Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 ([color=red]ATTENTION: ====> FRST version is 26 days old and could be outdated[/color]) Ran by user (administrator) on JARO on 08-04-2014 17:00:07 Running from C:\Users\user\Desktop Microsoft Windows 7 Home Premium (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files\G Data\TotalProtection\AVK\AVKWCtl.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files\G Data\TotalProtection\AVK\AVKService.exe (G Data Software AG) C:\Program Files\G Data\TotalProtection\AVKBackup\AVKBackupService.exe () C:\Windows\system32\PnkBstrA.exe (G Data Software AG) C:\Program Files\G Data\TotalProtection\Firewall\GDFwSvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (G Data Software AG) C:\Program Files\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG) C:\Program Files\G Data\TotalProtection\Firewall\GDFirewallTray.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [37888 2009-07-01] () HKLM\...\Run: [G Data AntiVirus Tray] - C:\Program Files\G Data\TotalProtection\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG) HKLM\...\Run: [GDFirewallTray] - C:\Program Files\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files\g data\totalprotection\avkkid\avkcks.exe HKU\S-1-5-21-101661676-3665781825-895367130-1000\...\Run: [GG] - C:\Users\user\AppData\Local\GG\Application\gghub.exe [4047424 2013-12-11] (GG Network S.A.) HKU\S-1-5-21-101661676-3665781825-895367130-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-05] (DT Soft Ltd) HKU\S-1-5-21-101661676-3665781825-895367130-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-101661676-3665781825-895367130-1000\...\MountPoints2: {5a093940-7ed3-11e3-94ac-806e6f6e6963} - G:\setup.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.168.1 Chrome: ======= CHR HomePage: CHR Plugin: (Widevine Content Decryption Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) CHR Extension: (Szukaj w Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-12] CHR Extension: (RockAlone2k) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\efnnamhbbligjdkgkcolmmaoffobkbee [2014-01-12] CHR Extension: (Channel Sub Box for YouTube™) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejmgiaknfepbhamafcfdhhfoidnoidge [2014-01-12] CHR Extension: (Channel Sub Box for YouTube™) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mopiffhbcoggbhmlnmgobalhofjjcoab [2014-01-12] CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-02] CHR Extension: (Battlefield Play4Free) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-01-12] ========================== Services (Whitelisted) ================= R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG) R2 AVKService; C:\Program Files\G Data\TotalProtection\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG) R2 AVKWCtl; C:\Program Files\G Data\TotalProtection\AVK\AVKWCtl.exe [2101280 2013-10-15] (G Data Software AG) R2 GDBackupSvc; C:\Program Files\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [1947768 2013-08-21] (G Data Software AG) R3 GDFwSvc; C:\Program Files\G Data\TotalProtection\Firewall\GDFwSvc.exe [2373712 2013-10-17] (G Data Software AG) R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG) S3 GDTunerSvc; C:\Program Files\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [1711568 2013-02-25] (G Data Software AG) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-01-18] () S3 TSNxGService; C:\Program Files\G Data\TotalProtection\TSNxG\TSNxGService.exe [255608 2013-09-23] (G Data Software) ==================== Drivers (Whitelisted) ==================== R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [45912 2014-04-07] (G Data Software AG) R3 gddcd; C:\Windows\system32\drivers\gddcd32.sys [70488 2014-04-07] (G Data Software AG) R1 gddcv; C:\Windows\system32\drivers\gddcv32.sys [53208 2014-04-07] (G Data Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [96600 2014-04-07] (G Data Software AG) R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [52056 2014-04-07] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd32.sys [54104 2014-04-07] (G Data Software AG) R1 GRD; C:\Windows\system32\drivers\GRD.sys [30040 2014-04-07] (G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [51032 2014-04-07] (G Data Software AG) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2014-01-03] (Duplex Secure Ltd.) R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [103928 2014-04-07] (G Data Software) U3 azq6tla1; C:\Windows\system32\Drivers\azq6tla1.sys [0 ] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-08 17:00 - 2014-04-08 17:00 - 00007672 _____ () C:\Users\user\Desktop\FRST.txt 2014-04-08 16:14 - 2014-04-08 16:14 - 00001532 _____ () C:\AdwCleaner[S1].txt 2014-04-08 16:14 - 2014-04-08 16:14 - 00001454 _____ () C:\AdwCleaner[R1].txt 2014-04-08 16:13 - 2014-04-08 16:14 - 00632049 _____ () C:\Users\user\Downloads\adwcleaner.exe 2014-04-08 16:03 - 2014-04-08 16:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\Mozilla 2014-04-08 15:57 - 2014-04-08 15:57 - 01145856 _____ (Farbar) C:\Users\user\Desktop\FRST.exe 2014-04-08 15:35 - 2014-04-08 15:35 - 00785888 _____ (Reimage®) C:\Users\user\Downloads\ReimageRepair (1).exe 2014-04-08 15:20 - 2014-04-08 15:20 - 10763059 _____ () C:\Users\user\Downloads\Optimizer Pro 3.2.0 pl-full.rar 2014-04-08 00:15 - 2014-04-08 00:15 - 00064032 _____ () C:\Users\user\Downloads\OTL.Txt 2014-04-08 00:05 - 2014-04-08 00:05 - 00037442 _____ () C:\Users\user\Downloads\Shortcut.txt 2014-04-08 00:01 - 2014-04-08 00:15 - 00064294 _____ () C:\Users\user\Downloads\Extras.Txt 2014-04-07 23:58 - 2014-04-07 23:58 - 00602112 _____ (OldTimer Tools) C:\Users\user\Downloads\OTL.exe 2014-04-07 23:49 - 2014-04-08 00:04 - 00023189 _____ () C:\Users\user\Downloads\Addition.txt 2014-04-07 23:48 - 2014-04-08 17:00 - 00000000 ____D () C:\FRST 2014-04-07 23:48 - 2014-04-08 00:05 - 00033027 _____ () C:\Users\user\Downloads\FRST.txt 2014-04-07 23:02 - 2014-04-07 23:03 - 00165407 _____ () C:\Users\user\Downloads\WindowexeAllkiller.zip 2014-04-07 22:36 - 2014-04-07 22:36 - 00000000 ____D () C:\Users\user\AppData\Local\G DATA 2014-04-07 22:25 - 2014-04-07 22:25 - 00030040 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys 2014-04-07 22:25 - 2014-04-07 22:25 - 00016048 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys 2014-04-07 22:07 - 2014-04-07 22:07 - 00052056 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys 2014-04-07 22:07 - 2014-04-07 22:07 - 00002001 _____ () C:\Users\Public\Desktop\G Data TotalProtection 2014.lnk 2014-04-07 22:06 - 2014-04-07 22:06 - 00103928 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys 2014-04-07 22:06 - 2014-04-07 22:06 - 00070488 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd32.sys 2014-04-07 22:06 - 2014-04-07 22:06 - 00053208 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv32.sys 2014-04-07 22:06 - 2014-04-07 22:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_gddcd32_01007.Wdf 2014-04-07 22:06 - 2014-04-07 22:06 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-04-07 22:05 - 2014-04-07 22:05 - 00096600 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys 2014-04-07 22:05 - 2014-04-07 22:05 - 00054104 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd32.sys 2014-04-07 22:05 - 2014-04-07 22:05 - 00051032 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys 2014-04-07 22:05 - 2014-04-07 22:05 - 00045912 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys 2014-04-07 22:02 - 2014-04-07 22:02 - 00000000 ____D () C:\ProgramData\G DATA Software 2014-04-07 22:00 - 2014-04-07 22:00 - 00000000 ____D () C:\Program Files\G Data 2014-04-07 22:00 - 2014-04-07 22:00 - 00000000 ____D () C:\Program Files\Common Files\G Data 2014-04-07 21:59 - 2014-04-08 00:36 - 00000000 ____D () C:\ProgramData\G Data 2014-04-07 21:27 - 2014-04-07 21:27 - 00000813 _____ () C:\Users\user\fixlist.txt 2014-04-07 21:16 - 2014-04-08 15:10 - 00000000 ____D () C:\Program Files\Reimage 2014-04-07 21:14 - 2014-04-08 16:02 - 00000000 ____D () C:\Program Files\Optimizer Pro 2014-04-07 21:06 - 2014-04-07 21:06 - 00000000 ____D () C:\ProgramData\CDB 2014-04-07 21:04 - 2014-04-07 21:07 - 00000163 _____ () C:\Windows\Reimage.ini 2014-04-07 21:03 - 2014-04-07 21:04 - 00785888 _____ (Reimage®) C:\Users\user\Downloads\ReimageRepair.exe 2014-04-07 18:38 - 2014-04-07 18:38 - 00000000 ____D () C:\ProgramData\Ubisoft 2014-04-07 18:21 - 2014-04-07 23:00 - 00000000 ____D () C:\Users\user\AppData\Local\PMB Files 2014-04-07 18:21 - 2014-04-07 18:21 - 00000000 ____D () C:\ProgramData\PMB Files 2014-04-07 18:19 - 2014-04-07 18:20 - 34249488 _____ (Riot Games) C:\Users\user\Downloads\LeagueofLegends_EUNE_Installer_06_17_13 (1).exe 2014-04-07 18:16 - 2014-04-07 18:22 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin 2014-04-07 18:13 - 2014-04-08 15:44 - 00000000 ____D () C:\Program Files\Mega Browse 2014-04-07 18:12 - 2014-04-07 18:12 - 00684088 _____ () C:\Users\user\Downloads\pando-media-booster.exe 2014-04-07 18:06 - 2014-04-07 18:06 - 04765152 _____ (Piriform Ltd) C:\Users\user\Downloads\ccsetup411.exe 2014-04-07 16:56 - 2014-04-07 16:58 - 00000000 ____D () C:\Users\user\AppData\Roaming\Origin 2014-04-07 16:56 - 2014-04-07 16:56 - 00000000 ____D () C:\Users\user\AppData\Local\Origin 2014-04-07 16:53 - 2014-04-07 17:23 - 00000000 ____D () C:\ProgramData\Origin 2014-03-22 11:31 - 2014-03-22 11:31 - 00000000 ____D () C:\Users\user\AppData\Roaming\Ubisoft 2014-03-22 11:24 - 2014-03-22 11:25 - 00140656 _____ () C:\Windows\DirectX.log 2014-03-22 11:10 - 2014-03-22 11:10 - 00000000 ____D () C:\Users\user\AppData\Roaming\InstallShield 2014-03-22 11:10 - 2014-03-22 11:10 - 00000000 ____D () C:\Program Files\Ubisoft ==================== One Month Modified Files and Folders ======= 2014-04-08 17:00 - 2014-04-08 17:00 - 00007672 _____ () C:\Users\user\Desktop\FRST.txt 2014-04-08 17:00 - 2014-04-07 23:48 - 00000000 ____D () C:\FRST 2014-04-08 17:00 - 2009-07-14 06:34 - 00014784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-08 17:00 - 2009-07-14 06:34 - 00014784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-08 16:56 - 2014-01-02 13:32 - 00337985 _____ () C:\Windows\WindowsUpdate.log 2014-04-08 16:54 - 2014-01-02 17:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\GG 2014-04-08 16:53 - 2014-01-02 17:18 - 00000000 ____D () C:\Users\user\AppData\Roaming\Skype 2014-04-08 16:53 - 2014-01-02 17:04 - 00001028 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-08 16:52 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-08 16:52 - 2009-07-14 06:39 - 00023321 _____ () C:\Windows\setupact.log 2014-04-08 16:15 - 2014-01-03 16:14 - 00003724 _____ () C:\Windows\PFRO.log 2014-04-08 16:14 - 2014-04-08 16:14 - 00001532 _____ () C:\AdwCleaner[S1].txt 2014-04-08 16:14 - 2014-04-08 16:14 - 00001454 _____ () C:\AdwCleaner[R1].txt 2014-04-08 16:14 - 2014-04-08 16:13 - 00632049 _____ () C:\Users\user\Downloads\adwcleaner.exe 2014-04-08 16:13 - 2014-01-02 17:06 - 00002095 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-08 16:13 - 2014-01-02 17:04 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-08 16:03 - 2014-04-08 16:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\Mozilla 2014-04-08 16:02 - 2014-04-07 21:14 - 00000000 ____D () C:\Program Files\Optimizer Pro 2014-04-08 16:00 - 2014-02-02 03:52 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2014-04-08 15:58 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-04-08 15:57 - 2014-04-08 15:57 - 01145856 _____ (Farbar) C:\Users\user\Desktop\FRST.exe 2014-04-08 15:44 - 2014-04-07 18:13 - 00000000 ____D () C:\Program Files\Mega Browse 2014-04-08 15:35 - 2014-04-08 15:35 - 00785888 _____ (Reimage®) C:\Users\user\Downloads\ReimageRepair (1).exe 2014-04-08 15:20 - 2014-04-08 15:20 - 10763059 _____ () C:\Users\user\Downloads\Optimizer Pro 3.2.0 pl-full.rar 2014-04-08 15:18 - 2014-01-02 17:17 - 00000000 ____D () C:\Users\user\AppData\Roaming\Pirrit 2014-04-08 15:18 - 2014-01-02 14:23 - 01661232 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-08 15:18 - 2009-07-14 10:07 - 00737480 _____ () C:\Windows\system32\perfh015.dat 2014-04-08 15:18 - 2009-07-14 10:07 - 00154136 _____ () C:\Windows\system32\perfc015.dat 2014-04-08 15:10 - 2014-04-07 21:16 - 00000000 ____D () C:\Program Files\Reimage 2014-04-08 00:36 - 2014-04-07 21:59 - 00000000 ____D () C:\ProgramData\G Data 2014-04-08 00:36 - 2009-07-14 04:04 - 00000505 _____ () C:\Windows\win.ini 2014-04-08 00:19 - 2014-02-01 21:59 - 00000143 _____ () C:\Users\user\Desktop\aa.txt 2014-04-08 00:15 - 2014-04-08 00:15 - 00064032 _____ () C:\Users\user\Downloads\OTL.Txt 2014-04-08 00:15 - 2014-04-08 00:01 - 00064294 _____ () C:\Users\user\Downloads\Extras.Txt 2014-04-08 00:05 - 2014-04-08 00:05 - 00037442 _____ () C:\Users\user\Downloads\Shortcut.txt 2014-04-08 00:05 - 2014-04-07 23:48 - 00033027 _____ () C:\Users\user\Downloads\FRST.txt 2014-04-08 00:04 - 2014-04-07 23:49 - 00023189 _____ () C:\Users\user\Downloads\Addition.txt 2014-04-07 23:58 - 2014-04-07 23:58 - 00602112 _____ (OldTimer Tools) C:\Users\user\Downloads\OTL.exe 2014-04-07 23:03 - 2014-04-07 23:02 - 00165407 _____ () C:\Users\user\Downloads\WindowexeAllkiller.zip 2014-04-07 23:00 - 2014-04-07 18:21 - 00000000 ____D () C:\Users\user\AppData\Local\PMB Files 2014-04-07 22:36 - 2014-04-07 22:36 - 00000000 ____D () C:\Users\user\AppData\Local\G DATA 2014-04-07 22:25 - 2014-04-07 22:25 - 00030040 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys 2014-04-07 22:25 - 2014-04-07 22:25 - 00016048 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys 2014-04-07 22:24 - 2014-02-15 21:34 - 00000000 ____D () C:\Users\user\AppData\Local\PirritSuggestor 2014-04-07 22:07 - 2014-04-07 22:07 - 00052056 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys 2014-04-07 22:07 - 2014-04-07 22:07 - 00002001 _____ () C:\Users\Public\Desktop\G Data TotalProtection 2014.lnk 2014-04-07 22:06 - 2014-04-07 22:06 - 00103928 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys 2014-04-07 22:06 - 2014-04-07 22:06 - 00070488 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd32.sys 2014-04-07 22:06 - 2014-04-07 22:06 - 00053208 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv32.sys 2014-04-07 22:06 - 2014-04-07 22:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_gddcd32_01007.Wdf 2014-04-07 22:06 - 2014-04-07 22:06 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-04-07 22:06 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-04-07 22:05 - 2014-04-07 22:05 - 00096600 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys 2014-04-07 22:05 - 2014-04-07 22:05 - 00054104 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd32.sys 2014-04-07 22:05 - 2014-04-07 22:05 - 00051032 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys 2014-04-07 22:05 - 2014-04-07 22:05 - 00045912 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys 2014-04-07 22:02 - 2014-04-07 22:02 - 00000000 ____D () C:\ProgramData\G DATA Software 2014-04-07 22:00 - 2014-04-07 22:00 - 00000000 ____D () C:\Program Files\G Data 2014-04-07 22:00 - 2014-04-07 22:00 - 00000000 ____D () C:\Program Files\Common Files\G Data 2014-04-07 21:50 - 2014-01-02 15:24 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-04-07 21:45 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp 2014-04-07 21:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration 2014-04-07 21:27 - 2014-04-07 21:27 - 00000813 _____ () C:\Users\user\fixlist.txt 2014-04-07 21:07 - 2014-04-07 21:04 - 00000163 _____ () C:\Windows\Reimage.ini 2014-04-07 21:06 - 2014-04-07 21:06 - 00000000 ____D () C:\ProgramData\CDB 2014-04-07 21:04 - 2014-04-07 21:03 - 00785888 _____ (Reimage®) C:\Users\user\Downloads\ReimageRepair.exe 2014-04-07 18:38 - 2014-04-07 18:38 - 00000000 ____D () C:\ProgramData\Ubisoft 2014-04-07 18:32 - 2014-01-13 00:01 - 00000000 ____D () C:\ProgramData\WPM 2014-04-07 18:24 - 2014-01-30 17:27 - 00000000 ____D () C:\Users\user\Desktop\GRY 2014-04-07 18:22 - 2014-04-07 18:16 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin 2014-04-07 18:21 - 2014-04-07 18:21 - 00000000 ____D () C:\ProgramData\PMB Files 2014-04-07 18:20 - 2014-04-07 18:19 - 34249488 _____ (Riot Games) C:\Users\user\Downloads\LeagueofLegends_EUNE_Installer_06_17_13 (1).exe 2014-04-07 18:12 - 2014-04-07 18:12 - 00684088 _____ () C:\Users\user\Downloads\pando-media-booster.exe 2014-04-07 18:06 - 2014-04-07 18:06 - 04765152 _____ (Piriform Ltd) C:\Users\user\Downloads\ccsetup411.exe 2014-04-07 18:00 - 2014-01-02 17:30 - 00000000 ____D () C:\Program Files\Steam 2014-04-07 17:31 - 2009-07-14 10:27 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-04-07 17:30 - 2014-01-12 16:39 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker 2014-04-07 17:30 - 2014-01-02 17:25 - 00000000 ____D () C:\Program Files\osu! 2014-04-07 17:30 - 2014-01-02 17:17 - 00000000 ____D () C:\Program Files\Pirrit 2014-04-07 17:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat 2014-04-07 17:29 - 2014-02-16 23:15 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-04-07 17:23 - 2014-04-07 16:53 - 00000000 ____D () C:\ProgramData\Origin 2014-04-07 16:58 - 2014-04-07 16:56 - 00000000 ____D () C:\Users\user\AppData\Roaming\Origin 2014-04-07 16:56 - 2014-04-07 16:56 - 00000000 ____D () C:\Users\user\AppData\Local\Origin 2014-03-22 11:31 - 2014-03-22 11:31 - 00000000 ____D () C:\Users\user\AppData\Roaming\Ubisoft 2014-03-22 11:25 - 2014-03-22 11:24 - 00140656 _____ () C:\Windows\DirectX.log 2014-03-22 11:10 - 2014-03-22 11:10 - 00000000 ____D () C:\Users\user\AppData\Roaming\InstallShield 2014-03-22 11:10 - 2014-03-22 11:10 - 00000000 ____D () C:\Program Files\Ubisoft 2014-03-15 21:24 - 2014-02-15 21:26 - 00000000 ____D () C:\Users\user\AppData\Roaming\TS3Client 2014-03-15 20:03 - 2014-02-15 21:12 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-03-15 13:53 - 2014-01-31 22:34 - 00000000 ____D () C:\Users\user\AppData\Local\dxhr 2014-03-15 13:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF Some content of TEMP: ==================== C:\Users\user\AppData\Local\Temp\biclient.exe C:\Users\user\AppData\Local\Temp\bitool.dll C:\Users\user\AppData\Local\Temp\ExpressSetup.exe C:\Users\user\AppData\Local\Temp\LiveSupport_setup.exe C:\Users\user\AppData\Local\Temp\OptimizerPro.exe C:\Users\user\AppData\Local\Temp\ReimageExpressPackage.exe C:\Users\user\AppData\Local\Temp\ReimageExpressSetup.exe C:\Users\user\AppData\Local\Temp\ReimagePackage.exe C:\Users\user\AppData\Local\Temp\setup_fst_pl.exe C:\Users\user\AppData\Local\Temp\SHSetup.exe C:\Users\user\AppData\Local\Temp\swt-win32-3349.dll C:\Users\user\AppData\Local\Temp\UpdateCheckerSetup.exe C:\Users\user\AppData\Local\Temp\_is2285.exe C:\Users\user\AppData\Local\Temp\_is589B.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-05 23:14 ==================== End Of Log ============================