Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01 Ran by PC (administrator) on PC-PC on 01-05-2015 13:46:53 Running from C:\Users\PC\Desktop Loaded Profiles: PC (Available profiles: PC) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (France Telecom SA) C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe (MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Micro-Star International) C:\MSI\Smart Utilities\SuperRAIDSvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation) HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1014736 2014-07-22] (MSI) HKU\S-1-5-21-448808044-3182844176-1093121363-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-448808044-3182844176-1093121363-1000\...\Run: [Steam] => C:\Gry\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation) HKU\S-1-5-21-448808044-3182844176-1093121363-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-30] (Electronic Arts) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-448808044-3182844176-1093121363-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-448808044-3182844176-1093121363-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-448808044-3182844176-1093121363-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={D8996255-AFB2-4B5F-A72C-51E7FBB9E3BA}&mid=efac6e9480ca47cdb93d0119dfcad56d-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-12-28 18:44:13&v=4.0.5.7&pid=wtu&sg=&sap=hp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-23] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20] (Oracle Corporation) Toolbar: HKU\S-1-5-21-448808044-3182844176-1093121363-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62 FireFox: ======== FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\nnssvkye.default-1430169013544 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] () FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems) FF Plugin HKU\S-1-5-21-448808044-3182844176-1093121363-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS) FF Extension: Live HTTP headers - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\nnssvkye.default-1430169013544\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2015-04-29] FF Extension: Firebug - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\nnssvkye.default-1430169013544\Extensions\firebug@software.joehewitt.com.xpi [2015-04-29] Chrome: ======= CHR HomePage: Default -> hxxp://google.com/ CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Bookmark Manager) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-14] CHR Extension: (Drive Notepad) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpgjomejfimnbmobcocilppikhncegaj [2015-02-28] CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-23] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [967040 2015-04-13] () S3 celavimushost; C:\Gry\LigaCSGO\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124632 2015-04-19] (altPUG LLC) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-12-29] (EasyAntiCheat Ltd) R2 FTRTSVC; C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [90112 2009-10-14] (France Telecom SA) [File not signed] R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [23504 2014-12-25] (Micro-Star Int'l Co., Ltd.) S2 HiPatchService; C:\Gry\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] () S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation) S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-30] (Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2014-12-29] (Overwolf LTD) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-10-18] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor) R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [29648 2014-08-13] (Micro-Star International) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-08-07] (Intel(R) Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-23] (Disc Soft Ltd) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [489752 2014-07-28] (Intel Corporation) S3 GENERICDRV; C:\MSI\Smart Utilities\amifldrv64.sys [15984 2013-09-26] () S3 hidusbf; C:\Windows\System32\DRIVERS\hidusbf.sys [6784 2009-02-11] (SweetLow) [File not signed] R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-02-26] (Intel Corporation) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] () R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation) R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] () R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation) S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) S3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI) S3 RTCore64; C:\Gry\MSI Afterburner\RTCore64.sys [13368 2013-03-11] () S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation) S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation) S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation) S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation) S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation) S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation) S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [X] S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2072-04-17 20:38 - 2015-04-27 23:10 - 00000000 ____D () C:\Users\PC\Desktop\Stare dane programu Firefox 2072-03-03 09:25 - 2072-03-03 09:25 - 00000000 ____D () C:\ProgramData\Avg_Update_0215tb 2015-05-01 13:45 - 2015-05-01 13:47 - 00019510 _____ () C:\Users\PC\Desktop\FRST.txt 2015-05-01 13:45 - 2015-05-01 13:46 - 00041992 _____ () C:\Users\PC\Desktop\Addition.txt 2015-05-01 13:44 - 2015-05-01 13:46 - 00000000 ____D () C:\FRST 2015-05-01 13:44 - 2015-05-01 13:44 - 00602112 _____ (OldTimer Tools) C:\Users\PC\Desktop\OTL.exe 2015-05-01 13:43 - 2015-05-01 13:43 - 02101248 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe 2015-05-01 13:43 - 2015-05-01 13:43 - 00380416 _____ () C:\Users\PC\Desktop\0v2u8491.exe 2015-04-30 23:18 - 2015-04-30 23:18 - 00000000 ____D () C:\Users\PC\AppData\Local\ESN 2015-04-30 23:16 - 2015-04-30 23:16 - 01533584 _____ () C:\Users\PC\Downloads\battlelog-web-plugins_2.6.2_157.exe 2015-04-30 23:01 - 2015-04-30 23:07 - 00000000 ____D () C:\Users\PC\AppData\Local\Origin 2015-04-30 23:00 - 2015-04-30 23:00 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk 2015-04-30 23:00 - 2015-04-30 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-04-30 23:00 - 2015-04-30 23:00 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-04-29 20:38 - 2015-04-29 20:38 - 00003170 _____ () C:\Windows\System32\Tasks\{7C14D857-4D87-4609-B021-30619A71BD56} 2015-04-29 20:34 - 2009-02-11 12:25 - 00006784 _____ (SweetLow) C:\Windows\system32\Drivers\hidusbf.sys 2015-04-29 20:33 - 2015-04-29 20:34 - 00000000 ____D () C:\Users\PC\Downloads\eee 2015-04-29 13:10 - 2015-04-29 13:10 - 00002098 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2015-04-29 13:07 - 2015-04-29 13:07 - 00000000 ____D () C:\ProgramData\Avanquest 2015-04-29 13:07 - 2015-04-29 13:07 - 00000000 ____D () C:\Program Files (x86)\Avanquest update 2015-04-29 13:06 - 2015-04-29 13:06 - 00000000 ____D () C:\Users\PC\AppData\Local\Sony Ericsson 2015-04-29 13:06 - 2015-04-29 13:06 - 00000000 ____D () C:\ProgramData\BVRP Software 2015-04-29 13:04 - 2015-04-29 13:12 - 00408650 _____ () C:\Windows\DPINST.LOG 2015-04-29 13:04 - 2015-04-29 13:04 - 00000000 ____D () C:\ProgramData\Sony Ericsson 2015-04-29 13:04 - 2008-05-16 11:33 - 00158760 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016mdm.sys 2015-04-29 13:04 - 2008-05-16 11:33 - 00151592 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016unic.sys 2015-04-29 13:04 - 2008-05-16 11:33 - 00137256 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016mgmt.sys 2015-04-29 13:04 - 2008-05-16 11:33 - 00136744 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016obex.sys 2015-04-29 13:04 - 2008-05-16 11:33 - 00034344 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016nd5.sys 2015-04-29 13:04 - 2008-05-16 11:33 - 00019496 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016mdfl.sys 2015-04-29 13:04 - 2008-05-16 11:33 - 00015912 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016whnt.sys 2015-04-29 13:04 - 2008-05-16 11:33 - 00015912 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016wh.sys 2015-04-29 13:04 - 2008-05-16 11:33 - 00013864 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016cr.sys 2015-04-29 13:04 - 2008-05-16 11:32 - 00115240 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016bus.sys 2015-04-29 13:04 - 2008-05-16 11:32 - 00014888 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016cmnt.sys 2015-04-29 13:04 - 2008-05-16 11:32 - 00014888 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016cm.sys 2015-04-29 13:03 - 2015-04-29 13:03 - 19169808 _____ (Sony Ericsson ) C:\Users\PC\Downloads\Sony_Ericsson_PC_Suite6.011.00_www.INSTALKI.pl.exe 2015-04-29 13:03 - 2015-04-29 13:03 - 00743120 _____ (Application ) C:\Users\PC\Downloads\pobierz_Sony_ericsson_pc_suite_V6.011.00(2).exe 2015-04-29 13:03 - 2015-04-29 13:03 - 00743120 _____ (Application ) C:\Users\PC\Downloads\pobierz_Sony_ericsson_pc_suite_V6.011.00(1).exe 2015-04-29 13:02 - 2015-04-29 13:02 - 00000000 _____ () C:\Users\PC\Downloads\pobierz_Sony_ericsson_pc_suite_V6.011.00.exe 2015-04-29 03:36 - 2015-04-29 03:36 - 00092637 _____ () C:\Users\PC\Downloads\1.6.3.8.zip 2015-04-29 01:02 - 2015-04-29 01:07 - 00000000 ____D () C:\Users\PC\AppData\Roaming\PacificPoker 2015-04-29 01:02 - 2015-04-29 01:07 - 00000000 ____D () C:\Program Files (x86)\PacificPoker 2015-04-28 13:50 - 2015-04-28 14:08 - 465624343 _____ () C:\Users\PC\Downloads\Ochotnicy - Ukraina Prawy Sektor na Wojnie - Dokument 720p (Video Only)2.mp4 2015-04-28 13:50 - 2015-04-28 13:51 - 580845537 _____ () C:\Users\PC\Downloads\Ochotnicy - Ukraina Prawy Sektor na Wojnie - Dokument.mp4 2015-04-26 10:24 - 2015-05-01 13:24 - 00004638 _____ () C:\Windows\PFRO.log 2015-04-25 21:34 - 2015-04-25 21:48 - 00000000 ____D () C:\Users\PC\Downloads\New folder 2015-04-25 00:31 - 2015-04-25 00:31 - 00000995 _____ () C:\Users\Public\Desktop\AVG 2015.lnk 2015-04-24 01:25 - 2015-04-24 01:25 - 00000918 _____ () C:\Users\PC\Desktop\BoL Studio - Shortcut.lnk 2015-04-23 23:35 - 2015-04-23 23:36 - 00000000 ____D () C:\Users\PC\Documents\RoboEmpire_WIN64_v650 2015-04-23 02:20 - 2015-04-30 09:09 - 00000000 ____D () C:\AutoEmpire 2015-04-23 02:20 - 2015-04-23 02:20 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2015-04-23 02:20 - 2015-04-23 02:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2015-04-23 02:20 - 2015-04-23 02:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2015-04-23 02:20 - 2015-04-23 02:20 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2015-04-23 02:20 - 2015-04-23 02:20 - 00000000 ____D () C:\Users\PC\.swt 2015-04-23 02:20 - 2015-04-23 02:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoEmpire 2015-04-23 02:20 - 2015-04-23 02:20 - 00000000 ____D () C:\Program Files\Java 2015-04-23 00:45 - 2015-04-24 01:20 - 00000000 ____D () C:\Users\PC\Desktop\eeeeeeeeeeeeeeeeeee 2015-04-23 00:14 - 2015-04-23 00:14 - 00658944 _____ (Microsoft) C:\Users\PC\Downloads\NNEmailSpammer[Public](1).exe 2015-04-23 00:02 - 2015-05-01 13:38 - 00011704 _____ () C:\Windows\setupact.log 2015-04-23 00:02 - 2015-04-23 00:02 - 00000000 _____ () C:\Windows\setuperr.log 2015-04-22 23:33 - 2015-04-22 23:35 - 00000000 ____D () C:\Users\PC\Documents\Email Sender Deluxe 2015-04-22 23:33 - 2015-04-22 23:33 - 00001139 _____ () C:\Users\PC\Desktop\Email Sender Deluxe.lnk 2015-04-22 23:33 - 2015-04-22 23:33 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Email Sender Deluxe 2015-04-22 23:33 - 2015-04-22 23:33 - 00000000 ____D () C:\Program Files (x86)\Email Sender Deluxe 2015-04-22 22:58 - 2015-04-22 22:58 - 00658944 _____ (Microsoft) C:\Users\PC\Desktop\NNEmailSpammer[Public].exe 2015-04-22 22:38 - 2015-04-22 22:39 - 00000000 ____D () C:\Users\PC\AppData\Roaming\UBot Studio 2015-04-22 22:34 - 2015-04-22 22:34 - 00001142 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk 2015-04-22 22:34 - 2015-04-22 22:34 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2015-04-22 22:34 - 2015-04-22 22:34 - 00000000 ____D () C:\Users\PC\AppData\Roaming\OpenOffice 2015-04-22 22:33 - 2015-04-22 22:33 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2015-04-22 22:32 - 2015-04-22 22:32 - 00000000 ____D () C:\Users\PC\Desktop\OpenOffice 4.1.1 (pl) Installation Files 2015-04-22 22:11 - 2015-04-22 22:15 - 00000000 ____D () C:\Users\PC\AppData\Roaming\GHISLER 2015-04-22 22:11 - 2015-04-22 22:14 - 00000000 ____D () C:\totalcmd 2015-04-22 22:11 - 2015-04-22 22:11 - 00000646 _____ () C:\Users\PC\Desktop\Total Commander 64 bit.lnk 2015-04-22 22:11 - 2015-04-22 22:11 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander 2015-04-22 19:55 - 2015-04-22 19:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-04-22 06:04 - 2014-10-25 03:50 - 00001496 _____ () C:\Users\PC\Documents\Smite.lnk 2015-04-20 04:02 - 2015-04-20 04:02 - 00000204 _____ () C:\Users\PC\Desktop\Garry's Mod.url 2015-04-16 16:59 - 2015-04-30 02:25 - 00001089 _____ () C:\Users\PC\Desktop\New Text Document.txt 2015-04-16 04:47 - 2015-04-16 04:47 - 00001085 _____ () C:\Users\PC\Desktop\Cheat Engine.lnk 2015-04-16 04:47 - 2015-04-16 04:47 - 00000000 ____D () C:\Users\PC\Documents\My Cheat Tables 2015-04-16 04:47 - 2015-04-16 04:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4 2015-04-16 04:47 - 2015-04-16 04:47 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4 2015-04-16 01:51 - 2015-04-16 01:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAMS 2015-04-16 00:48 - 2015-04-16 00:48 - 00001752 _____ () C:\Users\PC\Desktop\ISCTLog.zip 2015-04-16 00:48 - 2015-04-16 00:48 - 00000000 ____D () C:\Users\PC\AppData\Local\Intel_Corporation 2015-04-16 00:41 - 2015-04-16 00:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf 2015-04-16 00:41 - 2014-05-27 11:21 - 00025800 _____ () C:\Windows\system32\Drivers\INETMON.sys 2015-04-16 00:37 - 2015-04-16 00:37 - 00001991 _____ () C:\Users\Public\Desktop\MSI Super Charger.lnk 2015-04-16 00:37 - 2015-04-16 00:37 - 00001612 _____ () C:\Users\Public\Desktop\MSI Smart Utilities.lnk 2015-04-16 00:37 - 2015-04-16 00:37 - 00000000 ___HD () C:\SuperChargerProfile 2015-04-15 23:05 - 2015-04-15 23:05 - 00000000 ____D () C:\Users\PC\AppData\Local\Macromedia 2015-04-15 23:04 - 2015-05-01 06:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-15 23:04 - 2015-04-15 23:04 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-04-15 21:25 - 2015-04-25 22:59 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Notepad++ 2015-04-15 21:25 - 2015-04-15 21:25 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-04-15 21:25 - 2015-04-15 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-04-15 21:25 - 2015-04-15 21:25 - 00000000 ____D () C:\Program Files (x86)\Notepad++ 2015-04-15 13:06 - 2015-04-15 13:06 - 00256992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys 2015-04-14 22:47 - 2015-04-14 22:47 - 00000000 ____D () C:\Users\PC\AppData\Local\openvr 2015-04-14 21:58 - 2015-04-14 21:58 - 00021530 _____ () C:\ComboFix.txt 2015-04-14 21:44 - 2015-04-14 21:44 - 00001520 _____ () C:\Users\PC\Desktop\SciTE - Shortcut.lnk 2015-04-14 21:43 - 2015-04-14 21:43 - 00001095 _____ () C:\Users\PC\Desktop\AutoIt3 - Shortcut.lnk 2015-04-14 21:36 - 2015-04-14 21:36 - 00000476 _____ () C:\Users\PC\Desktop\Local Disk (C) - Shortcut.lnk 2015-04-14 21:33 - 2015-04-14 21:48 - 00000000 ____D () C:\Users\PC\Desktop\SMIECI 2015-04-14 21:33 - 2015-04-14 21:36 - 00000000 ____D () C:\Users\PC\Desktop\RZADKO UZYWANE PROGRAMY 2015-04-14 21:14 - 2015-04-29 10:39 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-04-14 21:14 - 2015-04-14 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-04-14 20:20 - 2015-04-14 21:13 - 00000000 ____D () C:\Users\PC\AppData\Roaming\AtomPark 2015-04-14 20:09 - 2015-04-14 20:09 - 00000000 ____D () C:\Users\PC\Downloads\Atomic.Email.Hunter.v4.60.WinALL.Cracked-CzW 2015-04-13 23:14 - 2015-04-13 23:14 - 14714345 _____ () C:\Users\PC\Downloads\Warblade 1.2y6.rar 2015-04-13 18:58 - 2015-04-20 12:04 - 00000000 ____D () C:\Windows\SysWOW64\LiveUpdate 2015-04-13 10:47 - 2015-04-13 10:47 - 00000206 _____ () C:\Users\PC\Desktop\GRID Autosport.url 2015-04-09 14:11 - 2015-04-09 14:11 - 00284128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys 2015-04-07 12:39 - 2015-04-07 12:39 - 00291296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys 2015-04-03 09:34 - 2015-04-03 09:34 - 00137184 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2072-02-24 02:48 - 2014-10-23 20:13 - 00000000 ____D () C:\Users\PC\AppData\Roaming\DAEMON Tools Lite 2015-05-01 13:42 - 2009-07-14 07:13 - 00885596 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-01 13:39 - 2014-10-17 00:05 - 01227075 _____ () C:\Windows\WindowsUpdate.log 2015-05-01 13:38 - 2014-10-17 00:25 - 00006462 _____ () C:\Windows\SysWOW64\Gms.log 2015-05-01 13:38 - 2014-10-17 00:09 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-01 13:37 - 2014-10-17 00:09 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-01 13:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-01 13:36 - 2014-12-10 17:00 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Skype 2015-05-01 13:36 - 2009-07-14 07:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-05-01 13:35 - 2014-10-17 01:54 - 00000000 ____D () C:\ProgramData\Origin 2015-05-01 13:30 - 2014-12-28 19:34 - 00000000 ____D () C:\ProgramData\MFAData 2015-05-01 13:24 - 2014-10-18 08:31 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2015-04-30 23:41 - 2014-10-18 08:32 - 00348672 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2015-04-30 23:41 - 2014-10-17 03:30 - 00348672 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2015-04-30 23:37 - 2014-10-17 03:30 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2015-04-30 09:09 - 2014-10-21 09:16 - 00000000 ____D () C:\Users\PC\AppData\Roaming\tixati 2015-04-30 03:57 - 2014-10-21 09:20 - 00000000 ____D () C:\Users\PC\AppData\Roaming\vlc 2015-04-29 20:38 - 2009-07-14 06:45 - 00033632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-29 20:38 - 2009-07-14 06:45 - 00033632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-29 13:10 - 2014-12-06 21:31 - 00000000 ____D () C:\ProgramData\Sony 2015-04-29 13:10 - 2014-12-06 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2015-04-29 13:10 - 2014-12-06 21:31 - 00000000 ____D () C:\Program Files (x86)\Sony 2015-04-29 13:10 - 2014-10-17 00:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-04-29 11:56 - 2014-10-20 11:42 - 00000000 ____D () C:\Users\PC\AppData\Roaming\OBS 2015-04-29 08:56 - 2015-02-02 00:58 - 00000000 ____D () C:\Program Files (x86)\AutoIt3 2015-04-29 01:07 - 2014-10-26 19:48 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-04-29 01:06 - 2014-10-26 19:48 - 00000000 ____D () C:\Users\PC\Documents\888poker 2015-04-29 00:58 - 2015-01-05 21:21 - 00000000 ____D () C:\Program Files (x86)\William Hill Poker 2015-04-27 10:27 - 2014-10-21 09:20 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-04-26 03:25 - 2014-10-17 03:22 - 00000000 ____D () C:\Users\PC\AppData\Roaming\TS3Client 2015-04-25 00:31 - 2015-01-27 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-04-25 00:31 - 2015-01-27 22:27 - 00000000 ___HD () C:\$AVG 2015-04-24 01:48 - 2015-02-26 00:16 - 00000000 ____D () C:\Users\PC\AppData\Roaming\BoL 2015-04-24 01:25 - 2015-02-26 00:05 - 00000000 ____D () C:\Users\PC\Downloads\Bot of Legends 2015-04-23 18:29 - 2015-02-25 01:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-04-23 02:20 - 2014-10-17 00:06 - 00000000 ____D () C:\Users\PC 2015-04-23 00:02 - 2009-07-14 06:45 - 04981560 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-04-23 00:01 - 2014-10-25 04:07 - 00000000 ____D () C:\AdwCleaner 2015-04-22 23:24 - 2014-10-17 00:20 - 00065232 _____ () C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT 2015-04-21 22:33 - 2014-10-20 08:01 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2015-04-20 18:57 - 2014-11-01 11:32 - 00000000 ____D () C:\MSI 2015-04-20 18:57 - 2014-10-17 00:36 - 00000000 ____D () C:\Program Files (x86)\MSI 2015-04-20 04:02 - 2014-10-17 00:47 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-04-20 02:11 - 2015-02-20 14:53 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2015-04-16 00:40 - 2014-10-17 00:20 - 00000000 ____D () C:\ProgramData\Intel 2015-04-16 00:39 - 2014-10-17 01:33 - 00002737 _____ () C:\RHDSetup.log 2015-04-16 00:37 - 2014-10-17 01:34 - 00001077 _____ () C:\Users\Public\Desktop\MSI Gaming APP.lnk 2015-04-16 00:37 - 2014-10-17 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2015-04-16 00:37 - 2014-10-17 00:18 - 00000000 ___HD () C:\Program Files (x86)\Temp 2015-04-16 00:36 - 2014-10-17 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-04-16 00:36 - 2014-10-17 00:19 - 00000000 ____D () C:\Program Files\Intel 2015-04-15 23:06 - 2014-11-07 12:22 - 00000000 ____D () C:\Users\PC\AppData\Local\Adobe 2015-04-15 23:04 - 2014-11-14 17:04 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-04-15 23:04 - 2014-10-25 04:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-04-14 22:13 - 2015-02-02 01:00 - 00000000 ____D () C:\Users\PC\AppData\Local\AutoIt v3 2015-04-14 21:58 - 2015-02-14 01:54 - 00000000 ____D () C:\Qoobox 2015-04-14 21:57 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2015-04-14 21:49 - 2015-02-14 11:04 - 05618457 ____R (Swearware) C:\Users\PC\Desktop\ComboFix.exe 2015-04-14 21:37 - 2015-01-29 16:34 - 00001312 _____ () C:\Users\PC\Desktop\Local Disk (D) - Shortcut.lnk 2015-04-14 21:13 - 2014-10-17 00:09 - 00000000 ____D () C:\Program Files (x86)\Google 2015-04-14 21:12 - 2014-10-17 01:58 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2015-04-14 21:12 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-04-14 06:29 - 2014-11-12 05:24 - 00000000 ____D () C:\Users\PC\AppData\Local\Popcorn-Time 2015-04-13 16:54 - 2015-01-02 12:42 - 00000000 ____D () C:\Users\PC\AppData\Local\ArmA 2 OA 2015-04-13 13:38 - 2014-10-17 02:04 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Natural Selection 2 2015-04-13 13:27 - 2014-10-17 03:23 - 00000000 ____D () C:\Program Files\OBS 2015-04-13 10:22 - 2014-10-17 01:40 - 00002042 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2015-04-13 10:22 - 2014-10-17 01:40 - 00002040 _____ () C:\Users\Public\Desktop\Google Sheets.lnk 2015-04-13 10:22 - 2014-10-17 01:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-04-12 22:28 - 2014-03-29 01:36 - 00000000 ____D () C:\Users\PC\AppData\Local\Arma 3 2015-04-12 00:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF ==================== Files in the root of some directories ======= 2015-01-30 03:18 - 2015-01-30 03:28 - 0000132 _____ () C:\Users\PC\AppData\Roaming\Adobe GIF Format CS6 Prefs 2015-01-28 22:22 - 2015-02-09 17:40 - 0000132 _____ () C:\Users\PC\AppData\Roaming\Adobe PNG Format CS6 Prefs 2015-03-01 01:34 - 2015-03-01 01:34 - 0056554 _____ () C:\Users\PC\AppData\Roaming\icarus-dxdiag.xml 2014-10-21 06:39 - 2014-10-21 07:23 - 0000097 _____ () C:\Users\PC\AppData\Roaming\LauncherSettings_live.cfg 2014-10-21 06:32 - 2014-10-21 06:47 - 0000040 _____ () C:\Users\PC\AppData\Roaming\TheHunterSettings_steam_live.cfg 2015-02-18 01:13 - 2015-02-18 01:13 - 0000000 ___SH () C:\Users\PC\AppData\Local\LumaEmu 2015-03-21 04:10 - 2015-03-21 04:10 - 0007627 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg Some content of TEMP: ==================== C:\Users\PC\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe C:\Users\PC\AppData\Local\Temp\HiRezLauncherControls.dll C:\Users\PC\AppData\Local\Temp\Quarantine.exe C:\Users\PC\AppData\Local\Temp\sqlite3.dll C:\Users\PC\AppData\Local\Temp\vlc-2.2.1-win32.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-25 00:24 ==================== End Of Log ============================