Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014 Ran by admin (administrator) on THEKASARR-KOMPU on 04-01-2014 18:08:37 Running from E:\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (Avid Technology, Inc..) C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe (Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\alg.exe () C:\Program Files (x86)\screenSHU\screenSHU.exe (Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe () D:\Program Files (x86)\RocketDock\RocketDock.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () E:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () E:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.196\deploy\LoLLauncher.exe () E:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.64\deploy\LolClient.exe (Google Inc.) C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (Google Inc.) C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe (TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (ArtistScope Pty Ltd) C:\Program Files\Common Files\ArtistScope\CSHelper64.exe (Google Inc.) C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2489456 2010-12-17] (VIA) HKLM-x32\...\Run: [DigidesignMMERefresh] - C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [77824 2010-06-24] (Avid Technology, Inc..) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-04] (AVAST Software) Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) HKCU\...\Run: [screenSHU] - C:\Program Files (x86)\screenSHU\screenSHU.exe [2121216 2012-04-03] () HKCU\...\Run: [CursorFX] - C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [417280 2010-03-23] (Stardock Corporation) HKCU\...\Run: [RocketDock] - D:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () MountPoints2: I - I:\LaunchU3.exe -a MountPoints2: {68b6e743-15c8-11e1-ad5b-14dae9b58d88} - G:\Setup.exe MountPoints2: {f69d0b6e-4e7a-11e2-9b13-a35126a83cbd} - I:\Startme.exe IFEO\ccleaner64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" IFEO\pccompanion.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" IFEO\protoolsse.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" IFEO\real desktop.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" IFEO\setpoint.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" IFEO\uninstall pro tools.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" IFEO\wwp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" ==================== Internet (Whitelisted) ==================== SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://search.yahoo.com/search?fr=chr-panda&q={searchTerms}&ei=UTF-8&type=PCAFSI1219 BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No File BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - No Name - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No File Toolbar: HKLM-x32 - QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\y2uu2708.default FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\y2uu2708.default\user.js FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll () FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File FF Plugin-x32: @artistscope.com/ArtistScope Plugin - C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope.dll (ArtistScope Pty Ltd) FF Plugin-x32: @artistscope.com/ArtistScope Plugin 5 - C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope5.dll (ArtistScope Pty Ltd) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\admin\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @artistscope.com/ArtistScope Plugin - C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope.dll (ArtistScope Pty Ltd) FF Plugin HKCU: @artistscope.com/ArtistScope Plugin 5 - C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope5.dll (ArtistScope Pty Ltd) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\admin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\admin\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\admin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml FF Extension: DownloadHelper - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\y2uu2708.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: Test Pilot - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\y2uu2708.default\Extensions\testpilot@labs.mozilla.com.xpi FF Extension: ArcaBit Ext. - C:\Program Files (x86)\Mozilla Firefox\extensions\arcabit@www.arcabit.pl FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Aurora\firefox.exe Chrome: ======= CHR HomePage: CHR Plugin: (Shockwave Flash) - C:\Users\admin\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\admin\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\admin\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll () CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) CHR Plugin: (ArtistScope Plugin) - C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope.dll (ArtistScope Pty Ltd) CHR Plugin: (ArtistScope Plugin 5) - C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope5.dll (ArtistScope Pty Ltd) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) CHR Plugin: (Unity Player) - C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Google Update) - C:\Users\admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Google Talk Plugin) - C:\Users\admin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\admin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\admin\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) CHR Plugin: (Raidcall plugin) - C:\Users\admin\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll () CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) CHR Extension: (BetterTTV) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped\6.6_0 CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1 CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1 CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1 CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1 CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0 CHR Extension: (avast! Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0 CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2 CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx CHR StartMenuInternet: Google Chrome - C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-10-25] (Advanced Micro Devices, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-04] (AVAST Software) R2 CSHelper; C:\Program Files\Common Files\ArtistScope\CSHelper64.exe [359568 2013-04-20] (ArtistScope Pty Ltd) R2 DigiRefresh; C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [77824 2010-06-24] (Avid Technology, Inc..) R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.) S2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [72640 2012-06-07] () S2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2013-10-25] (Hi-Rez Studios) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [12600 2012-03-26] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [291696 2012-03-26] (Microsoft Corporation) S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.) S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-22] () R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4263936 2013-11-21] (A-Volute) R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-12-11] (Razer, Inc.) R2 TeamViewer9; D:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [5316448 2013-12-04] (TeamViewer GmbH) S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [743320 2012-09-25] (Tunngle.net GmbH) S2 NanoServiceMain; "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe" [x] ==================== Drivers (Whitelisted) ==================== S3 Abyssus; C:\Windows\System32\drivers\Abyssus.sys [10880 2009-10-30] (Razer (Asia-Pacific) Pte Ltd) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-04] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-04] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-04] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-04] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-04] (AVAST Software) S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-04] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-04] () R1 cdrblock; C:\Windows\System32\DRIVERS\cdrblock.sys [34360 2008-05-30] (Canopus Co,. Ltd.) R1 CSDriver; C:\Program Files\Common Files\ArtistScope\CSDriver64.sys [58776 2013-04-20] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-23] (DT Soft Ltd) R3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [57688 2011-07-07] (Focusrite Audio Engineering Limited.) S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [31744 2007-05-10] (http://libusb-win32.sourceforge.net) R3 MAUSBPRODUCER; C:\Windows\System32\DRIVERS\MAudioProducer.sys [187912 2009-09-02] (Avid Technology, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [203888 2012-03-20] (Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [98688 2012-03-20] (Microsoft Corporation) R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.) R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [116776 2012-06-27] (Panda Security, S.L.) R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [113192 2012-06-27] (Panda Security, S.L.) R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [33320 2012-06-27] (Panda Security, S.L.) R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [93224 2012-06-27] (Panda Security, S.L.) S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.) R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [116776 2012-06-27] (Panda Security, S.L.) R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [304680 2012-06-27] (Panda Security, S.L.) R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.) R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [112680 2012-06-27] (Panda Security, S.L.) R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [219688 2012-07-12] (Panda Security, S.L.) R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [105000 2012-06-27] (Panda Security, S.L.) R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [167464 2012-07-13] (Panda Security, S.L.) R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [119336 2012-07-13] (Panda Security, S.L.) R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [205352 2012-07-13] (Panda Security, S.L.) R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [123944 2012-07-13] (Panda Security, S.L.) R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [130088 2012-07-13] (Panda Security, S.L.) R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-10-25] (Razer, Inc.) R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-10-25] (Razer, Inc.) R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [40696 2013-11-21] (Windows (R) Win 7 DDK provider) S3 rzp1endpt; C:\Windows\System32\DRIVERS\rzp1endpt.sys [39096 2013-07-10] (Razer Inc) S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [166400 2011-10-11] (Razer USA Ltd) S3 rzvmouse; C:\Windows\System32\DRIVERS\rzvmouse.sys [30904 2013-07-10] (Razer Inc) S1 sonypvf2; C:\Windows\SysWow64\Drivers\sonypvf2.sys [635012 2003-08-20] (Sony Corporation) S0 sonypvl2; C:\Windows\SysWow64\Drivers\sonypvl2.sys [19478 2003-07-25] (Sony Corporation) S1 sonypvt2; C:\Windows\SysWow64\Drivers\sonypvt2.sys [431236 2003-08-20] (Sony Corporation) S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-11-13] (OpenLibSys.org) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [x] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 xhunter1; \??\C:\Windows\xhunter1.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-04 18:08 - 2014-01-04 18:08 - 00000000 ____D C:\FRST 2014-01-04 17:17 - 2014-01-04 17:17 - 00001972 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-01-04 17:16 - 2014-01-04 17:17 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-01-04 17:16 - 2014-01-04 17:16 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388852221 2014-01-03 10:42 - 2014-01-04 17:09 - 00000168 _____ C:\Windows\setupact.log 2014-01-03 10:42 - 2014-01-03 10:42 - 00000000 _____ C:\Windows\setuperr.log 2014-01-02 13:25 - 2014-01-02 13:26 - 00792500 _____ C:\Users\admin\Documents\cc_20140102_132534.reg 2014-01-01 16:41 - 2014-01-01 16:41 - 05108308 _____ C:\Users\admin\Desktop\ProoStoo.rar 2014-01-01 15:17 - 2014-01-01 15:17 - 00000000 ____D C:\Users\admin\Documents\MK-LOL 2014-01-01 15:12 - 2014-01-01 15:12 - 00000054 _____ C:\Windows\JQHApp.dat 2014-01-01 14:30 - 2014-01-01 14:30 - 00001017 _____ C:\Users\admin\Desktop\MK LOL.lnk 2014-01-01 14:30 - 2014-01-01 14:30 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo 2014-01-01 14:30 - 2014-01-01 14:30 - 00000000 ____D C:\Program Files (x86)\MKJogo 2014-01-01 01:27 - 2014-01-01 01:27 - 00001043 _____ C:\Users\Public\Desktop\Scribblenauts Unlimited.lnk 2013-12-31 20:02 - 2013-12-31 20:02 - 00000993 _____ C:\Users\Public\Desktop\Worms Forts - Oblężenie.lnk 2013-12-31 13:51 - 2013-12-31 13:51 - 41634453 _____ C:\Users\admin\Desktop\League Of Legends Monopoly.rar 2013-12-31 02:38 - 2013-12-31 02:38 - 00001091 _____ C:\Users\admin\Desktop\Cheat Engine.lnk 2013-12-31 02:38 - 2013-12-31 02:38 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3 2013-12-31 02:28 - 2013-12-31 02:28 - 16844658 _____ C:\Users\admin\Desktop\pa.psd 2013-12-30 21:43 - 2013-12-31 14:51 - 00000000 ____D C:\Users\admin\Desktop\League Of Legends Monopoly 2013-12-29 16:09 - 2013-12-29 16:09 - 00000957 _____ C:\Users\Public\Desktop\ipla.lnk 2013-12-21 00:33 - 2013-12-21 00:33 - 00000000 ____D C:\ProgramData\InstallShield 2013-12-21 00:28 - 2006-05-16 10:58 - 00073728 _____ (Macrovision Corporation) C:\Windows\SysWOW64\ISUSPM.cpl 2013-12-20 08:03 - 2013-12-20 08:03 - 00000000 ____D C:\ProgramData\RzMaelstromVAD_1.1.49.1641 2013-12-19 20:33 - 2012-10-24 09:16 - 04702568 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des 2013-12-19 20:32 - 2013-12-19 20:32 - 00000000 ____D C:\Program Files\Common Files\INCA Shared 2013-12-19 20:32 - 2005-01-02 22:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys 2013-12-19 20:32 - 2003-07-19 07:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd 2013-12-19 18:36 - 2014-01-01 00:47 - 00001462 _____ C:\Users\Public\Desktop\Lineage II.lnk 2013-12-19 18:36 - 2013-12-19 18:36 - 00000000 ____D C:\Program Files (x86)\NCWest 2013-12-17 00:07 - 2013-12-17 00:07 - 00030323 _____ C:\Users\admin\Desktop\Tytoń.odt 2013-12-16 01:17 - 2013-12-16 01:17 - 00000097 _____ C:\Users\admin\Desktop\nr4gracze.txt 2013-12-11 19:03 - 2014-01-03 20:05 - 00000000 ____D C:\Users\admin\AppData\Roaming\TeamViewer 2013-12-11 19:01 - 2013-12-11 19:01 - 00000849 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk 2013-12-10 16:14 - 2013-12-13 20:54 - 00000000 ____D C:\Users\admin\Desktop\Koszulki 2013-12-09 22:46 - 2013-12-09 22:46 - 00001574 _____ C:\Users\admin\Desktop\n4e ms.txt 2013-12-06 16:19 - 2013-12-06 16:21 - 00205370 _____ C:\Users\admin\Desktop\hud nr 1.psd 2013-12-06 16:00 - 2013-12-06 16:00 - 01305284 _____ C:\Users\admin\Desktop\S7Reflex.wal 2013-12-06 15:59 - 2013-12-06 15:57 - 01248342 _____ C:\Users\admin\Desktop\Airtel__Song_Catcher.wal ==================== One Month Modified Files and Folders ======= 2014-01-04 18:08 - 2014-01-04 18:08 - 00000000 ____D C:\FRST 2014-01-04 18:01 - 2011-10-21 20:21 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client 2014-01-04 17:20 - 2012-09-19 08:40 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-04 17:19 - 2012-11-29 15:23 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986106514-635370200-118129050-1000UA.job 2014-01-04 17:19 - 2012-11-29 15:23 - 00001006 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986106514-635370200-118129050-1000Core.job 2014-01-04 17:18 - 2009-07-14 05:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-04 17:18 - 2009-07-14 05:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-04 17:17 - 2014-01-04 17:17 - 00001972 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-01-04 17:17 - 2014-01-04 17:16 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-01-04 17:16 - 2014-01-04 17:16 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388852221 2014-01-04 17:16 - 2013-11-04 23:54 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-01-04 17:16 - 2013-11-04 23:54 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-01-04 17:16 - 2013-11-04 23:54 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-01-04 17:16 - 2013-11-04 23:54 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys 2014-01-04 17:16 - 2013-11-04 23:54 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-01-04 17:16 - 2013-11-04 23:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-01-04 17:16 - 2013-11-04 23:54 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2014-01-04 17:14 - 2011-10-06 20:32 - 01210472 _____ C:\Windows\WindowsUpdate.log 2014-01-04 17:10 - 2013-06-09 18:13 - 00000000 ____D C:\Users\admin\AppData\Local\screenSHU 2014-01-04 17:10 - 2012-09-19 08:40 - 00001042 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-04 17:09 - 2014-01-03 10:42 - 00000168 _____ C:\Windows\setupact.log 2014-01-04 17:09 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-03 22:28 - 2011-10-08 16:47 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype 2014-01-03 20:05 - 2013-12-11 19:03 - 00000000 ____D C:\Users\admin\AppData\Roaming\TeamViewer 2014-01-03 19:59 - 2013-08-17 18:08 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps 2014-01-03 10:42 - 2014-01-03 10:42 - 00000000 _____ C:\Windows\setuperr.log 2014-01-02 22:13 - 2011-11-19 12:45 - 00000000 ____D C:\Program Files (x86)\Steam 2014-01-02 13:38 - 2013-10-02 16:59 - 00000000 ____D C:\Users\admin\AppData\Roaming\FileZilla 2014-01-02 13:38 - 2012-10-13 14:05 - 00000000 ____D C:\Users\admin\AppData\Roaming\BitTorrent 2014-01-02 13:38 - 2012-01-31 11:32 - 00000000 ____D C:\Users\admin\AppData\Roaming\Winamp 2014-01-02 13:38 - 2011-10-19 16:04 - 00000000 ____D C:\Users\admin\AppData\Roaming\DAEMON Tools Lite 2014-01-02 13:38 - 2011-10-08 10:59 - 00000000 ____D C:\Users\admin\AppData\Roaming\uTorrent 2014-01-02 13:37 - 2011-10-16 18:34 - 00000000 ____D C:\Windows\Minidump 2014-01-02 13:37 - 2011-10-06 21:26 - 00000000 ____D C:\Windows\Panther 2014-01-02 13:26 - 2014-01-02 13:25 - 00792500 _____ C:\Users\admin\Documents\cc_20140102_132534.reg 2014-01-01 16:41 - 2014-01-01 16:41 - 05108308 _____ C:\Users\admin\Desktop\ProoStoo.rar 2014-01-01 15:17 - 2014-01-01 15:17 - 00000000 ____D C:\Users\admin\Documents\MK-LOL 2014-01-01 15:12 - 2014-01-01 15:12 - 00000054 _____ C:\Windows\JQHApp.dat 2014-01-01 14:30 - 2014-01-01 14:30 - 00001017 _____ C:\Users\admin\Desktop\MK LOL.lnk 2014-01-01 14:30 - 2014-01-01 14:30 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo 2014-01-01 14:30 - 2014-01-01 14:30 - 00000000 ____D C:\Program Files (x86)\MKJogo 2014-01-01 01:27 - 2014-01-01 01:27 - 00001043 _____ C:\Users\Public\Desktop\Scribblenauts Unlimited.lnk 2014-01-01 00:47 - 2013-12-19 18:36 - 00001462 _____ C:\Users\Public\Desktop\Lineage II.lnk 2014-01-01 00:44 - 2013-10-02 16:49 - 00000600 _____ C:\Users\admin\AppData\Local\PUTTY.RND 2013-12-31 20:02 - 2013-12-31 20:02 - 00000993 _____ C:\Users\Public\Desktop\Worms Forts - Oblężenie.lnk 2013-12-31 19:59 - 2011-10-06 20:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-12-31 14:51 - 2013-12-30 21:43 - 00000000 ____D C:\Users\admin\Desktop\League Of Legends Monopoly 2013-12-31 13:51 - 2013-12-31 13:51 - 41634453 _____ C:\Users\admin\Desktop\League Of Legends Monopoly.rar 2013-12-31 12:59 - 2011-10-20 13:25 - 00000132 _____ C:\Users\admin\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG 2013-12-31 02:38 - 2013-12-31 02:38 - 00001091 _____ C:\Users\admin\Desktop\Cheat Engine.lnk 2013-12-31 02:38 - 2013-12-31 02:38 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3 2013-12-31 02:28 - 2013-12-31 02:28 - 16844658 _____ C:\Users\admin\Desktop\pa.psd 2013-12-29 16:09 - 2013-12-29 16:09 - 00000957 _____ C:\Users\Public\Desktop\ipla.lnk 2013-12-29 16:09 - 2012-05-01 13:42 - 00000000 ____D C:\Users\admin\AppData\Roaming\ipla 2013-12-29 16:09 - 2012-05-01 13:42 - 00000000 ____D C:\ProgramData\RDRM 2013-12-29 16:09 - 2012-05-01 13:42 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2013-12-29 16:09 - 2012-05-01 13:41 - 00000000 ____D C:\Program Files (x86)\ipla 2013-12-27 23:28 - 2013-07-11 15:33 - 00000000 __SHD C:\Users\admin\wc 2013-12-21 00:35 - 2012-11-22 22:32 - 00000000 ____D C:\Users\admin\AppData\Roaming\THQ 2013-12-21 00:35 - 2011-10-27 17:01 - 00000000 ____D C:\Users\admin\Documents\My Games 2013-12-21 00:33 - 2013-12-21 00:33 - 00000000 ____D C:\ProgramData\InstallShield 2013-12-20 16:22 - 2011-10-06 20:32 - 00000000 ___RD C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-20 13:00 - 2013-07-11 15:34 - 00000000 ____D C:\Users\admin\AppData\Local\Ubisoft 2013-12-20 08:03 - 2013-12-20 08:03 - 00000000 ____D C:\ProgramData\RzMaelstromVAD_1.1.49.1641 2013-12-20 08:01 - 2013-04-22 17:36 - 00000000 ____D C:\Windows\Razer Core 2013-12-19 20:32 - 2013-12-19 20:32 - 00000000 ____D C:\Program Files\Common Files\INCA Shared 2013-12-19 18:36 - 2013-12-19 18:36 - 00000000 ____D C:\Program Files (x86)\NCWest 2013-12-18 21:49 - 2012-09-01 17:50 - 00022580 _____ C:\Windows\system32\lvcoinst.log 2013-12-17 00:07 - 2013-12-17 00:07 - 00030323 _____ C:\Users\admin\Desktop\Tytoń.odt 2013-12-16 01:17 - 2013-12-16 01:17 - 00000097 _____ C:\Users\admin\Desktop\nr4gracze.txt 2013-12-13 20:54 - 2013-12-10 16:14 - 00000000 ____D C:\Users\admin\Desktop\Koszulki 2013-12-13 08:13 - 2011-10-07 22:00 - 00000000 ____D C:\Windows\System32\Tasks\Games 2013-12-12 19:23 - 2012-09-19 08:40 - 00000000 ____D C:\Program Files (x86)\Google 2013-12-12 14:03 - 2009-07-14 05:45 - 06361888 _____ C:\Windows\system32\FNTCACHE.DAT 2013-12-12 00:08 - 2011-10-06 20:49 - 00463336 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT 2013-12-11 19:01 - 2013-12-11 19:01 - 00000849 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk 2013-12-09 22:46 - 2013-12-09 22:46 - 00001574 _____ C:\Users\admin\Desktop\n4e ms.txt 2013-12-09 14:15 - 2012-09-19 08:40 - 00004042 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-12-09 14:15 - 2012-09-19 08:40 - 00003790 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-12-07 15:38 - 2012-01-12 16:44 - 00000000 ____D C:\Users\admin\Documents\TrackMania 2013-12-06 16:21 - 2013-12-06 16:19 - 00205370 _____ C:\Users\admin\Desktop\hud nr 1.psd 2013-12-06 16:00 - 2013-12-06 16:00 - 01305284 _____ C:\Users\admin\Desktop\S7Reflex.wal 2013-12-06 15:57 - 2013-12-06 15:59 - 01248342 _____ C:\Users\admin\Desktop\Airtel__Song_Catcher.wal Files to move or delete: ==================== C:\ProgramData\hash.dat ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-03 14:43 ==================== End Of Log ============================