Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Anti-Viruses and MBAM not working, rkill causes BSOD [Closed]


  • This topic is locked This topic is locked

#1
Mondaorata

Mondaorata

    New Member

  • Member
  • Pip
  • 1 posts

Hi, my problem is common here, I was trying to solve this myself and not bother you all but this outgrew me apparently so here I am.

Some time ago I noticed that AVG was disabled, it can't run scan or do anything - tried to fix that, later I tried to reinstall and I can't do even that (problem with running service watchdog). Installed Avast - it opened but nothing was active. ESET online caused BSOD, programs like RogueKiller or rkill? BSOD (critical_process_died). I installed Malwarebytes Anti-Malware but it won't open. 

I managed to install FRST so I have its reports, here they are:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Szmok (administrator) on KALIGULA on 20-07-2015 22:29:49
Running from C:\Users\Bannanibal\Desktop
Loaded Profiles: Szmok (Available Profiles: Szmok & nosfe_000)
Platform: Windows 8.1 Pro (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Users\Bannanibal\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SynptSync64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(LINE Corporation) C:\Program Files (x86)\LINE\LINE.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [99128 2012-08-16] (Synaptics Incorporated)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Fences\Fences.exe [4031152 2013-11-26] (Stardock Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-06-27] (Power Software Ltd)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3270334193-1045260285-2213456034-1001\...\Run: [GoogleChromeAutoLaunch_DCD794AF85753C572685390FC09C81C0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-13] (Google Inc.)
HKU\S-1-5-21-3270334193-1045260285-2213456034-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3270334193-1045260285-2213456034-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3270334193-1045260285-2213456034-1001\...\Run: [LINE] => C:\Program Files (x86)\LINE\LINE.exe [15623704 2015-07-15] (LINE Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-06-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155280 2015-06-17] (NVIDIA Corporation)
Startup: C:\Users\Bannanibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2014-11-05]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\Bannanibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk [2014-11-01]
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Bannanibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\z.lnk [2015-06-10]
ShortcutTarget: z.lnk -> C:\Users\Bannanibal\AppData\Roaming\obdevjbcnv.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3270334193-1045260285-2213456034-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-08] (Oracle Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-08] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-08] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-08] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 62.21.99.94 62.21.99.95
Tcpip\..\Interfaces\{0AB28D3B-D5A9-4D3E-AE0F-16EF0E34CEB4}: [DhcpNameServer] 62.21.99.94 62.21.99.95
 
FireFox:
========
FF ProfilePath: C:\Users\Bannanibal\AppData\Roaming\Mozilla\Firefox\Profiles\brvhcbnw.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-05-13]
 
Chrome: 
=======
CHR Profile: C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-01]
CHR Extension: (Google Docs) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-01]
CHR Extension: (Google Drive) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-01]
CHR Extension: (YouTube) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-01]
CHR Extension: (Vocabla: Vocabulary App) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdnfmoippfkddcakmbeaglgjcfcfcfmk [2014-11-01]
CHR Extension: (Google Search) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-01]
CHR Extension: (Pixlr-o-matic) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2014-11-01]
CHR Extension: (Google Sheets) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-01]
CHR Extension: (XKit) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-11-01]
CHR Extension: (AdBlock) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-01]
CHR Extension: (Avast Online Security) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-08]
CHR Extension: (Science Games) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhkbmeofdbocbikifackchhdginkkok [2014-11-01]
CHR Extension: (8tracks Downloader) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgngfkbldnnknadeokgcdkjjnjifljhb [2015-02-01]
CHR Extension: (Typing Test - KeyHero) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2014-11-01]
CHR Extension: (Evernote Web) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-11-01]
CHR Extension: (Google Mail Checker) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-11-01]
CHR Extension: (ChemReference: Periodic Table) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjpnebljmdbglkmlnijcaplhfhkhdnib [2014-11-01]
CHR Extension: (Google Wallet) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-01]
CHR Extension: (Picasa) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-11-01]
CHR Extension: (Gmail) - C:\Users\Bannanibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-01]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 DAUpdaterSvc; D:\Giery\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-16] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-16] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VSSS; C:\Users\Bannanibal\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [100502144 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S2 avgwd; "C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2015-07-15] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-07-15] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-10-16] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-07-20] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-20 22:29 - 2015-07-20 22:30 - 00020541 _____ C:\Users\Bannanibal\Desktop\FRST.txt
2015-07-20 22:29 - 2015-07-20 22:29 - 00000000 ____D C:\FRST
2015-07-20 22:28 - 2015-07-20 22:28 - 02135552 _____ (Farbar) C:\Users\Bannanibal\Desktop\FRST64.exe
2015-07-20 22:16 - 2015-07-20 22:16 - 00262144 _____ C:\Windows\Minidump\072015-29859-01.dmp
2015-07-20 22:14 - 2015-07-20 22:14 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Bannanibal\Desktop\rkill64.com
2015-07-20 22:14 - 2015-07-20 22:14 - 00000000 _____ C:\Users\Bannanibal\Desktop\Rkill.txt
2015-07-20 22:13 - 2015-07-20 22:13 - 03210688 _____ C:\Users\Bannanibal\Desktop\Niepotwierdzony 787376.crdownload
2015-07-20 22:12 - 2015-07-20 22:12 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Bannanibal\Desktop\rkill.com
2015-07-20 22:08 - 2015-07-20 22:08 - 00262144 _____ C:\Windows\Minidump\072015-58109-01.dmp
2015-07-20 22:01 - 2015-07-20 22:02 - 00000000 ____D C:\ProgramData\RogueKiller
2015-07-20 22:01 - 2015-07-20 22:01 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-07-20 21:59 - 2015-07-20 22:01 - 18704968 _____ C:\Users\Bannanibal\Desktop\RogueKiller.exe
2015-07-20 21:56 - 2015-07-20 21:58 - 09435312 _____ (Malwarebytes Corporation ) C:\Users\Bannanibal\Desktop\mbam-setup-1.51.0.1200.exe
2015-07-18 13:15 - 2015-07-18 13:15 - 00000998 _____ C:\Users\nosfe_000\Desktop\Uruchom grę Cywilizacja III Conquests.lnk
2015-07-18 13:15 - 2015-07-18 13:15 - 00000998 _____ C:\Users\Bannanibal\Desktop\Uruchom grę Cywilizacja III Conquests.lnk
2015-07-18 13:08 - 2015-07-18 13:08 - 00003026 _____ C:\Windows\System32\Tasks\{43DB58EB-F323-45AF-977A-48F94F083000}
2015-07-18 13:05 - 2015-07-18 13:05 - 00000902 _____ C:\Users\nosfe_000\Desktop\Uruchom grę Cywilizacja III.lnk
2015-07-18 13:05 - 2015-07-18 13:05 - 00000902 _____ C:\Users\Bannanibal\Desktop\Uruchom grę Cywilizacja III.lnk
2015-07-17 17:37 - 2015-07-17 17:37 - 00014880 _____ C:\Users\Bannanibal\Downloads\hannibal.digestivo.(2015).eng.1cd.(6238477).zip
2015-07-17 16:01 - 2015-07-17 16:02 - 00000000 ____D C:\Users\Bannanibal\AppData\Local\The Witcher
2015-07-17 16:01 - 2015-07-17 16:01 - 00000000 ____D C:\Users\Bannanibal\Documents\The Witcher
2015-07-15 23:06 - 2015-07-15 23:06 - 00000000 ____D C:\Users\Public\Documents\The Witcher
2015-07-15 22:14 - 2015-07-15 22:14 - 00000000 ____D C:\Windows\Cywilizacja III - Conquests
2015-07-15 22:13 - 2015-07-15 22:13 - 00000000 ____D C:\Users\Bannanibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kolekcja Klasyki
2015-07-15 22:02 - 2015-07-15 22:02 - 00000000 ____D C:\Windows\Cywilizacja III
2015-07-15 21:53 - 2015-07-15 21:58 - 609291656 _____ (Macrovision Corporation) C:\Users\Bannanibal\Downloads\TWEE_Polish_language_pack.exe
2015-07-15 21:34 - 2015-07-15 21:54 - 00000000 ____D C:\Users\Bannanibal\AppData\Local\My Games
2015-07-15 21:32 - 2015-07-15 21:42 - 953769624 _____ (Macrovision Corporation) C:\Users\Bannanibal\Downloads\TWEE_Upgrade.exe
2015-07-15 21:32 - 2015-07-15 21:38 - 386763152 _____ C:\Users\Bannanibal\Downloads\TheWitcherPatch.1.5.zip
2015-07-15 16:11 - 2015-07-15 16:11 - 00816888 _____ (Duplex Secure Ltd.) C:\Users\Bannanibal\Downloads\SPTDinst-v150-x86.exe
2015-07-15 14:26 - 2015-07-15 14:26 - 00310728 _____ C:\Windows\system32\Drivers\atksgt.sys
2015-07-15 14:26 - 2015-07-15 14:26 - 00042696 _____ C:\Windows\system32\Drivers\lirsgt.sys
2015-07-14 20:54 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-14 20:54 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-14 20:54 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-14 20:54 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-14 20:54 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-14 20:54 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-14 20:54 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-14 20:54 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-14 20:54 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-14 20:54 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 20:54 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 20:54 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-14 20:54 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-14 20:54 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-14 20:54 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-14 20:54 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-14 20:54 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-14 20:54 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-14 20:54 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 20:54 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-14 20:54 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-14 20:54 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-14 20:54 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-14 20:54 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-14 20:54 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 20:54 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 20:54 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-14 20:54 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 20:54 - 2015-05-11 20:17 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-14 20:54 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-14 20:54 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-14 20:54 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-14 20:54 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-14 20:54 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-14 20:54 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-14 20:54 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-14 20:54 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-14 20:54 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-14 20:54 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-14 20:54 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-14 20:54 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-14 20:54 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-14 20:54 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-14 20:54 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-14 20:53 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-14 20:53 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-14 20:53 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-14 20:53 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-14 20:53 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-14 20:53 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-14 20:53 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-14 20:53 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-14 20:53 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-14 20:53 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-14 20:53 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-14 20:53 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-14 20:53 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-14 20:53 - 2015-07-03 15:52 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-14 20:53 - 2015-07-03 15:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-14 20:53 - 2015-07-03 15:50 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-14 20:53 - 2015-07-03 15:50 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-14 20:53 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-14 20:53 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-14 20:53 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-14 20:53 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-14 20:53 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-14 20:53 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-14 20:52 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 20:52 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 20:52 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-14 20:52 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-14 20:52 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 20:52 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 20:52 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-14 20:52 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 20:52 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-14 20:52 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 20:52 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 20:52 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 20:52 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 20:52 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 20:52 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-14 20:52 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 20:52 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 20:52 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-14 20:52 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 20:52 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-14 20:52 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-14 20:52 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 20:52 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 20:52 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-14 20:52 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 20:52 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 20:52 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 20:52 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 20:52 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 20:52 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 20:52 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-14 20:52 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 20:52 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 20:52 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-14 20:52 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 20:52 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-14 20:52 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-14 20:52 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 20:52 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 20:52 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 20:52 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-14 20:52 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 20:52 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 20:52 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-14 20:52 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-14 20:52 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-14 20:52 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-14 20:52 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2015-07-14 20:51 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 20:51 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 20:51 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 20:51 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 20:51 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-14 20:51 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-14 20:51 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-14 20:51 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-14 20:51 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-14 20:51 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-14 20:51 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-14 20:51 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-14 20:51 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-14 20:51 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-12 08:53 - 2015-06-13 00:44 - 02061559 _____ C:\Users\Bannanibal\Desktop\Crack.zip
2015-07-11 22:47 - 2015-07-11 22:47 - 00024906 _____ C:\Users\Bannanibal\Downloads\annabelle.(2014).pol.1cd.(5996546).zip
2015-07-10 23:43 - 2015-07-10 23:43 - 00000000 ____D C:\Users\Bannanibal\AppData\Roaming\Steam
2015-07-10 21:55 - 2015-07-10 21:55 - 00000000 ____D C:\Users\Bannanibal\AppData\Roaming\The Stanley Parable
2015-07-10 21:33 - 2015-07-10 21:41 - 00000786 _____ C:\Users\Bannanibal\Desktop\Launch Sid Meier's Civilization 4 - Warlords.lnk
2015-07-10 21:33 - 2015-07-10 21:33 - 00000597 _____ C:\Users\nosfe_000\Desktop\Launch Sid Meier's Civilization 4 - Warlords.lnk
2015-07-10 17:40 - 2015-07-15 21:55 - 00000000 ____D C:\Users\Bannanibal\AppData\Roaming\InstallShield Installation Information
2015-07-10 17:40 - 2015-07-15 21:52 - 00000000 ____D C:\Users\Bannanibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firaxis Games
2015-07-10 17:40 - 2015-07-10 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firaxis Games
2015-07-09 22:14 - 2015-07-09 22:14 - 00018408 _____ C:\Users\Bannanibal\Downloads\[bleep].number.two.(2006).pol.1cd.(3412082).zip
2015-07-09 22:12 - 2015-07-09 22:13 - 00015180 _____ C:\Users\Bannanibal\Downloads\[bleep].number.two.(2006).pol.1cd.(4207626).zip
2015-07-09 22:11 - 2015-07-09 22:11 - 00003584 _____ C:\Users\Bannanibal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-09 22:09 - 2015-07-09 22:09 - 00016572 _____ C:\Users\Bannanibal\Downloads\[bleep].the.movie.(2002).pol.1cd.(4155126).zip
2015-07-08 22:56 - 2015-07-08 22:56 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-08 21:53 - 2015-07-08 21:53 - 00262144 _____ C:\Windows\Minidump\070815-28828-01.dmp
2015-07-08 19:48 - 2015-07-08 19:48 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-08 19:47 - 2015-07-08 19:48 - 02870984 _____ (ESET) C:\Users\Bannanibal\Downloads\esetsmartinstaller_plk.exe
2015-07-08 16:48 - 2015-07-08 16:48 - 00000000 ____D C:\Users\Bannanibal\Documents\Electronic Arts
2015-07-08 16:33 - 2015-07-08 21:53 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-07-08 16:33 - 2015-07-08 21:53 - 00000000 ____D C:\Windows\system32\NV
2015-07-08 16:33 - 2015-07-08 16:33 - 00002161 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-07-08 16:33 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-08 16:30 - 2015-07-08 16:30 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-08 16:30 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-08 16:30 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-08 16:30 - 2015-06-17 11:10 - 00031376 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-07-08 16:09 - 2015-07-08 16:09 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-07-08 16:09 - 2015-07-08 16:09 - 00000000 ____D C:\Windows\system32\vbox
2015-07-08 16:05 - 2015-07-08 22:53 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-08 16:03 - 2015-07-08 16:03 - 05481344 _____ (Avast Software s.r.o.) C:\Users\Bannanibal\Downloads\avast_free_antivirus_setup_online_dobreprogramy.exe
2015-07-08 15:09 - 2015-07-08 15:09 - 00000000 ____D C:\Users\Bannanibal\AppData\Local\Avg2014
2015-07-08 15:06 - 2015-07-08 15:06 - 04755192 _____ (AVG Technologies) C:\Users\Bannanibal\Downloads\avg_free_stb_eu_2014_4716_free.exe
2015-07-06 14:22 - 2015-07-06 14:22 - 00015448 _____ C:\Users\Bannanibal\Downloads\wyniki egzamin_EHMS 1 rok.xlsx
2015-07-06 14:22 - 2015-07-06 14:22 - 00014657 _____ C:\Users\Bannanibal\Downloads\wyniki egzamin_EHMS 2 rok i warunek.xlsx
2015-07-05 21:25 - 2015-07-05 21:25 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2015-07-05 21:25 - 2008-09-05 04:22 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2015-07-02 22:46 - 2015-07-02 22:46 - 02587314 _____ C:\Users\Bannanibal\Downloads\Niepotwierdzony 421861.crdownload
2015-07-02 22:45 - 2015-07-02 22:45 - 00089150 _____ C:\Users\Bannanibal\Downloads\DA2u4_Trn_P (1).zip
2015-07-02 22:41 - 2015-07-02 22:41 - 02580315 _____ C:\Users\Bannanibal\Downloads\dragonageii17trainer.zip
2015-07-02 22:38 - 2015-07-02 22:38 - 00088422 _____ C:\Users\Bannanibal\Downloads\DA2u4_Trn_P.zip
2015-06-30 22:53 - 2015-06-30 22:53 - 02360933 _____ C:\Users\Bannanibal\Downloads\EMBO YSF 2015- 20150630B.pptx
2015-06-29 22:35 - 2015-06-29 22:35 - 00027648 _____ C:\Users\Bannanibal\Downloads\ZOOT_W1.xls
2015-06-28 17:35 - 2015-06-28 17:36 - 00489564 _____ C:\Users\Bannanibal\Downloads\BRACHYSPINA.odt
2015-06-27 15:43 - 2015-06-27 15:43 - 00791144 _____ C:\Users\Bannanibal\Downloads\PTs Vibrant Colors 1_31-153.zip
2015-06-27 15:42 - 2015-06-27 15:43 - 65355474 _____ C:\Users\Bannanibal\Downloads\Dragon Age Redesigned -686.rar
2015-06-27 15:25 - 2015-06-27 15:25 - 00517970 _____ C:\Users\Bannanibal\Downloads\Anders by Fialka - DAA-4131-1-0.zip
2015-06-25 15:42 - 2015-06-16 10:05 - 00015856 _____ C:\Users\Bannanibal\Desktop\Koniepraktyki.odt
2015-06-25 15:42 - 2015-05-18 19:53 - 01837299 _____ C:\Users\Bannanibal\Desktop\New OpenDocument Dokument tekstowy.odt
2015-06-24 11:46 - 2015-06-24 11:46 - 00042496 _____ C:\Users\Bannanibal\Downloads\Wyniki _ćwiczenia.xls
2015-06-24 01:29 - 2015-06-24 01:29 - 01217192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2015-06-23 19:13 - 2015-01-22 05:24 - 02164224 _____ (LinGon) C:\Users\Bannanibal\Downloads\DragonAge3Inq+16Tr-LNG-v1.03 .exe
2015-06-23 19:13 - 2012-01-26 12:00 - 03718656 _____ C:\Users\Bannanibal\Downloads\SlimDX.dll
2015-06-23 19:12 - 2015-06-23 19:12 - 02975641 _____ C:\Users\Bannanibal\Downloads\DRAGON.AGE.3.I.X64.V1.03.PLUS16TRN.LINGON.ZIP
2015-06-23 19:11 - 2015-06-23 19:12 - 04260662 _____ C:\Users\Bannanibal\Downloads\Niepotwierdzony 452369.crdownload
2015-06-21 15:28 - 2015-06-21 15:28 - 00000000 ____D C:\Users\Bannanibal\Downloads\ChomikBox
2015-06-21 15:27 - 2015-06-21 15:31 - 233366672 _____ C:\Users\Bannanibal\Downloads\Dragon Age Inquisition (Soundtrack) (2014).zip
2015-06-21 00:38 - 2015-06-21 00:38 - 00007602 _____ C:\Users\Bannanibal\AppData\Local\Resmon.ResmonCfg
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-20 22:20 - 2014-11-01 20:34 - 02014280 _____ C:\Windows\WindowsUpdate.log
2015-07-20 22:19 - 2014-11-01 20:47 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-20 22:19 - 2014-11-01 20:47 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-20 22:16 - 2015-05-16 00:48 - 00000000 ____D C:\Windows\Minidump
2015-07-20 22:16 - 2014-11-01 20:50 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-20 22:16 - 2013-08-22 16:46 - 00068760 _____ C:\Windows\setupact.log
2015-07-20 22:16 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-20 22:09 - 2014-12-06 01:31 - 00178176 ___SH C:\Users\Bannanibal\Desktop\Thumbs.db
2015-07-20 22:08 - 2014-11-01 20:36 - 00000000 ____D C:\Users\Bannanibal
2015-07-20 22:08 - 2013-08-22 16:44 - 05031976 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 22:07 - 2014-11-02 01:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-20 22:07 - 2014-11-01 20:29 - 02932064 _____ C:\Windows\PFRO.log
2015-07-20 22:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-20 21:08 - 2014-11-04 18:02 - 00000000 ____D C:\Users\Bannanibal\AppData\Roaming\vlc
2015-07-20 16:00 - 2014-11-05 23:52 - 21626880 ___SH C:\Users\Bannanibal\Downloads\Thumbs.db
2015-07-20 12:33 - 2014-11-01 21:42 - 00000000 ____D C:\Users\Bannanibal\AppData\Roaming\uTorrent
2015-07-20 00:09 - 2014-11-02 13:16 - 00000000 ____D C:\Users\Bannanibal\AppData\Roaming\AIMP3
2015-07-19 17:32 - 2015-03-14 19:29 - 00000000 ____D C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD499
2015-07-19 11:26 - 2014-11-01 20:42 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3270334193-1045260285-2213456034-1001
2015-07-18 22:16 - 2014-11-02 01:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-17 15:07 - 2014-11-01 23:18 - 00000000 ____D C:\Program Files\OblyTile
2015-07-17 11:31 - 2014-11-02 22:40 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-17 11:30 - 2014-12-29 12:20 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 10:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-16 09:49 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-16 09:14 - 2014-11-01 20:47 - 00004046 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 09:14 - 2014-11-01 20:47 - 00003810 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 09:00 - 2015-05-12 23:23 - 00000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-07-16 09:00 - 2015-05-12 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2015-07-15 22:58 - 2014-11-02 15:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-15 22:13 - 2015-05-24 00:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kolekcja Klasyki
2015-07-15 21:54 - 2014-11-01 23:47 - 00000000 ____D C:\Users\Bannanibal\Documents\my games
2015-07-15 16:30 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-15 14:26 - 2014-11-05 19:06 - 00502409 _____ C:\Windows\DirectX.log
2015-07-15 10:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-15 00:39 - 2015-04-04 12:50 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 00:39 - 2015-04-04 12:50 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-15 00:39 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 00:39 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 00:39 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-14 21:53 - 2014-11-01 22:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-14 21:52 - 2014-12-12 01:15 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-14 21:52 - 2014-11-07 01:15 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-13 23:10 - 2014-12-12 20:36 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2014-12-12 20:36 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-12 12:54 - 2014-12-01 23:36 - 00000000 ____D C:\Users\Bannanibal\AppData\Roaming\Mp3tag
2015-07-12 09:07 - 2014-11-18 15:14 - 00000000 ____D C:\Users\Bannanibal\AppData\Local\ChomikBox
2015-07-12 09:03 - 2014-11-01 20:41 - 01825074 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-12 09:03 - 2013-08-23 01:12 - 00807160 _____ C:\Windows\system32\perfh015.dat
2015-07-12 09:03 - 2013-08-23 01:12 - 00163478 _____ C:\Windows\system32\perfc015.dat
2015-07-12 09:02 - 2014-11-18 15:14 - 00000000 ____D C:\Users\Bannanibal\.gstreamer-0.10
2015-07-09 00:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-07-08 23:49 - 2014-11-01 21:33 - 00000000 ____D C:\ProgramData\MFAData
2015-07-08 16:34 - 2014-11-01 20:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-08 16:34 - 2014-11-01 20:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-07-08 16:31 - 2014-11-01 20:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-08 16:15 - 2015-02-10 15:14 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-08 16:15 - 2015-01-14 16:23 - 00000000 ____D C:\Program Files\Java
2015-07-08 16:15 - 2014-11-03 15:33 - 00000000 ____D C:\ProgramData\Oracle
2015-07-08 16:14 - 2015-01-14 16:24 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-08 16:13 - 2015-02-10 15:14 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-08 16:05 - 2014-11-01 21:35 - 00000000 ____D C:\Program Files (x86)\AVG
2015-07-08 15:09 - 2015-06-15 15:26 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-03 08:43 - 2014-11-03 01:37 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-28 13:15 - 2014-11-02 12:55 - 00000132 _____ C:\Users\Bannanibal\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe
2015-06-23 19:09 - 2014-11-15 21:11 - 00000000 __SHD C:\Users\Bannanibal\AppData\Local\EmieUserList
2015-06-23 19:09 - 2014-11-15 21:11 - 00000000 __SHD C:\Users\Bannanibal\AppData\Local\EmieSiteList
2015-06-23 19:09 - 2014-11-15 21:11 - 00000000 __SHD C:\Users\Bannanibal\AppData\Local\EmieBrowserModeList
2015-06-23 16:13 - 2014-11-07 11:52 - 00001496 _____ C:\Users\Bannanibal\AppData\Local\Adobe Zapisz dla Internetu 13.0 Prefs
2015-06-22 00:29 - 2014-11-01 23:21 - 00000000 ____D C:\Users\Bannanibal\AppData\Roaming\XnView
2015-06-20 15:05 - 2015-06-03 10:46 - 00000000 ____D C:\Users\Bannanibal\Downloads\Nowy folder
 
==================== Files in the root of some directories =======
 
2014-11-02 13:49 - 2014-11-02 13:48 - 1093632 _____ (Karol Winnicki) C:\Program Files\BESTplayer.exe
2014-11-02 13:48 - 2014-11-02 13:48 - 1093632 _____ (Karol Winnicki) C:\Program Files (x86)\BESTplayer.exe
2014-11-07 11:51 - 2014-11-07 11:51 - 0000132 _____ () C:\Users\Bannanibal\AppData\Roaming\Preferencje formatu GIF CS6 firmy Adobe
2014-11-02 12:55 - 2015-06-28 13:15 - 0000132 _____ () C:\Users\Bannanibal\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe
2014-11-07 11:52 - 2015-06-23 16:13 - 0001496 _____ () C:\Users\Bannanibal\AppData\Local\Adobe Zapisz dla Internetu 13.0 Prefs
2015-07-09 22:11 - 2015-07-09 22:11 - 0003584 _____ () C:\Users\Bannanibal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-21 00:38 - 2015-06-21 00:38 - 0007602 _____ () C:\Users\Bannanibal\AppData\Local\Resmon.ResmonCfg
2015-05-18 23:39 - 2015-05-18 23:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Bannanibal\AppData\Local\Temp\Bass.dll
C:\Users\Bannanibal\AppData\Local\Temp\Bass.Net.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo141265646.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo1519010547.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo159015560.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo1606197898.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo1670177056.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo2020888733.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo2067091013.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo2152605855.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo2267017389.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo2423257226.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo2480049169.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo2569980388.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo2574538292.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo2652898934.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo2761310379.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo2764814836.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo2935801667.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo3002057020.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo3071586918.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo3238015948.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo3385408595.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo398790567.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo42069179.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo523177697.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo754596337.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo804584399.dll
C:\Users\Bannanibal\AppData\Local\Temp\cdo843897481.dll
C:\Users\Bannanibal\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Bannanibal\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Bannanibal\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Bannanibal\AppData\Local\Temp\nvStInst.exe
C:\Users\Bannanibal\AppData\Local\Temp\ose00000.exe
C:\Users\Bannanibal\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Bannanibal\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\Bannanibal\AppData\Local\Temp\_is3D1F.exe
C:\Users\Bannanibal\AppData\Local\Temp\_isD6E7.exe
C:\Users\Bannanibal\AppData\Local\Temp\__pythonRunner.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-16 09:49
 

 

==================== End of log ============================
 
 
And 2nd:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Szmok at 2015-07-20 22:30:52
Running from C:\Users\Bannanibal\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3270334193-1045260285-2213456034-500 - Administrator - Disabled)
Gość (S-1-5-21-3270334193-1045260285-2213456034-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3270334193-1045260285-2213456034-1003 - Limited - Enabled)
nosfe_000 (S-1-5-21-3270334193-1045260285-2213456034-1005 - Administrator - Enabled) => C:\Users\nosfe_000
Szmok (S-1-5-21-3270334193-1045260285-2213456034-1001 - Administrator - Enabled) => C:\Users\Bannanibal
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3270334193-1045260285-2213456034-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam)
Aktualizacje NVIDIA 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.1.0 - Asmedia Technology)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl)
CLIP STUDIO PAINT (HKLM-x32\...\{E4F184C1-E62E-44F0-B142-AB6197490834}) (Version: 1.3.8 - CELSYS)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - bgs.bethsoft.com)
Cywilizacja III - Conquests (HKLM-x32\...\Cywilizacja III - Conquests) (Version:  - )
Cywilizacja III (HKLM-x32\...\Cywilizacja III) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dishonored (RU) (HKLM-x32\...\Steam App 217980) (Version: 1.0 - Bethesda Softworks)
Dragon Age 2 (HKLM-x32\...\{94C4C4F4-56FB-4032-908D-826220CBB97F}_is1) (Version: 1.04 - Bioware)
Dragon Age Awakening Redesigned (HKU\S-1-5-21-3270334193-1045260285-2213456034-1001\...\Dragon Age Awakening Redesigned) (Version:  - )
Dragon Age Inquisition / RePack by Baracuda (HKLM\...\Dragon Age Inquisition_is1) (Version: 1.0.0.3 - )
Dragon Age Redesigned© (HKU\S-1-5-21-3270334193-1045260285-2213456034-1001\...\Dragon Age Redesigned©) (Version:  - )
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.04 - Electronic Arts, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fallout (HKLM-x32\...\GOGPACKFALLOUT_is1) (Version: 2.0.0.14 - GOG.com)
Fallout 2 (HKLM-x32\...\GOGPACKFALLOUT2_is1) (Version: 2.0.0.12 - GOG.com)
Fallout Tactics (HKLM-x32\...\GOGPACKFALLOUTTACTICS_is1) (Version: 2.0.0.8 - GOG.com)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LINE (HKLM-x32\...\LINE) (Version: 4.1.1.423 - LINE Corporation)
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.0 - LOOT Development Team)
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version:  - )
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version:  - Virtual Heroes)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pl)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
Panel sterowania NVIDIA 353.30 (Version: 353.30 - NVIDIA Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2 beta r2326 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
SecurityKISS Tunnel v0.3.0 (HKLM\...\SecurityKISS Tunnel_is1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
Sid Meier's Civilization 4 - Warlords (HKU\S-1-5-21-3270334193-1045260285-2213456034-1001\...\{3E4B349F-10B5-4586-9D99-489A90A8B228}) (Version: 2.13 - Firaxis Games)
Skyrim NPC Editor (HKLM-x32\...\{5BA9357B-E876-4FB2-8F1B-C7E63AC90E6F}) (Version: 0.75.1 - foretrenty)
Sony PC Companion 2.10.236 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony)
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.12 - Stardock Software, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Elder Scrolls III - Morrowind Złota Edycja (HKLM-x32\...\{E52D32A0-0005-11D7-928D-000ACD006A23}) (Version: 1.0 - )
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version:  - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Nie z tego świata (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Po zmroku (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Pokolenia (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Zwierzaki (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Stanley Parable (HKLM-x32\...\The Stanley Parable_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Thief GOLD (HKLM-x32\...\InstallShield_{AA2B8B96-BD4A-4C21-8C7B-DE97C5052BB5}) (Version: 1.37.0000 - Cenega)
Thief GOLD (x32 Version: 1.37.0000 - Cenega) Hidden
Thief II: The Metal Age (x32 Version: 1.18 - Cenega) Hidden
Thief: Deadly Shadows (HKLM-x32\...\InstallShield_{9CC33F4D-BC84-4534-91BD-8703A90CB2B9}) (Version: 1.00.0000 - Cenega)
Thief: Deadly Shadows (x32 Version: 1.00.0000 - Cenega) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WD Drive Utilities (HKLM-x32\...\{15CFD985-9719-4AD1-8E6E-AB238B5BD5E7}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Wiedźmin (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.5 - Wrye & Wrye Bash Development Team)
XnView 2.24 (HKLM-x32\...\XnView_is1) (Version: 2.24 - Gougelet Pierre-e)
YouTube Downloader Pro YTD 4.8.1.0 Final (HKLM-x32\...\YouTube Downloader Pro YTD 4.8.1.0 Final4.8.1.0) (Version: 4.8.1.0 - Friends in War)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {05D4FE82-0F2E-4FC5-A3D4-FEC88135CBAA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {46CC7BF0-4828-4C0F-ADBD-2A3704AC5301} - System32\Tasks\{43DB58EB-F323-45AF-977A-48F94F083000} => pcalua.exe -a F:\C3.exe -d F:\
Task: {481E478B-A56D-436E-91A0-ADAB3B6BE0F4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {5A8F88EE-A433-4DEA-9DA5-BE61D4505C34} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)
Task: {6F67A149-B72E-4E95-9648-EEC497D5AAC2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-11-01 20:50 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-02 01:18 - 2014-08-19 21:12 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-11-01 22:10 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-09-17 15:13 - 2014-09-17 15:13 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-09-17 15:13 - 2014-09-17 15:13 - 00752312 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-09-17 15:12 - 2014-09-17 15:12 - 00408576 _____ () C:\Program Files\Rainmeter\Plugins\NowPlaying.DLL
2014-09-17 15:12 - 2014-09-17 15:12 - 00016896 _____ () C:\Program Files\Rainmeter\Plugins\AdvancedCPU.DLL
2014-09-17 15:12 - 2014-09-17 15:12 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL
2014-09-17 15:12 - 2014-09-17 15:12 - 00022528 _____ () C:\Program Files\Rainmeter\Plugins\WifiStatus.DLL
2014-09-17 15:12 - 2014-09-17 15:12 - 00019968 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.DLL
2014-09-17 15:12 - 2014-09-17 15:12 - 00056832 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.DLL
2014-09-17 15:12 - 2014-09-17 15:12 - 00023040 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL
2012-10-16 11:39 - 2012-10-16 11:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2014-11-01 22:10 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2015-07-15 20:02 - 2015-07-15 20:02 - 03129368 _____ () C:\Program Files (x86)\LINE\ampkit_windows.dll
2015-06-16 13:19 - 2015-06-16 13:19 - 00123416 _____ () C:\Program Files (x86)\LINE\PlayerHelper.dll
2015-07-14 20:14 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 20:14 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:394B442A
AlternateDataStreams: C:\Users\Bannanibal\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Bannanibal\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\nosfe_000\OneDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3270334193-1045260285-2213456034-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bannanibal\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 62.21.99.94 - 62.21.99.95
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "Persistence"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{277DDB45-D399-4F37-9D6F-976AFF58E639}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{70DEB890-C6B3-4CC7-888B-D26140329CD6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{19CAE3C5-81B9-46CA-BCCC-F9A51FDBE711}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6D6C7855-3EFD-498B-A487-643F69139A02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C18FEB57-39D2-41F2-9D61-7B7B8E241369}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{19D6F4F5-9C6F-4191-90EF-A76A5533E20C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0B2B57C1-C089-4EFC-8B40-7AC5316A3AE4}] => (Allow) D:\Giery\Steam\Steam.exe
FirewallRules: [{B48E1086-893A-46A0-ADB3-C1E1379E8EDF}] => (Allow) D:\Giery\Steam\Steam.exe
FirewallRules: [{FBAD1C51-55A5-4C51-A303-2FE3F2EFA90E}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{03E9E7E6-2A54-4982-86F3-1E8200C3F54F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{B4C719EE-5316-4799-ADFB-65086B3C902A}] => (Allow) D:\Giery\Steam\bin\steamwebhelper.exe
FirewallRules: [{9FB16FAD-ECEA-4861-92C8-6A793E9F2836}] => (Allow) D:\Giery\Steam\bin\steamwebhelper.exe
FirewallRules: [{DCA6D122-9047-490F-B546-3BF8E1DFFCD7}] => (Allow) C:\Users\Bannanibal\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{75CC86B3-60FA-4092-ADC8-9315A5278789}] => (Allow) C:\Users\Bannanibal\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EBC9EC28-F664-47DB-8488-0A6614C03A81}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{CAB7B254-FF9A-4843-8D16-838DBAA373A0}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{69264C51-A965-4A70-8820-77A823821267}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{02F8DA93-E5D8-44DF-9804-A71D438DED5D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{F9593470-F7BF-4642-BCD3-CE032C70B532}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{7749A9CF-5800-43B9-8909-51013F324889}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [TCP Query User{7C24AC5C-E220-414F-A976-EE204A9E0CD4}D:\giery\age of empires\empiresx.exe] => (Block) D:\giery\age of empires\empiresx.exe
FirewallRules: [UDP Query User{D4D7CBA3-8BD0-4737-978B-93206CD08B85}D:\giery\age of empires\empiresx.exe] => (Block) D:\giery\age of empires\empiresx.exe
FirewallRules: [{A5AF54DB-6F70-49DE-8C94-D0D9347B577E}] => (Allow) D:\Giery\Age of Empires III\age3y.exe
FirewallRules: [{8B5725D3-07B1-4EFE-9541-87A6C15D6A89}] => (Allow) D:\Giery\Age of Empires III\age3y.exe
FirewallRules: [{F9C7B2F5-CFF0-42E6-B819-CB51E8B7EB5C}] => (Allow) D:\Giery\Age of Empires III\age3x.exe
FirewallRules: [{8D6D5BF1-872E-4AAC-8EC4-33C8F1B1BCC4}] => (Allow) D:\Giery\Age of Empires III\age3x.exe
FirewallRules: [{4A7909F9-1B69-4701-9D7A-602C6A4ECE59}] => (Allow) D:\Giery\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{B4FDA605-DDAA-454A-AAB1-003868660353}] => (Allow) D:\Giery\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{A4412A62-409D-42F6-BC1A-455C434C70A1}] => (Allow) D:\Giery\Steam\steamapps\common\Skyrim\CreationKit.exe
FirewallRules: [{6C603D09-60BD-44A1-B21A-D777593FB9FC}] => (Allow) D:\Giery\Steam\steamapps\common\Skyrim\CreationKit.exe
FirewallRules: [{ACA8CFCA-91E6-48AE-89D7-10F107189B3C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{302DA908-10E9-4555-88CA-9A1B014BA48E}] => (Allow) LPort=2869
FirewallRules: [{ACFBBB0C-C82F-4B5D-A1A4-A99CCFC1B085}] => (Allow) LPort=1900
FirewallRules: [{974A7D88-C7CA-40C8-B909-6B484D466CE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1AFBE629-B9AC-461A-822C-F7F164369BCC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0A41E67F-1C2B-465F-AE17-9DDB862B8E0A}] => (Allow) D:\Giery\Steam\steamapps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{DA95FF76-8481-46E7-8A52-016A6C62E4CE}] => (Allow) D:\Giery\Steam\steamapps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{A15F2A5D-68E8-4543-A8B4-E83A78181D26}] => (Allow) D:\Giery\Steam\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe
FirewallRules: [{B91E9927-0FCC-4B49-979A-FDD064A55CE9}] => (Allow) D:\Giery\Steam\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe
FirewallRules: [TCP Query User{3B6D89FD-459C-4F17-8C98-6ABDF1C714FC}D:\giery\steam\steamapps\common\dishonored rhcp\binaries\win32\dishonored.exe] => (Allow) D:\giery\steam\steamapps\common\dishonored rhcp\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{DAA7DDCC-F243-4090-B09F-9BE10ADD3CDC}D:\giery\steam\steamapps\common\dishonored rhcp\binaries\win32\dishonored.exe] => (Allow) D:\giery\steam\steamapps\common\dishonored rhcp\binaries\win32\dishonored.exe
FirewallRules: [{2BC917C1-1D1F-4390-8D01-B89EFA3EB05F}] => (Allow) D:\Giery\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{9ACDEDD6-E97A-49BA-97C0-F79D5D063A55}] => (Allow) D:\Giery\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [TCP Query User{B0CCA495-3B5B-4889-9B95-7E94B447CC25}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EFABA65A-026F-444A-B9F9-2BE8C757436A}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{FCE90D84-F799-4D33-B454-D9F757D219D7}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{8D9858AF-B9DA-4A17-93B4-3B0061EF0E40}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{0650ECD0-D5DF-4F73-8024-C542F497352D}] => (Allow) C:\Program Files\CyberGhost 5\CyberGhost.exe
FirewallRules: [{29254A93-2462-4BCA-8D90-3C221D312A44}] => (Allow) C:\Program Files\CyberGhost 5\CyberGhost.exe
FirewallRules: [{D793451E-6BDC-4D96-95D2-F2DE228CACC0}] => (Allow) C:\Program Files\CyberGhost 5\CyberGhost.exe
FirewallRules: [{42AD11D2-17F7-43DD-9466-5B5B0D896E38}] => (Allow) C:\Program Files\CyberGhost 5\CyberGhost.exe
FirewallRules: [TCP Query User{D433185B-6BD9-4FF1-80A9-F22B36C07BA1}D:\giery\dragon age\bin_ship\daorigins.exe] => (Block) D:\giery\dragon age\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{554AA90E-1B44-45F9-B6DF-8F51DC4CD3BA}D:\giery\dragon age\bin_ship\daorigins.exe] => (Block) D:\giery\dragon age\bin_ship\daorigins.exe
FirewallRules: [{FA65427C-4777-4C38-A077-194012BB99FB}] => (Allow) D:\Giery\Dragon Age\tools\GffEditor.exe
FirewallRules: [{5AACE860-140A-46A6-9060-4F37BFB66900}] => (Allow) D:\Giery\Dragon Age\tools\GffEditor.exe
FirewallRules: [{BBEFDC6D-4BC5-4E23-91F8-3BF5E83ED873}] => (Allow) D:\Giery\Dragon Age\tools\ErfEditor.exe
FirewallRules: [{3E1E6330-7C7C-495E-ADFE-416D953D485F}] => (Allow) D:\Giery\Dragon Age\tools\ErfEditor.exe
FirewallRules: [TCP Query User{30AC50FA-CD77-47EF-951D-13E4134CB90E}C:\windows\syswow64\regsvr32.exe] => (Block) C:\windows\syswow64\regsvr32.exe
FirewallRules: [UDP Query User{15C09104-7A09-4F9A-8439-95B3A1F43BE6}C:\windows\syswow64\regsvr32.exe] => (Block) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{EAF70E5A-8FCF-452F-AD7F-A487F4324A67}] => (Allow) D:\Giery\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{C5D1931C-F11F-40F4-96FE-7A1E7ABB3AAB}] => (Allow) D:\Giery\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{A447D7C1-C832-4FD6-A1BE-AEFB7AEC5BED}] => (Allow) D:\Giery\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{156ED6FE-815B-430A-9BAD-2F74DD0E0364}] => (Allow) D:\Giery\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{3DA70216-E62E-4434-8DB6-4BCB092F4CD5}] => (Allow) D:\Giery\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe
FirewallRules: [{DC5C2E5B-F850-43AD-8537-7E900AA0F0F2}] => (Allow) D:\Giery\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe
FirewallRules: [{1A7A2A74-347C-433D-B443-A1CB9FBCBA78}] => (Allow) D:\Giery\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe
FirewallRules: [{ABBAEDCD-1244-4ED9-9A09-8D77274A38B6}] => (Allow) D:\Giery\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe
FirewallRules: [TCP Query User{1C10E81D-E99F-47A5-B2A7-1A6CD2390E88}D:\giery\the stanley parable\stanley.exe] => (Block) D:\giery\the stanley parable\stanley.exe
FirewallRules: [UDP Query User{F795F85D-AC0E-49AD-9AD1-9B6FC6CA7F64}D:\giery\the stanley parable\stanley.exe] => (Block) D:\giery\the stanley parable\stanley.exe
FirewallRules: [{67580195-3876-413E-9163-E5880722AE8D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/18/2015 04:23:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Civ3Conquests.exe w wersji 1.21.0.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.
 
Identyfikator procesu: 16b4
 
Godzina rozpoczęcia: 01d0c15fc33dcb53
 
Godzina zakończenia: 357
 
Ścieżka aplikacji: D:\Giery\Cywilizacja III Złota Edycja\Conquests\Civ3Conquests.exe
 
Identyfikator raportu: 87c576f5-2d58-11e5-827f-0008ca32354b
 
Pełna nazwa pakietu powodującego błąd: 
 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (07/18/2015 03:43:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Civ3Conquests.exe w wersji 1.21.0.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.
 
Identyfikator procesu: 93c
 
Godzina rozpoczęcia: 01d0c14ddc2c86f3
 
Godzina zakończenia: 352
 
Ścieżka aplikacji: D:\Giery\Cywilizacja III Złota Edycja\Conquests\Civ3Conquests.exe
 
Identyfikator raportu: fcf3eed1-2d52-11e5-827f-0008ca32354b
 
Pełna nazwa pakietu powodującego błąd: 
 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (07/18/2015 01:35:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: Civ3Conquests.exe, wersja: 1.21.0.0, sygnatura czasowa: 0x00000000
Nazwa modułu powodującego błąd: Civ3Conquests.exe, wersja: 1.21.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x001a0877
Identyfikator procesu powodującego błąd: 0x1054
Godzina uruchomienia aplikacji powodującej błąd: 0xCiv3Conquests.exe0
Ścieżka aplikacji powodującej błąd: Civ3Conquests.exe1
Ścieżka modułu powodującego błąd: Civ3Conquests.exe2
Identyfikator raportu: Civ3Conquests.exe3
Pełna nazwa pakietu powodującego błąd: Civ3Conquests.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: Civ3Conquests.exe5
 
Error: (07/18/2015 12:59:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Civ3Conquests.exe w wersji 1.21.0.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.
 
Identyfikator procesu: 17f8
 
Godzina rozpoczęcia: 01d0c148b70818e0
 
Godzina zakończenia: 427
 
Ścieżka aplikacji: D:\Giery\Cywilizacja III Złota Edycja\Conquests\Civ3Conquests.exe
 
Identyfikator raportu: fe4f7464-2d3b-11e5-827f-0008ca32354b
 
Pełna nazwa pakietu powodującego błąd: 
 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (07/18/2015 12:58:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: Civ3Conquests.exe, wersja: 1.21.0.0, sygnatura czasowa: 0x00000000
Nazwa modułu powodującego błąd: Civ3Conquests.exe, wersja: 1.21.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00212d08
Identyfikator procesu powodującego błąd: 0x17f8
Godzina uruchomienia aplikacji powodującej błąd: 0xCiv3Conquests.exe0
Ścieżka aplikacji powodującej błąd: Civ3Conquests.exe1
Ścieżka modułu powodującego błąd: Civ3Conquests.exe2
Identyfikator raportu: Civ3Conquests.exe3
Pełna nazwa pakietu powodującego błąd: Civ3Conquests.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: Civ3Conquests.exe5
 
Error: (07/15/2015 09:55:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: WinFWExcept.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x433807d4
Nazwa modułu powodującego błąd: MSVCP71.dll, wersja: 6.3.9600.17736, sygnatura czasowa: 0x550f42c2
Kod wyjątku: 0xc0000135
Przesunięcie błędu: 0x0009d4f2
Identyfikator procesu powodującego błąd: 0x15bc
Godzina uruchomienia aplikacji powodującej błąd: 0xWinFWExcept.exe0
Ścieżka aplikacji powodującej błąd: WinFWExcept.exe1
Ścieżka modułu powodującego błąd: WinFWExcept.exe2
Identyfikator raportu: WinFWExcept.exe3
Pełna nazwa pakietu powodującego błąd: WinFWExcept.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: WinFWExcept.exe5
 
Error: (07/15/2015 09:55:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: WinFWExcept.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x433807d4
Nazwa modułu powodującego błąd: MSVCP71.dll, wersja: 6.3.9600.17736, sygnatura czasowa: 0x550f42c2
Kod wyjątku: 0xc0000135
Przesunięcie błędu: 0x0009d4f2
Identyfikator procesu powodującego błąd: 0x17b4
Godzina uruchomienia aplikacji powodującej błąd: 0xWinFWExcept.exe0
Ścieżka aplikacji powodującej błąd: WinFWExcept.exe1
Ścieżka modułu powodującego błąd: WinFWExcept.exe2
Identyfikator raportu: WinFWExcept.exe3
Pełna nazwa pakietu powodującego błąd: WinFWExcept.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: WinFWExcept.exe5
 
Error: (07/15/2015 09:35:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: Civ4Warlords.exe, wersja: 2.1.3.0, sygnatura czasowa: 0x464b927a
Nazwa modułu powodującego błąd: igdumd32.dll, wersja: 9.17.10.3347, sygnatura czasowa: 0x5272a0b5
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000de45
Identyfikator procesu powodującego błąd: 0x9c0
Godzina uruchomienia aplikacji powodującej błąd: 0xCiv4Warlords.exe0
Ścieżka aplikacji powodującej błąd: Civ4Warlords.exe1
Ścieżka modułu powodującego błąd: Civ4Warlords.exe2
Identyfikator raportu: Civ4Warlords.exe3
Pełna nazwa pakietu powodującego błąd: Civ4Warlords.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: Civ4Warlords.exe5
 
Error: (07/15/2015 04:11:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
 
Error: (07/11/2015 11:29:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: Dishonored.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x5212f0d7
Nazwa modułu powodującego błąd: Dishonored.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x5212f0d7
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00af6193
Identyfikator procesu powodującego błąd: 0xd40
Godzina uruchomienia aplikacji powodującej błąd: 0xDishonored.exe0
Ścieżka aplikacji powodującej błąd: Dishonored.exe1
Ścieżka modułu powodującego błąd: Dishonored.exe2
Identyfikator raportu: Dishonored.exe3
Pełna nazwa pakietu powodującego błąd: Dishonored.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: Dishonored.exe5
 
 
System errors:
=============
Error: (07/20/2015 10:16:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi AVG WatchDog z powodu następującego błędu: 
%%2
 
Error: (07/20/2015 10:16:34 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Usługa Avast Antivirus zależy od następującej usługi: aswMonFlt. Ta usługa może nie być zainstalowana.
 
Error: (07/20/2015 10:16:19 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000ef (0xffffe0005014e8c0, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP072015-29859-01
 
Error: (07/20/2015 10:16:12 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 22:08:28 na ‎2015-‎07-‎20 było nieoczekiwane.
 
Error: (07/20/2015 10:08:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi AVG WatchDog z powodu następującego błędu: 
%%2
 
Error: (07/20/2015 10:08:41 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Usługa Avast Antivirus zależy od następującej usługi: aswMonFlt. Ta usługa może nie być zainstalowana.
 
Error: (07/20/2015 10:08:35 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000ef (0xffffe0007ab008c0, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP072015-58109-01
 
Error: (07/20/2015 10:08:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 22:00:44 na ‎2015-‎07-‎20 było nieoczekiwane.
 
Error: (07/20/2015 10:01:57 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys
 
Error: (07/20/2015 11:26:54 AM) (Source: DCOM) (EventID: 10010) (User: Kaligula)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
 
Microsoft Office:
=========================
Error: (07/18/2015 04:23:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Civ3Conquests.exe1.21.0.016b401d0c15fc33dcb53357D:\Giery\Cywilizacja III Złota Edycja\Conquests\Civ3Conquests.exe87c576f5-2d58-11e5-827f-0008ca32354b
 
Error: (07/18/2015 03:43:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Civ3Conquests.exe1.21.0.093c01d0c14ddc2c86f3352D:\Giery\Cywilizacja III Złota Edycja\Conquests\Civ3Conquests.exefcf3eed1-2d52-11e5-827f-0008ca32354b
 
Error: (07/18/2015 01:35:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Civ3Conquests.exe1.21.0.000000000Civ3Conquests.exe1.21.0.000000000c0000005001a0877105401d0c14d52a8d9e0D:\Giery\Cywilizacja III Złota Edycja\Conquests\Civ3Conquests.exeD:\Giery\Cywilizacja III Złota Edycja\Conquests\Civ3Conquests.exe155c04dc-2d41-11e5-827f-0008ca32354b
 
Error: (07/18/2015 12:59:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Civ3Conquests.exe1.21.0.017f801d0c148b70818e0427D:\Giery\Cywilizacja III Złota Edycja\Conquests\Civ3Conquests.exefe4f7464-2d3b-11e5-827f-0008ca32354b
 
Error: (07/18/2015 12:58:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Civ3Conquests.exe1.21.0.000000000Civ3Conquests.exe1.21.0.000000000c000000500212d0817f801d0c148b70818e0D:\Giery\Cywilizacja III Złota Edycja\Conquests\Civ3Conquests.exeD:\Giery\Cywilizacja III Złota Edycja\Conquests\Civ3Conquests.exef5e5f9c0-2d3b-11e5-827f-0008ca32354b
 
Error: (07/15/2015 09:55:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WinFWExcept.exe1.0.0.0433807d4MSVCP71.dll6.3.9600.17736550f42c2c00001350009d4f215bc01d0bf382469b0c0C:\Users\Bannanibal\AppData\Local\Temp\{50567722-44E1-4554-896D-25647CCA14E8}\{32E4F0D2-C135-475E-A841-1D59A0D22989}\WinFWExcept.exeMSVCP71.dll621fc12b-2b2b-11e5-827f-0008ca32354b
 
Error: (07/15/2015 09:55:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WinFWExcept.exe1.0.0.0433807d4MSVCP71.dll6.3.9600.17736550f42c2c00001350009d4f217b401d0bf3822951a19C:\Users\Bannanibal\AppData\Local\Temp\{50567722-44E1-4554-896D-25647CCA14E8}\{32E4F0D2-C135-475E-A841-1D59A0D22989}\WinFWExcept.exeMSVCP71.dll606569b7-2b2b-11e5-827f-0008ca32354b
 
Error: (07/15/2015 09:35:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Civ4Warlords.exe2.1.3.0464b927aigdumd32.dll9.17.10.33475272a0b5c00000050000de459c001d0bf3548ceb0ddD:\Giery\Sid Meier's Civilization 4\Warlords\Civ4Warlords.exeC:\Windows\system32\igdumd32.dllab13bf2b-2b28-11e5-827f-0008ca32354b
 
Error: (07/15/2015 04:11:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Bannanibal\Downloads\esetsmartinstaller_plk.exe
 
Error: (07/11/2015 11:29:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Dishonored.exe1.0.0.05212f0d7Dishonored.exe1.0.0.05212f0d7c000000500af6193d4001d0bbbbc3abe831D:\Giery\Steam\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exeD:\Giery\Steam\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe57c4fefe-27af-11e5-827c-0008ca32354b
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 33%
Total physical RAM: 7968.07 MB
Available physical RAM: 5333.69 MB
Total Virtual: 16160.07 MB
Available Virtual: 13141.76 MB
 
==================== Drives ================================
 
Drive c: (Wingroza) (Fixed) (Total:79.91 GB) (Free:7.11 GB) NTFS
Drive d: (Alfonso) (Fixed) (Total:218.08 GB) (Free:18.77 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 000A59BD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=79.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218.1 GB) - (Type=OF Extended)
 
==================== End of log ============================
 
 
 
 
 

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi after this FRST fix then re-install your AV of choice and let me know if it now works

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
Startup: C:\Users\Bannanibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\z.lnk [2015-06-10]
ShortcutTarget: z.lnk -> C:\Users\Bannanibal\AppData\Roaming\obdevjbcnv.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-05-13]
R2 VSSS; C:\Users\Bannanibal\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [100502144 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S2 avgwd; "C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe" [X]
2015-07-08 22:56 - 2015-07-08 22:56 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-08 16:30 - 2015-07-08 16:30 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-08 15:09 - 2015-07-08 15:09 - 00000000 ____D C:\Users\Bannanibal\AppData\Local\Avg2014
2015-07-19 17:32 - 2015-03-14 19:29 - 00000000 ____D C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD499
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP