37 - 2014-10-11 19:58 - 00000000 ____D () C:\Users\kwikumila\Documents\Adobe
2014-10-11 18:33 - 2014-10-11 18:33 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-10-11 18:32 - 2014-10-11 18:32 - 00001040 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2014-10-11 18:32 - 2014-10-11 18:32 - 00000000 ____D () C:\Program Files\Adobe
2014-10-11 18:27 - 2014-10-11 18:32 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-11 18:27 - 2014-10-11 18:27 - 00001534 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2014-10-11 18:21 - 2014-10-13 11:43 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-11 10:49 - 2014-10-11 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-09 13:54 - 2014-03-29 11:43 - 00000000 ____D () C:\Users\kwikumila
2014-11-09 13:03 - 2014-03-29 12:20 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-09 13:02 - 2014-04-06 21:38 - 00001074 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4248575868-1959609491-3380166530-1000UA.job
2014-11-09 12:14 - 2014-03-30 08:22 - 00000000 ____D () C:\Users\kwikumila\AppData\Roaming\Skype
2014-11-09 10:23 - 2014-05-23 14:44 - 00000000 ____D () C:\Users\kwikumila\Documents\FIFA World
2014-11-09 10:23 - 2014-03-30 08:10 - 00000000 ____D () C:\Program Files (x86)\Total Video Converter
2014-11-09 10:23 - 2010-11-21 08:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-11-09 10:23 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-09 10:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-09 08:27 - 2009-07-14 05:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 08:27 - 2009-07-14 05:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 08:25 - 2011-02-04 18:20 - 00739694 _____ () C:\Windows\system32\perfh015.dat
2014-11-09 08:25 - 2011-02-04 18:20 - 00155268 _____ () C:\Windows\system32\perfc015.dat
2014-11-09 08:25 - 2009-07-14 06:13 - 01668226 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 08:21 - 2014-03-29 12:10 - 01806152 _____ () C:\Windows\WindowsUpdate.log
2014-11-09 08:18 - 2014-03-29 12:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-09 08:18 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 02:00 - 2014-08-29 16:32 - 00000000 ____D () C:\Users\kwikumila\AppData\Local\Adobe
2014-11-08 19:59 - 2014-04-12 23:25 - 00000000 ____D () C:\Users\kwikumila\AppData\Local\CrashDumps
2014-11-06 22:33 - 2014-03-29 11:58 - 00000000 ___RD () C:\Users\kwikumila\Desktop\Pobrane
2014-11-06 15:56 - 2014-03-30 11:50 - 00000000 ____D () C:\Users\kwikumila\AppData\Roaming\.minecraft
2014-11-06 14:02 - 2014-04-06 21:38 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4248575868-1959609491-3380166530-1000Core.job
2014-11-06 13:50 - 2014-08-01 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-06 13:50 - 2014-04-20 10:18 - 00000000 ____D () C:\Temp
2014-11-06 13:49 - 2014-03-29 12:02 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-06 13:14 - 2014-04-04 15:46 - 00000000 ____D () C:\ProgramData\Origin
2014-11-06 13:14 - 2014-04-04 15:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-03 23:38 - 2014-04-04 16:05 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-11-03 15:39 - 2014-07-11 10:54 - 00000000 ____D () C:\Users\kwikumila\Desktop\Milenowate
2014-10-31 07:02 - 2014-03-30 08:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-31 07:02 - 2014-03-30 08:22 - 00000000 ____D () C:\ProgramData\Skype
2014-10-30 14:36 - 2014-03-29 12:03 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-30 05:53 - 2014-09-19 17:14 - 18497600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-10-30 05:53 - 2014-09-19 17:14 - 02849224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-10-30 05:53 - 2014-03-20 23:03 - 20966504 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-10-30 05:53 - 2014-03-20 23:03 - 00987008 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-10-30 05:53 - 2014-03-20 23:02 - 16886168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-10-30 05:53 - 2014-03-20 23:02 - 03237528 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-10-30 03:10 - 2014-03-29 12:02 - 06880968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-10-30 03:10 - 2014-03-29 12:02 - 03533632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-10-30 03:10 - 2014-03-29 12:02 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-10-30 03:10 - 2014-03-29 12:02 - 00935232 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-10-30 03:10 - 2014-03-29 12:02 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-10-30 03:10 - 2014-03-29 12:02 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-10-29 17:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-29 09:42 - 2014-03-30 09:39 - 00000000 ____D () C:\Program Files\Common Files\Topaz Labs
2014-10-29 09:42 - 2014-03-30 09:38 - 00000000 ____D () C:\Program Files (x86)\Topaz Labs
2014-10-29 09:40 - 2014-03-29 12:20 - 00000000 ____D () C:\Users\kwikumila\AppData\Roaming\Adobe
2014-10-28 06:34 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-27 13:29 - 2014-03-29 12:20 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-27 13:29 - 2014-03-29 12:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-27 13:29 - 2014-03-29 12:20 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-27 01:34 - 2014-03-29 12:02 - 04066553 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-22 17:28 - 2014-03-29 11:54 - 00000000 ____D () C:\Users\kwikumila\AppData\Local\Google
2014-10-20 12:57 - 2014-04-06 21:38 - 00004052 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4248575868-1959609491-3380166530-1000UA
2014-10-20 12:57 - 2014-04-06 21:38 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4248575868-1959609491-3380166530-1000Core
2014-10-19 18:11 - 2014-04-22 23:12 - 00000000 ____D () C:\Users\kwikumila\Documents\Electronic Arts
2014-10-17 14:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 09:26 - 2009-07-14 05:45 - 08425224 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 09:24 - 2014-04-30 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 09:09 - 2014-03-30 11:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 09:06 - 2014-03-30 11:31 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 14:23 - 2014-05-01 15:39 - 00000000 ____D () C:\Program Files (x86)\Mad Scientist Productions
2014-10-14 13:49 - 2014-06-18 08:15 - 00000000 ____D () C:\Users\kwikumila\AppData\Local\Battle.net
2014-10-14 13:48 - 2014-06-18 08:15 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-14 13:44 - 2014-06-18 08:18 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-10-14 13:41 - 2014-03-29 11:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-11 18:35 - 2014-03-29 11:53 - 01115944 _____ () C:\Users\kwikumila\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-11 18:30 - 2014-08-18 15:41 - 00000000 ____D () C:\ProgramData\Package Cache
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-05 23:52
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014
Ran by kwikumila at 2014-11-09 13:55:34
Running from C:\Users\kwikumila\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ABBYY FineReader OCR Engine for ScanWizard (HKLM-x32\...\{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version:  - Gameforge)
Aktualizacje NVIDIA 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
AMD Catalyst Install Manager (HKLM\...\{9AFAAEAF-7256-793D-AE2B-B4B2C5B3A807}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
AppCloudUpdater (HKCU\...\AppCloudUpdater) (Version:  - AppCloudUpdater) <==== ATTENTION
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 6.5.6.0 - Auslogics Labs Pty Ltd)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
Crusader No Remorse (HKLM-x32\...\{2AEA735F-B393-4D89-93EF-5849CB72B4A3}) (Version: 1.0.0.2 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.80 - DivX, LLC)
EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.1.0.50515 - Electronic Arts, Inc.)
ESET Smart Security (HKLM\...\{B00F3D06-90CA-4388-8622-FD018675C29A}) (Version: 7.0.317.4 - ESET, spol s r. o.)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java Packages (HKCU\...\Java Packages) (Version:  - ) <==== ATTENTION
K-Lite Codec Pack 10.6.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.0 - )
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Naver Live Streaming Service (HKCU\...\NLiveCast) (Version: 1.3.0.21 - NAVER Corp.)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.60 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.60 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
Opera Stable 25.0.1614.68 (HKLM-x32\...\Opera 25.0.1614.68) (Version: 25.0.1614.68 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Panel sterowania NVIDIA 344.60 (Version: 344.60 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6631 - Realtek Semiconductor Corp.)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
ScanWizard 5 (HKLM-x32\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version:  - )
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TESTY kat.B (HKCU\...\a1f5679f437956d6) (Version: 2.7.0.8 - Liwona)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.2.16.10 - Electronic Arts Inc.)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC)
Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.2.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz ReMask 3 (HKLM-x32\...\Topaz ReMask 3) (Version: 3.2.1 - Topaz Labs, LLC)
Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.1.1 - Topaz Labs, LLC)
Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.1.0 - Topaz Labs, LLC)
Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version:  - EffectMatrix Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}) (Version: 12.0.394 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Windows 7 Codec Pack 4.1.0 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.1.0 - Windows 7 Codec Pack)
WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-4248575868-1959609491-3380166530-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\kwikumila\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-4248575868-1959609491-3380166530-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\kwikumila\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4248575868-1959609491-3380166530-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\kwikumila\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4248575868-1959609491-3380166530-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\kwikumila\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4248575868-1959609491-3380166530-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\kwikumila\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4248575868-1959609491-3380166530-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\kwikumila\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
06-11-2014 12:46:42 Zainstalowany program DirectX
07-11-2014 12:58:49 Windows Update
09-11-2014 00:27:37 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {5801FCF4-C585-4534-83A7-7C38BDA79561} - System32\Tasks\AdobeAAMUpdater-1.0-kwikmila-kwikumila => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {66F21C8B-5AF3-457F-96E8-7FB4AE9F9545} - System32\Tasks\{1AF50FB0-BB50-4628-AE75-D501E7E89DAB} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe [2014-08-07] ()
Task: {888C8B62-CFAC-472A-B7E1-C2413D5999A0} - System32\Tasks\{FEA4C3BE-7B30-4B9A-AA0A-D2D50ED5F94D} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe [2014-08-07] ()
Task: {915AA1A5-9D87-4C45-9067-EA90A306E8C5} - System32\Tasks\Opera scheduled Autoupdate 1414256670 => C:\Program Files (x86)\Opera\launcher.exe [2014-10-29] (Opera Software)
Task: {A71F335C-FF0D-458B-A050-8C5C22FE0A4D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {A8BC5A3B-2A7F-49F1-829E-296D21E50545} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4248575868-1959609491-3380166530-1000Core => C:\Users\kwikumila\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-06] (Google Inc.)
Task: {B32C208E-3167-4465-8BF2-8F1F9BFA279E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-27] (Adobe Systems Incorporated)
Task: {D8ED8E31-D67F-4D6E-B265-EEBAB5BC152F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4248575868-1959609491-3380166530-1000UA => C:\Users\kwikumila\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-06] (Google Inc.)
Task: {DAD12E46-9A6F-43DF-A7B2-FF2F5841B274} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4248575868-1959609491-3380166530-1000Core.job => C:\Users\kwikumila\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4248575868-1959609491-3380166530-1000UA.job => C:\Users\kwikumila\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-03-29 12:02 - 2014-10-30 03:10 - 00117064 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-07-28 17:44 - 2011-07-28 17:44 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2011-06-24 06:30 - 2011-06-24 06:30 - 00622080 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2011-06-24 06:30 - 2011-06-24 06:30 - 03641344 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-07-29 05:32 - 2014-07-29 05:32 - 00124248 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXIconHandler.dll
2014-08-13 18:13 - 2014-08-13 18:13 - 00048680 _____ () C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
2014-10-30 14:36 - 2014-10-30 14:36 - 00500344 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\opera_crashreporter.exe
2014-10-30 14:36 - 2014-10-30 14:36 - 01310328 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\libglesv2.dll
2014-10-30 14:36 - 2014-10-30 14:36 - 00219256 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\libegl.dll
2014-10-30 14:36 - 2014-10-30 14:36 - 09218680 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\pdf.dll
2014-10-30 14:36 - 2014-10-30 14:36 - 00991864 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\ffmpegsumo.dll
2014-10-27 13:29 - 2014-10-27 13:29 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-4248575868-1959609491-3380166530-500 - Administrator - Disabled)
Gość (S-1-5-21-4248575868-1959609491-3380166530-501 - Limited - Disabled)
kwikumila (S-1-5-21-4248575868-1959609491-3380166530-1000 - Administrator - Enabled) => C:\Users\kwikumila
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/09/2014 11:25:36 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Wystąpił błąd podczas inicjacji infrastruktury dołączania interfejsu API profilowania. Ten proces nie zezwoli na dołączenie profilera. HRESULT: 0x80004005.  Identyfikator procesu (liczba dziesiętna): 2644. Identyfikator komunikatu: [0x2509].
 
Error: (11/09/2014 08:19:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/09/2014 01:25:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/09/2014 01:24:23 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (11/09/2014 01:24:23 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (11/09/2014 01:24:23 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (11/09/2014 01:12:55 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Wystąpił błąd podczas inicjacji infrastruktury dołączania interfejsu API profilowania. Ten proces nie zezwoli na dołączenie profilera. HRESULT: 0x80004005.  Identyfikator procesu (liczba dziesiętna): 3440. Identyfikator komunikatu: [0x2509].
 
Error: (11/08/2014 08:10:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/08/2014 07:59:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: TS4.exe, wersja: 1.2.16.10, sygnatura czasowa: 0x544b0c38
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000000c
Identyfikator procesu powodującego błąd: 0xa80
Godzina uruchomienia aplikacji powodującej błąd: 0xTS4.exe0
Ścieżka aplikacji powodującej błąd: TS4.exe1
Ścieżka modułu powodującego błąd: TS4.exe2
Identyfikator raportu: TS4.exe3
 
Error: (11/08/2014 05:25:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (11/09/2014 08:19:58 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Usługa AMD FUEL Service zawiesiła się podczas uruchamiania.
 
Error: (11/09/2014 08:18:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Util Mega Browse z powodu następującego błędu: 
%%2
 
Error: (11/09/2014 08:18:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Update Mega Browse z powodu następującego błędu: 
%%2
 
Error: (11/09/2014 08:18:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi IePlugin Service z powodu następującego błędu: 
%%2
 
Error: (11/09/2014 01:29:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT)
Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.187.1532.0).
 
Error: (11/09/2014 01:24:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Util Mega Browse z powodu następującego błędu: 
%%2
 
Error: (11/09/2014 01:24:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Update Mega Browse z powodu następującego błędu: 
%%2
 
Error: (11/09/2014 01:24:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi IePlugin Service z powodu następującego błędu: 
%%2
 
Error: (11/08/2014 08:09:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Util Mega Browse z powodu następującego błędu: 
%%2
 
Error: (11/08/2014 08:09:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Update Mega Browse z powodu następującego błędu: 
%%2
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: AMD FX™-4100 Quad-Core Processor 
Percentage of memory in use: 47%
Total physical RAM: 8175.18 MB
Available physical RAM: 4305.2 MB
Total Pagefile: 16348.54 MB
Available Pagefile: 10034.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:621.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D0FE9BAA)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 14 November 2014 - 10:55 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/555366 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 19 November 2014 - 11:00 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users