Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2014 Ran by Troll (administrator) on TROLL-PC on 10-07-2014 13:19:48 Running from C:\Users\Troll\Desktop\Nowy folder Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe () C:\ProgramData\DatacardService\DCService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (GamersFirst) C:\Users\Troll\AppData\Local\GamersFirst\LIVE!\Live.exe (WB Games ) C:\Users\Troll\AppData\Roaming\winlogon.exe (WB Games ) C:\Users\Troll\AppData\Roaming\csrss.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-05-11] (Realtek Semiconductor) HKLM\...\Run: [MSC] => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] () HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Winlogon] => C:\Users\Troll\AppData\Roaming\winlogon.exe [864256 2014-06-29] (WB Games ) HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation) HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd) HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466656 2014-05-23] (Sony) HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\Run: [Winlogon] => C:\Users\Troll\AppData\Roaming\winlogon.exe [864256 2014-06-29] (WB Games ) HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: {2e47ead1-ac24-11e3-90b4-001d7dd6ee49} - E:\AutoRun.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: {39d7ac5c-bb14-11e3-90a1-001e101f8924} - H:\Startme.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: {43563c6c-b14a-11e3-89cf-001e101f63cf} - G:\Setup.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: {47b109e5-a18d-11e3-82e3-806e6f6e6963} - E:\AutoRun.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: {5dc6946a-ba48-11e3-8158-001e101fabdd} - E:\AutoRun.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: {5dc69501-ba48-11e3-8158-001e101fabdd} - E:\AutoRun.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: {71e71820-a295-11e3-a3d2-806e6f6e6963} - E:\AutoRun.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: {ad1eee11-baf7-11e3-8ffa-806e6f6e6963} - E:\AutoRun.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: {ad1ef17f-baf7-11e3-8ffa-001d7dd6ee49} - E:\AutoRun.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: {c8ff1082-df9f-11e3-afda-806e6f6e6963} - E:\AutoRun.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: {dde37d19-a18e-11e3-aa49-001d7dd6ee49} - E:\AutoRun.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\MountPoints2: {fa205e31-a76a-11e3-ad78-001d7dd6ee49} - E:\AutoRun.exe HKU\S-1-5-21-4204374225-1467380535-1905168010-1000\...\Winlogon: [Shell] C:\Users\Troll\AppData\Roaming\winlogon.exe [864256 2014-06-29] (WB Games ) <==== ATTENTION AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => "c:\windows\syswow64\nvinit.dll" File Not Found IFEO\AvastSvc.exe: [Debugger] nqij.exe IFEO\AvastUI.exe: [Debugger] nqij.exe IFEO\avcenter.exe: [Debugger] nqij.exe IFEO\avconfig.exe: [Debugger] nqij.exe IFEO\avgcsrvx.exe: [Debugger] nqij.exe IFEO\avgidsagent.exe: [Debugger] nqij.exe IFEO\avgnt.exe: [Debugger] nqij.exe IFEO\avgrsx.exe: [Debugger] nqij.exe IFEO\avgui.exe: [Debugger] nqij.exe IFEO\avgwdsvc.exe: [Debugger] nqij.exe IFEO\Avira.OE.ServiceHost.exe: [Debugger] nqij.exe IFEO\Avira.OE.Systray.exe: [Debugger] nqij.exe IFEO\avp.exe: [Debugger] nqij.exe IFEO\avshadow.exe: [Debugger] nqij.exe IFEO\bdagent.exe: [Debugger] nqij.exe IFEO\blindman.exe: [Debugger] nqij.exe IFEO\ccuac.exe: [Debugger] nqij.exe IFEO\ComboFix.exe: [Debugger] nqij.exe IFEO\egui.exe: [Debugger] nqij.exe IFEO\hijackthis.exe: [Debugger] nqij.exe IFEO\instup.exe: [Debugger] nqij.exe IFEO\keyscrambler.exe: [Debugger] nqij.exe IFEO\mbam.exe: [Debugger] nqij.exe IFEO\mbamgui.exe: [Debugger] nqij.exe IFEO\mbampt.exe: [Debugger] nqij.exe IFEO\mbamscheduler.exe: [Debugger] nqij.exe IFEO\mbamservice.exe: [Debugger] nqij.exe IFEO\MpCmdRun.exe: [Debugger] nqij.exe IFEO\MSASCui.exe: [Debugger] nqij.exe IFEO\MsMpEng.exe: [Debugger] nqij.exe IFEO\msseces.exe: [Debugger] nqij.exe IFEO\rstrui.exe: [Debugger] nqij.exe IFEO\SDFiles.exe: [Debugger] nqij.exe IFEO\SDMain.exe: [Debugger] nqij.exe IFEO\SDWinSec.exe: [Debugger] nqij.exe IFEO\spybotsd.exe: [Debugger] nqij.exe IFEO\wireshark.exe: [Debugger] nqij.exe IFEO\zlclient.exe: [Debugger] nqij.exe InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\more.url -> hxxp://adf.ly/pRzv6 Startup: C:\Users\Troll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Users\Troll\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\..\Interfaces\{3935C06C-6DBD-40DF-914C-ADA491C90ADA}: [NameServer]89.108.195.21 89.108.202.21 Tcpip\..\Interfaces\{8AFA8019-C9D5-42E3-B046-74DE49F97078}: [NameServer]89.108.195.21 89.108.202.21 Tcpip\..\Interfaces\{8DC45CE9-E9B5-4F3B-8719-F0146EB8AAFB}: [NameServer]89.108.195.20 89.108.202.20 Tcpip\..\Interfaces\{E341CDB4-0920-456E-BE40-AC7C37A55805}: [NameServer]89.108.195.20 89.108.202.20 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Troll\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Extension: Widget context - C:\Users\Troll\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-03-23] Chrome: ======= CHR HomePage: hxxp://www.google.com CHR StartupUrls: "hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=80936c62000000000000001e101fcab6", "hxxp://www.nationzoom.com/?type=hp&ts=1389429381&from=ild&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hp&ts=1398459051&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398498424&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398540976&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398578541&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398586259&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398605531&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398625955&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398691391&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398712758&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398790381&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398800466&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398845853&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398867903&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398887992&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398936779&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1398974598&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1399019085&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1399037564&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1399044379&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1399060484&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1399067972&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1399144818&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1399233102&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1399236807&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://istart.webssearches.com/?type=hppp&ts=1399274043&from=slbnew&uid=SAMSUNGXSP1604N_S013J10Y937932", "hxxp://www.google.pl/" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Unity Player) - C:\Users\Troll\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) CHR Extension: (Dark Legends) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\acfbekphmapfjpdkfedomagjpccekhaa [2014-03-02] CHR Extension: (Dokumenty Google) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-02] CHR Extension: (Dysk Google) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-02] CHR Extension: (YouTube) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-02] CHR Extension: (Gun Bros) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciamkmigckbgfajcieiflmkedohjjohh [2014-03-02] CHR Extension: (Eukarion Tales 2 (RPG Diablo 2 like)) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjmkjiknedogainifblijfhcfndmgggj [2014-03-02] CHR Extension: (Szukaj w Google) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-02] CHR Extension: (Realm of the Mad God) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp [2014-03-02] CHR Extension: (Conclave) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcakebalijmchimjjkbjjfiicjddofib [2014-03-02] CHR Extension: (Don't Starve) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2014-03-02] CHR Extension: (Tea clock) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmldmlgafdbnfhhicheojakimpmocggp [2014-03-02] CHR Extension: (Diablo III (1366x768)) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbphmmjcakhgkgaamkmhgmkegomlackk [2014-05-04] CHR Extension: (Command & Conquer Tiberium Alliances) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe [2014-03-02] CHR Extension: (Cargo Bridge) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2014-03-02] CHR Extension: (Drakensang Online) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgloifppaepihckkhiocnodicehjdoof [2014-03-02] CHR Extension: (Pocket Legends) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhpdbcnfpodnaefldpdohoibdajcfabp [2014-03-02] CHR Extension: (Need for Speed World) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [2014-03-02] CHR Extension: (BeGone) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk [2014-03-02] CHR Extension: (Google Wallet) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-02] CHR Extension: (Bookmax - Bookmark Manager) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjpkfadmfhloombfmmlllnbhkoehckm [2014-03-02] CHR Extension: (Gmail) - C:\Users\Troll\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-02] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG) S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [0 ] (Avira Operations GmbH & Co. KG) S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] () [File not signed] R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [File not signed] S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed] R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-24] () R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.) S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-03-22] (DT Soft Ltd) R1 Eve; C:\Windows\System32\DRIVERS\eve.sys [41304 2014-01-23] () R3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [252928 2010-04-30] (Huawei Technologies Co., Ltd.) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2010-07-16] (CACE Technologies, Inc.) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-04-02] (Synaptics Incorporated) R1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}w64; C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys [61112 2014-07-02] (StdLib) S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X] S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X] S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-10 13:17 - 2014-07-10 13:17 - 00000000 ____D () C:\Users\Troll\Desktop\logi 2014-07-10 12:56 - 2014-07-10 13:19 - 00000000 ____D () C:\Users\Troll\Desktop\Nowy folder 2014-07-03 11:15 - 2014-07-03 11:15 - 00000000 ____D () C:\Users\Troll\Downloads\problem 2014-07-03 10:50 - 2014-07-03 10:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-03 10:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-03 10:18 - 2014-07-03 10:19 - 00000000 ____D () C:\Users\Troll\Downloads\Nowy folder 2014-07-03 10:17 - 2014-07-10 13:19 - 00000000 ____D () C:\FRST 2014-07-03 01:46 - 2014-07-02 12:08 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys 2014-07-03 01:04 - 2014-07-03 01:04 - 00000000 ____D () C:\Users\Troll\Documents\VSO Downloader 2014-07-03 01:02 - 2014-07-03 01:02 - 00000000 ____D () C:\ProgramData\VSO 2014-07-03 01:02 - 2014-07-03 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO 2014-07-03 01:02 - 2014-07-03 01:02 - 00000000 ____D () C:\Program Files\WinPcap 2014-07-03 01:02 - 2014-07-03 01:02 - 00000000 ____D () C:\Program Files (x86)\VSO 2014-07-03 01:02 - 2014-01-23 11:19 - 00041304 _____ () C:\Windows\system32\Drivers\eve.sys 2014-07-03 00:41 - 2014-07-03 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetASFStream 2014-07-03 00:40 - 2014-07-03 00:40 - 00000000 ____D () C:\Users\Troll\AppData\Local\WorldofTanks 2014-07-03 00:10 - 2014-07-03 00:10 - 00000000 ____D () C:\ProgramData\RELOADED 2014-07-03 00:08 - 2014-07-03 00:43 - 00000000 ____D () C:\Users\Troll\Downloads\Professional.Farmer.2014.Platinum.Edition-TiNYiSO 2014-07-01 20:22 - 2014-07-01 22:46 - 00000000 ____D () C:\Program Files (x86)\Kaos Studios 2014-07-01 00:38 - 2014-07-01 00:38 - 00003002 _____ () C:\Windows\System32\Tasks\{A12A0A09-D09D-43B8-BBBB-1E2E03B30849} 2014-07-01 00:37 - 2014-07-01 00:37 - 00003002 _____ () C:\Windows\System32\Tasks\{FD12612D-206B-43CB-BF25-1AD495F47031} 2014-07-01 00:37 - 2014-07-01 00:37 - 00003002 _____ () C:\Windows\System32\Tasks\{EEE71B01-1232-44A8-8FC5-62CE180324AD} 2014-07-01 00:33 - 2014-07-01 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games 2014-07-01 00:30 - 2014-07-10 13:19 - 00227544 _____ () C:\Users\Troll\AppData\Roaming\msconfig.ini 2014-07-01 00:29 - 2014-07-10 09:48 - 01118107 _____ (WB Games ) C:\Users\Troll\AppData\Roaming\Setup.exe 2014-07-01 00:29 - 2014-07-10 09:48 - 00000000 __SHD () C:\Windows\SysWOW64\Windows System 2014-06-30 07:31 - 2014-06-30 07:31 - 00404640 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-30 07:31 - 2014-06-30 07:31 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-06-29 23:58 - 2014-06-29 23:58 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Awesomium 2014-06-29 23:57 - 2014-06-29 23:58 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios 2014-06-29 23:57 - 2014-06-29 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios 2014-06-29 23:57 - 2014-06-29 23:57 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios 2014-06-29 23:26 - 2014-06-29 23:26 - 00000000 ____D () C:\Program Files (x86)\O22y Inc 2014-06-29 05:09 - 2014-06-29 05:09 - 00864256 __RSH (WB Games ) C:\Users\Troll\AppData\Roaming\winlogon.exe 2014-06-29 05:09 - 2014-06-29 05:09 - 00864256 ___SH (WB Games ) C:\Users\Troll\AppData\Roaming\csrss.exe 2014-06-25 21:54 - 2014-06-30 22:36 - 00059664 _____ () C:\1020.log 2014-06-24 21:02 - 2014-06-24 21:02 - 00000000 ____D () C:\Users\Troll\Documents\Ubisoft 2014-06-24 20:59 - 2014-06-30 07:30 - 00037329 _____ () C:\Windows\DirectX.log 2014-06-19 20:37 - 2014-06-26 22:28 - 00000000 _____ () C:\dfu.log 2014-06-19 13:35 - 2014-06-19 13:31 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-06-19 13:33 - 2014-06-19 13:33 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Avira 2014-06-19 13:28 - 2014-05-27 17:13 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-06-19 13:28 - 2014-05-27 17:13 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-19 13:28 - 2014-05-27 17:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-06-19 13:21 - 2014-06-19 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-06-19 13:21 - 2014-06-19 13:28 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-06-19 13:20 - 2014-06-19 13:28 - 00000000 ____D () C:\ProgramData\Avira 2014-06-19 13:18 - 2014-06-19 13:18 - 00007614 _____ () C:\Users\Troll\AppData\Local\Resmon.ResmonCfg 2014-06-19 13:15 - 2014-06-19 13:15 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled 2014-06-19 13:12 - 2014-06-19 13:12 - 00003094 _____ () C:\Windows\System32\Tasks\{6B11E538-0C13-4C3D-8135-78E0BDA2B464} 2014-06-18 21:37 - 2014-06-24 16:12 - 00013600 _____ () C:\Windows\DPINST.LOG 2014-06-17 22:12 - 2014-07-10 09:46 - 00014286 _____ () C:\Windows\setupact.log 2014-06-17 22:12 - 2014-07-03 10:28 - 00477816 _____ () C:\Windows\PFRO.log 2014-06-17 22:12 - 2014-06-17 22:12 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-17 19:57 - 2014-06-20 14:49 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\WorldPainter 2014-06-17 19:57 - 2014-06-20 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldPainter 2014-06-17 19:57 - 2014-06-20 14:14 - 00000000 ____D () C:\Program Files\WorldPainter 2014-06-17 19:56 - 2014-06-17 19:56 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-06-17 19:56 - 2014-06-17 19:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-06-17 19:56 - 2014-06-17 19:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-06-17 19:56 - 2014-06-17 19:56 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-06-17 19:56 - 2014-06-17 19:56 - 00000000 ____D () C:\Program Files\Java 2014-06-16 22:15 - 2014-06-16 22:17 - 00000000 ____D () C:\Users\Troll\Documents\New Unity Project 2014-06-15 11:33 - 2014-06-15 11:33 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\dekovir 2014-06-15 10:32 - 2014-06-16 22:15 - 00000000 ____D () C:\ProgramData\Unity 2014-06-15 10:32 - 2014-06-15 10:32 - 00000000 ____D () C:\Users\Troll\AppData\Local\Apple Computer 2014-06-15 10:26 - 2014-06-15 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2014-06-15 10:26 - 2014-06-15 10:26 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects 2014-06-15 10:11 - 2014-06-17 19:29 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Forest 1.0 2014-06-14 14:40 - 2014-06-17 15:57 - 00000000 ____D () C:\Users\Troll\Documents\Assassin's Creed III 2014-06-14 11:53 - 2014-06-19 13:11 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-06-14 10:57 - 2014-06-14 10:57 - 00002918 _____ () C:\Windows\System32\Tasks\{03D4B7AF-16EB-47DC-B227-E6C9FA502E61} 2014-06-14 10:09 - 2014-06-14 10:09 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit 2014-06-14 10:08 - 2014-06-14 10:08 - 00000000 ____D () C:\Program Files\Application Verifier 2014-06-14 10:08 - 2014-06-14 10:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs 2014-06-14 10:08 - 2014-06-14 10:08 - 00000000 ____D () C:\Program Files (x86)\Application Verifier 2014-06-14 10:07 - 2014-06-14 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2014-06-14 10:06 - 2014-06-14 10:06 - 00000000 ____D () C:\Program Files (x86)\Windows Kits 2014-06-14 09:42 - 2014-06-14 09:42 - 00002918 _____ () C:\Windows\System32\Tasks\{AACEC33F-9106-49A4-AD24-FB92D964BF40} 2014-06-14 09:38 - 2014-06-17 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watch_Dogs 2014-06-14 09:38 - 2014-06-14 09:38 - 00000000 ____D () C:\ProgramData\Orbit 2014-06-14 09:34 - 2014-06-14 09:34 - 00025715 _____ () C:\Users\Troll\AppData\Local\recently-used.xbel 2014-06-12 20:04 - 2014-06-12 20:04 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Mirillis 2014-06-12 20:04 - 2014-06-12 20:04 - 00000000 ____D () C:\ProgramData\Mirillis 2014-06-12 19:54 - 2014-06-12 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis 2014-06-12 19:54 - 2014-06-12 19:54 - 00000000 ____D () C:\Program Files (x86)\Action! 2014-06-12 19:27 - 2014-06-12 19:27 - 00003014 _____ () C:\Windows\System32\Tasks\{50286B26-D734-42EC-853B-C22C7F43DD1B} 2014-06-12 19:26 - 2014-06-12 20:04 - 00000000 ____D () C:\Users\Troll\AppData\Local\Mirillis 2014-06-12 19:26 - 2014-06-12 19:26 - 00000000 ____D () C:\Users\Troll\Documents\Action! 2014-06-12 17:15 - 2014-03-10 18:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll 2014-06-12 17:15 - 2013-11-19 16:52 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe 2014-06-12 07:00 - 2014-06-24 20:33 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Ubisoft 2014-06-12 04:35 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-12 04:35 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-12 04:35 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-12 04:35 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-12 04:34 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-12 04:34 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-12 04:34 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-12 04:34 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-12 04:34 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-12 04:34 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-12 04:34 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-12 04:34 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-12 04:34 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-12 04:34 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-12 04:34 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-12 04:34 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-12 04:34 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-12 04:34 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-12 04:34 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-12 04:34 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-12 04:34 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-12 04:34 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-12 04:34 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-12 04:34 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-12 04:34 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-12 04:34 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-12 04:34 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-12 04:34 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-12 04:34 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-12 04:34 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-12 04:34 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-12 04:34 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-12 04:34 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-12 04:34 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-12 04:34 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-12 04:34 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-12 04:34 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-12 04:34 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-12 04:34 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-12 04:34 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-12 04:34 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-12 04:34 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-12 04:34 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-12 04:34 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-12 04:34 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-12 04:34 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-12 04:34 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-12 04:34 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-12 04:34 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-12 04:34 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-12 04:34 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-12 04:34 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-12 04:34 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-12 04:34 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-12 04:34 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-12 04:34 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-12 04:34 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-06-12 04:34 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2014-06-12 04:34 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-12 04:34 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-12 04:34 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-12 04:34 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-12 04:34 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-12 04:34 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-12 04:34 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-12 04:34 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-12 04:32 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-12 04:32 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-11 14:46 - 2012-09-18 09:34 - 00574100 _____ () C:\Windows\system32\hp1022n.img 2014-06-11 14:46 - 2012-09-18 09:34 - 00206768 _____ () C:\Windows\system32\hp1022.img 2014-06-11 14:46 - 2012-09-18 09:34 - 00128820 _____ () C:\Windows\system32\hp1020.img 2014-06-11 14:46 - 2012-09-18 09:34 - 00010632 _____ () C:\Windows\system32\ZSHP1020.CHM 2014-06-11 14:14 - 2012-09-18 15:27 - 00501760 _____ () C:\Windows\system32\ZSHP1020.EXE 2014-06-11 14:14 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\system32\ZLhp1020.DLL 2014-06-11 14:14 - 2012-09-18 09:34 - 00245248 _____ () C:\Windows\system32\zshp1020s.dll 2014-06-11 14:14 - 2012-09-18 09:34 - 00128380 _____ () C:\Windows\system32\hp1018.img 2014-06-11 14:14 - 2012-09-18 09:34 - 00010632 _____ () C:\Windows\system32\ZSHP1018.CHM 2014-06-11 14:12 - 2014-06-11 14:12 - 00000000 ____D () C:\Program Files\HP 2014-06-11 14:09 - 2014-06-11 14:09 - 00000000 ____D () C:\Program Files (x86)\HP 2014-06-11 14:07 - 2014-06-11 14:07 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard 2014-06-10 14:31 - 2014-06-10 14:31 - 01253888 _____ (Firelight Technologies) C:\Windows\SysWOW64\fmodex.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-06-10 14:05 - 2014-06-10 14:05 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-06-10 14:05 - 2014-06-10 14:05 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-06-10 14:05 - 2014-06-10 14:05 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-06-10 14:05 - 2014-06-10 14:05 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-06-10 14:05 - 2014-06-10 14:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys 2014-06-10 14:05 - 2014-06-10 14:05 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2014-06-10 14:05 - 2014-06-10 14:05 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-06-10 14:01 - 2014-06-10 14:01 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-06-10 14:01 - 2014-06-10 14:01 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll ==================== One Month Modified Files and Folders ======= 2014-07-10 13:19 - 2014-07-10 12:56 - 00000000 ____D () C:\Users\Troll\Desktop\Nowy folder 2014-07-10 13:19 - 2014-07-03 10:17 - 00000000 ____D () C:\FRST 2014-07-10 13:19 - 2014-07-01 00:30 - 00227544 _____ () C:\Users\Troll\AppData\Roaming\msconfig.ini 2014-07-10 13:17 - 2014-07-10 13:17 - 00000000 ____D () C:\Users\Troll\Desktop\logi 2014-07-10 13:14 - 2014-03-02 00:06 - 01857097 _____ () C:\Windows\WindowsUpdate.log 2014-07-10 13:12 - 2009-07-14 06:45 - 00022032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-10 13:12 - 2009-07-14 06:45 - 00022032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-10 09:48 - 2014-07-01 00:29 - 01118107 _____ (WB Games ) C:\Users\Troll\AppData\Roaming\Setup.exe 2014-07-10 09:48 - 2014-07-01 00:29 - 00000000 __SHD () C:\Windows\SysWOW64\Windows System 2014-07-10 09:46 - 2014-06-17 22:12 - 00014286 _____ () C:\Windows\setupact.log 2014-07-09 16:16 - 2014-04-22 22:04 - 00282696 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-07-09 16:16 - 2014-04-22 22:02 - 00282696 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-07-09 14:08 - 2011-04-12 15:21 - 00739694 _____ () C:\Windows\system32\perfh015.dat 2014-07-09 14:08 - 2011-04-12 15:21 - 00155268 _____ () C:\Windows\system32\perfc015.dat 2014-07-09 14:08 - 2009-07-14 07:13 - 01668226 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-08 23:05 - 2014-03-21 13:41 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\.minecraft 2014-07-08 22:39 - 2014-03-24 08:42 - 00000000 ____D () C:\Users\Troll\AppData\Local\CrashDumps 2014-07-08 20:13 - 2014-03-01 10:58 - 00000000 ___RD () C:\Users\Troll\Desktop\Rzeczy Generała 2014-07-07 23:03 - 2014-04-22 22:02 - 00282696 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-07-06 21:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2014-07-05 12:03 - 2014-03-01 12:29 - 00000000 ____D () C:\Users\Troll\Downloads\Muzyka 2014-07-04 10:58 - 2014-04-08 22:09 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-04 09:28 - 2014-03-01 11:04 - 00000000 ___RD () C:\Users\Troll\Desktop\Gry 2014-07-03 11:15 - 2014-07-03 11:15 - 00000000 ____D () C:\Users\Troll\Downloads\problem 2014-07-03 10:50 - 2014-07-03 10:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-03 10:28 - 2014-06-17 22:12 - 00477816 _____ () C:\Windows\PFRO.log 2014-07-03 10:20 - 2014-07-03 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetASFStream 2014-07-03 10:20 - 2014-03-12 00:12 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2014-07-03 10:20 - 2014-03-12 00:12 - 00000000 ____D () C:\Program Files\Image-Line 2014-07-03 10:19 - 2014-07-03 10:18 - 00000000 ____D () C:\Users\Troll\Downloads\Nowy folder 2014-07-03 10:01 - 2014-03-02 00:41 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\uTorrent 2014-07-03 09:44 - 2014-03-01 12:28 - 00000000 ___RD () C:\Users\Troll\Desktop\Programy 2014-07-03 05:45 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini 2014-07-03 01:04 - 2014-07-03 01:04 - 00000000 ____D () C:\Users\Troll\Documents\VSO Downloader 2014-07-03 01:02 - 2014-07-03 01:02 - 00000000 ____D () C:\ProgramData\VSO 2014-07-03 01:02 - 2014-07-03 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO 2014-07-03 01:02 - 2014-07-03 01:02 - 00000000 ____D () C:\Program Files\WinPcap 2014-07-03 01:02 - 2014-07-03 01:02 - 00000000 ____D () C:\Program Files (x86)\VSO 2014-07-03 00:43 - 2014-07-03 00:08 - 00000000 ____D () C:\Users\Troll\Downloads\Professional.Farmer.2014.Platinum.Edition-TiNYiSO 2014-07-03 00:42 - 2014-03-02 00:18 - 00000000 ____D () C:\Users\Troll\AppData\Local\VirtualStore 2014-07-03 00:40 - 2014-07-03 00:40 - 00000000 ____D () C:\Users\Troll\AppData\Local\WorldofTanks 2014-07-03 00:10 - 2014-07-03 00:10 - 00000000 ____D () C:\ProgramData\RELOADED 2014-07-03 00:10 - 2014-03-01 12:34 - 00000000 ____D () C:\Users\Troll\Documents\My Games 2014-07-02 15:11 - 2014-03-02 11:58 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Adobe 2014-07-02 12:08 - 2014-07-03 01:46 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys 2014-07-01 22:50 - 2014-03-01 11:03 - 00000000 ____D () C:\Program Files (x86)\GRY 2014-07-01 22:48 - 2014-03-12 09:21 - 00000000 ____D () C:\Games 2014-07-01 22:46 - 2014-07-01 20:22 - 00000000 ____D () C:\Program Files (x86)\Kaos Studios 2014-07-01 18:37 - 2014-05-14 07:56 - 00000000 ____D () C:\Users\Troll\AppData\Local\GamersFirst LIVE! 2014-07-01 09:30 - 2014-03-02 00:45 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-01 00:38 - 2014-07-01 00:38 - 00003002 _____ () C:\Windows\System32\Tasks\{A12A0A09-D09D-43B8-BBBB-1E2E03B30849} 2014-07-01 00:37 - 2014-07-01 00:37 - 00003002 _____ () C:\Windows\System32\Tasks\{FD12612D-206B-43CB-BF25-1AD495F47031} 2014-07-01 00:37 - 2014-07-01 00:37 - 00003002 _____ () C:\Windows\System32\Tasks\{EEE71B01-1232-44A8-8FC5-62CE180324AD} 2014-07-01 00:37 - 2014-03-02 14:33 - 00000000 ____D () C:\Users\Troll\AppData\Local\SKIDROW 2014-07-01 00:33 - 2014-07-01 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games 2014-07-01 00:29 - 2014-03-22 09:52 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\DAEMON Tools Lite 2014-06-30 22:36 - 2014-06-25 21:54 - 00059664 _____ () C:\1020.log 2014-06-30 20:30 - 2014-03-02 00:45 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-30 19:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-30 07:31 - 2014-06-30 07:31 - 00404640 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-30 07:31 - 2014-06-30 07:31 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-06-30 07:30 - 2014-06-24 20:59 - 00037329 _____ () C:\Windows\DirectX.log 2014-06-29 23:58 - 2014-06-29 23:58 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Awesomium 2014-06-29 23:58 - 2014-06-29 23:57 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios 2014-06-29 23:57 - 2014-06-29 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios 2014-06-29 23:57 - 2014-06-29 23:57 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios 2014-06-29 23:57 - 2014-03-17 09:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-06-29 23:30 - 2014-06-06 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O22y Inc 2014-06-29 23:26 - 2014-06-29 23:26 - 00000000 ____D () C:\Program Files (x86)\O22y Inc 2014-06-29 05:09 - 2014-06-29 05:09 - 00864256 __RSH (WB Games ) C:\Users\Troll\AppData\Roaming\winlogon.exe 2014-06-29 05:09 - 2014-06-29 05:09 - 00864256 ___SH (WB Games ) C:\Users\Troll\AppData\Roaming\csrss.exe 2014-06-26 22:28 - 2014-06-19 20:37 - 00000000 _____ () C:\dfu.log 2014-06-24 23:48 - 2014-04-13 07:17 - 00000000 ____D () C:\Users\Troll\AppData\Local\PunkBuster 2014-06-24 21:02 - 2014-06-24 21:02 - 00000000 ____D () C:\Users\Troll\Documents\Ubisoft 2014-06-24 21:00 - 2014-04-22 22:02 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-06-24 20:56 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-06-24 20:33 - 2014-06-12 07:00 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Ubisoft 2014-06-24 20:25 - 2014-05-23 22:45 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2014-06-24 19:34 - 2014-04-25 13:42 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Skype 2014-06-24 16:12 - 2014-06-18 21:37 - 00013600 _____ () C:\Windows\DPINST.LOG 2014-06-24 16:12 - 2014-04-03 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2014-06-24 10:13 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-22 20:25 - 2014-03-02 00:45 - 00004042 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-22 20:25 - 2014-03-02 00:45 - 00003790 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-22 20:23 - 2014-03-12 15:57 - 00000000 ____D () C:\Users\Troll\Downloads\Obrazy 2014-06-22 20:23 - 2014-03-02 20:13 - 00000000 ____D () C:\Users\Troll\Downloads\Dodatki do GIER 2014-06-20 18:20 - 2014-03-25 08:21 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\SpinTires 2014-06-20 14:49 - 2014-06-17 19:57 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\WorldPainter 2014-06-20 14:14 - 2014-06-17 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldPainter 2014-06-20 14:14 - 2014-06-17 19:57 - 00000000 ____D () C:\Program Files\WorldPainter 2014-06-20 11:47 - 2014-04-24 07:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2014-06-20 10:00 - 2014-06-03 14:23 - 00000000 ____D () C:\Program Files (x86)\Activision 2014-06-19 14:37 - 2014-05-17 19:23 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\TS3Client 2014-06-19 13:43 - 2014-03-15 13:12 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-06-19 13:43 - 2014-03-02 00:39 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-19 13:33 - 2014-06-19 13:33 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Avira 2014-06-19 13:31 - 2014-06-19 13:35 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-06-19 13:29 - 2014-06-19 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-06-19 13:28 - 2014-06-19 13:21 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-06-19 13:28 - 2014-06-19 13:20 - 00000000 ____D () C:\ProgramData\Avira 2014-06-19 13:20 - 2014-05-01 23:37 - 00000000 ____D () C:\ProgramData\Package Cache 2014-06-19 13:18 - 2014-06-19 13:18 - 00007614 _____ () C:\Users\Troll\AppData\Local\Resmon.ResmonCfg 2014-06-19 13:16 - 2014-04-01 12:20 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit 2014-06-19 13:15 - 2014-06-19 13:15 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled 2014-06-19 13:14 - 2014-03-12 00:12 - 00000000 ____D () C:\Program Files (x86)\DSPRobotics 2014-06-19 13:13 - 2014-05-11 20:28 - 00000000 ____D () C:\ProgramData\ProductData 2014-06-19 13:12 - 2014-06-19 13:12 - 00003094 _____ () C:\Windows\System32\Tasks\{6B11E538-0C13-4C3D-8135-78E0BDA2B464} 2014-06-19 13:12 - 2014-05-04 08:03 - 00000000 ____D () C:\Program Files (x86)\Mount&Blade Warband 2014-06-19 13:12 - 2014-03-15 13:12 - 00000000 ____D () C:\ProgramData\IObit 2014-06-19 13:11 - 2014-06-14 11:53 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-06-19 13:11 - 2014-03-26 23:34 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-06-17 22:12 - 2014-06-17 22:12 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-17 19:56 - 2014-06-17 19:56 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-06-17 19:56 - 2014-06-17 19:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-06-17 19:56 - 2014-06-17 19:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-06-17 19:56 - 2014-06-17 19:56 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-06-17 19:56 - 2014-06-17 19:56 - 00000000 ____D () C:\Program Files\Java 2014-06-17 19:29 - 2014-06-15 10:11 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Forest 1.0 2014-06-17 19:29 - 2014-06-14 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watch_Dogs 2014-06-17 15:58 - 2014-05-23 22:45 - 00000000 ____D () C:\Users\Troll\AppData\Local\Ubisoft Game Launcher 2014-06-17 15:57 - 2014-06-14 14:40 - 00000000 ____D () C:\Users\Troll\Documents\Assassin's Creed III 2014-06-16 22:17 - 2014-06-16 22:15 - 00000000 ____D () C:\Users\Troll\Documents\New Unity Project 2014-06-16 22:15 - 2014-06-15 10:32 - 00000000 ____D () C:\ProgramData\Unity 2014-06-16 22:15 - 2014-05-25 16:36 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Unity 2014-06-15 14:52 - 2014-05-25 16:25 - 00000000 ____D () C:\Users\Troll\AppData\Local\Unity 2014-06-15 14:06 - 2014-03-01 12:29 - 00000000 ____D () C:\Users\Troll\Downloads\Video 2014-06-15 11:33 - 2014-06-15 11:33 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\dekovir 2014-06-15 10:32 - 2014-06-15 10:32 - 00000000 ____D () C:\Users\Troll\AppData\Local\Apple Computer 2014-06-15 10:32 - 2014-05-11 20:28 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Apple Computer 2014-06-15 10:28 - 2014-06-15 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2014-06-15 10:26 - 2014-06-15 10:26 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects 2014-06-14 11:53 - 2014-04-26 00:59 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-06-14 11:53 - 2014-04-26 00:59 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-06-14 10:57 - 2014-06-14 10:57 - 00002918 _____ () C:\Windows\System32\Tasks\{03D4B7AF-16EB-47DC-B227-E6C9FA502E61} 2014-06-14 10:09 - 2014-06-14 10:09 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit 2014-06-14 10:09 - 2014-06-14 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2014-06-14 10:08 - 2014-06-14 10:08 - 00000000 ____D () C:\Program Files\Application Verifier 2014-06-14 10:08 - 2014-06-14 10:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs 2014-06-14 10:08 - 2014-06-14 10:08 - 00000000 ____D () C:\Program Files (x86)\Application Verifier 2014-06-14 10:06 - 2014-06-14 10:06 - 00000000 ____D () C:\Program Files (x86)\Windows Kits 2014-06-14 09:42 - 2014-06-14 09:42 - 00002918 _____ () C:\Windows\System32\Tasks\{AACEC33F-9106-49A4-AD24-FB92D964BF40} 2014-06-14 09:39 - 2014-03-12 15:52 - 00000000 ____D () C:\Users\Troll\.gimp-2.8 2014-06-14 09:38 - 2014-06-14 09:38 - 00000000 ____D () C:\ProgramData\Orbit 2014-06-14 09:34 - 2014-06-14 09:34 - 00025715 _____ () C:\Users\Troll\AppData\Local\recently-used.xbel 2014-06-13 17:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-12 20:04 - 2014-06-12 20:04 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Mirillis 2014-06-12 20:04 - 2014-06-12 20:04 - 00000000 ____D () C:\ProgramData\Mirillis 2014-06-12 20:04 - 2014-06-12 19:26 - 00000000 ____D () C:\Users\Troll\AppData\Local\Mirillis 2014-06-12 19:54 - 2014-06-12 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis 2014-06-12 19:54 - 2014-06-12 19:54 - 00000000 ____D () C:\Program Files (x86)\Action! 2014-06-12 19:27 - 2014-06-12 19:27 - 00003014 _____ () C:\Windows\System32\Tasks\{50286B26-D734-42EC-853B-C22C7F43DD1B} 2014-06-12 19:26 - 2014-06-12 19:26 - 00000000 ____D () C:\Users\Troll\Documents\Action! 2014-06-12 17:25 - 2014-03-15 22:03 - 00000000 ____D () C:\Program Files (x86)\Brick-Force 2014-06-12 17:15 - 2014-05-11 20:25 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\IObit 2014-06-12 07:07 - 2014-04-22 20:50 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-12 07:00 - 2014-05-25 12:00 - 00000000 ____D () C:\ProgramData\Ubisoft 2014-06-11 14:12 - 2014-06-11 14:12 - 00000000 ____D () C:\Program Files\HP 2014-06-11 14:09 - 2014-06-11 14:09 - 00000000 ____D () C:\Program Files (x86)\HP 2014-06-11 14:07 - 2014-06-11 14:07 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard 2014-06-11 07:24 - 2014-04-12 00:01 - 00000000 ____D () C:\Ubisoft 2014-06-11 07:24 - 2014-04-12 00:00 - 00000000 ____D () C:\Users\Troll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-06-11 07:24 - 2014-04-11 23:59 - 00000000 ____D () C:\Users\Troll\AppData\Local\Deployment 2014-06-11 04:49 - 2014-03-01 12:10 - 00002149 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-10 18:37 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-06-10 18:36 - 2009-07-14 06:45 - 00300920 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-06-10 18:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-06-10 17:26 - 2014-03-02 00:32 - 00067624 _____ () C:\Users\Troll\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-10 14:31 - 2014-06-10 14:31 - 01253888 _____ (Firelight Technologies) C:\Windows\SysWOW64\fmodex.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-06-10 14:05 - 2014-06-10 14:05 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-06-10 14:05 - 2014-06-10 14:05 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-06-10 14:05 - 2014-06-10 14:05 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-06-10 14:05 - 2014-06-10 14:05 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-06-10 14:05 - 2014-06-10 14:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys 2014-06-10 14:05 - 2014-06-10 14:05 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2014-06-10 14:05 - 2014-06-10 14:05 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-06-10 14:05 - 2014-06-10 14:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-06-10 14:01 - 2014-06-10 14:01 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-06-10 14:01 - 2014-06-10 14:01 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-06-10 14:00 - 2014-06-06 15:49 - 00000000 ____D () C:\Windows\Minidump 2014-06-10 14:00 - 2014-05-11 00:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Mighty Quest For Epic Loot 2014-06-10 14:00 - 2014-05-09 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bound By Flame 2014-06-10 14:00 - 2014-05-07 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCANIA Truck Driving Simulator 2014-06-10 14:00 - 2014-05-01 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. - Lost Alpha 2014-06-10 14:00 - 2014-04-27 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scourge Outbreak 2014-06-10 14:00 - 2014-04-13 08:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goat Simulator Files to move or delete: ==================== C:\Users\Troll\AppData\Roaming\msconfig.ini Some content of TEMP: ==================== C:\Users\Troll\AppData\Local\Temp\39bdc7f46092eec62423dde906274444.dll C:\Users\Troll\AppData\Local\Temp\533f9c3243cf84b701cbb98d263b2d94.dll C:\Users\Troll\AppData\Local\Temp\6dd95f1fb766e029c4b5173ea7c1c72f.dll C:\Users\Troll\AppData\Local\Temp\7af9699753d5743fc1cc0fe7912cd129.dll C:\Users\Troll\AppData\Local\Temp\8904fdae8aa1390424e6e436ec7cb97c.dll C:\Users\Troll\AppData\Local\Temp\89cbf70a78665b3f9b4d5347b6c4d191.dll C:\Users\Troll\AppData\Local\Temp\a8cd72ad740f8ab25799491600df58e9.dll C:\Users\Troll\AppData\Local\Temp\ab1ffabe00773633d855d7bf453fd189.dll C:\Users\Troll\AppData\Local\Temp\avgnt.exe C:\Users\Troll\AppData\Local\Temp\d7b6c31f85df0f0a0f6fce9b678f654b.dll C:\Users\Troll\AppData\Local\Temp\dbefe19a0b79de6ff3ed4ae32d2c1b3d.dll C:\Users\Troll\AppData\Local\Temp\ec1b936681959798e2408502b6491cb3.dll C:\Users\Troll\AppData\Local\Temp\i4jdel0.exe C:\Users\Troll\AppData\Local\Temp\ubi15E2.tmp.exe C:\Users\Troll\AppData\Local\Temp\ubiA15E.tmp.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-30 01:23 ==================== End Of Log ============================