Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014 Ran by Kordian (administrator) on KORDIANMSI on 04-12-2014 19:09:00 Running from E:\Pobieranie Chrome Loaded Profile: Kordian (Available profiles: Kordian & Administrator) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe (Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe (MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Windows\System32\atwtusb.exe () C:\Windows\System32\atwtusb.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe (Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\Kordian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Flux Software LLC) C:\Users\Kordian\AppData\Local\FluxSoftware\Flux\flux.exe (Dropbox, Inc.) C:\Users\Kordian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\Super Charger.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe (Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\Kordian\AppData\Roaming\Spotify\spotify.exe () C:\Users\Kordian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Kordian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Kordian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Kordian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Kordian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () E:\Pobieranie Chrome\SecurityCheck.exe (Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Commnucations) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2886416 2012-03-02] (Synaptics Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software) HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-04-08] (MSI) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-11-21] (Raptr, Inc) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-07] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2452480 2014-10-30] (FileZilla Project) HKU\S-1-5-21-2521794128-4105105606-2663523909-1000\...\Run: [OscarX7Mouse5Mode] => C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [3571712 2013-02-01] () HKU\S-1-5-21-2521794128-4105105606-2663523909-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2521794128-4105105606-2663523909-1000\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-2521794128-4105105606-2663523909-1000\...\Run: [GoogleChromeAutoLaunch_C422999087B68B48A7D4718D73F2D145] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-11-25] (Google Inc.) HKU\S-1-5-21-2521794128-4105105606-2663523909-1000\...\Run: [Spotify Web Helper] => C:\Users\Kordian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1507840 2014-11-03] (Spotify Ltd) HKU\S-1-5-21-2521794128-4105105606-2663523909-1000\...\Run: [f.lux] => C:\Users\Kordian\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC) HKU\S-1-5-21-2521794128-4105105606-2663523909-1000\...\MountPoints2: G - G:\SETUP.EXE HKU\S-1-5-21-2521794128-4105105606-2663523909-1000\...\MountPoints2: {7d7def7a-5c91-11e4-8827-448a5b4600dc} - G:\setup.exe HKU\S-1-5-21-2521794128-4105105606-2663523909-1000\...\MountPoints2: {85843b38-5c94-11e4-bbb6-448a5b4600dc} - G:\setup.exe HKU\S-1-5-21-2521794128-4105105606-2663523909-1000\...\MountPoints2: {b07484cb-0de4-11e4-9a88-806e6f6e6963} - F:\CDSetup.exe Startup: C:\Users\Kordian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Kordian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Kordian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 5520 series (sieć).lnk ShortcutTarget: Powiadomienia monitorowania tuszu - HP Deskjet 5520 series (sieć).lnk -> C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) AlternateShell: ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO-x32: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.) FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.0.0.5099479\npmathplugin.dll (Wolfram Research, Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2521794128-4105105606-2663523909-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kordian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-28] Chrome: ======= CHR HomePage: Default -> file:///C:/Users/Kordian/Desktop/Po%C5%82owinki CHR StartupUrls: Default -> "hxxp://www.tumblr.com/dashboard", "hxxp://www.google.com" CHR DefaultSearchKeyword: Default -> google.com_ CHR DefaultSearchURL: Default -> http://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t CHR DefaultSuggestURL: Default -> http://suggestqueries.google.com/complete/search?q={searchTerms} CHR Profile: C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Angry Birds) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-07-17] CHR Extension: (Dokumenty Google) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-17] CHR Extension: (Dysk Google) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-17] CHR Extension: (Audiotool) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2014-07-17] CHR Extension: (YouTube) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-17] CHR Extension: (Battlefield Heroes) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-11-01] CHR Extension: (Adblock Plus) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-15] CHR Extension: (Szukaj w Google) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-17] CHR Extension: (Tampermonkey) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-07-17] CHR Extension: (Box - 10GB of FREE storage) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2014-07-17] CHR Extension: (Stylish) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-11-17] CHR Extension: (EditThisCookie) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-07-17] CHR Extension: (AdBlock) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-17] CHR Extension: (Desktop Notifications for Android) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\giicnncicnopjohcpamieklkiacdoeni [2014-11-17] CHR Extension: (Avast Online Security) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-28] CHR Extension: (Website Blocker (Beta)) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2014-07-17] CHR Extension: (Last.fm Scrobbler) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2014-11-15] CHR Extension: (Typing Test - KeyHero) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2014-07-17] CHR Extension: (Scott Draves) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldociafpimkkkdneicfdkdbgcllhdhj [2014-07-17] CHR Extension: (Novell Moonlight) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjmcjaammmjjilbjpacphekcgfnmdlk [2014-11-18] CHR Extension: (Google Wallet) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-17] CHR Extension: (__MSG_extBrowserActionName__) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg [2014-07-17] CHR Extension: (Instagram for Chrome) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-11-08] CHR Extension: (Gmail) - C:\Users\Kordian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-17] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-28] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-28] (AVAST Software) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-07] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-07] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-07] (BlueStack Systems, Inc.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation) R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [777728 2014-10-30] (FileZilla Project) [File not signed] R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed] R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1722320 2014-08-26] (Micro-Star International) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-19] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-11-01] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-11-01] () R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5405456 2014-11-12] (TeamViewer GmbH) R2 WTService; C:\Windows\system32\atwtusb.exe [581120 2012-10-19] () [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-28] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-28] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-28] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-28] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-24] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-28] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-28] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-28] () R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-07] (BlueStack Systems) R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.) R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] () S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [369792 2012-10-26] (QUALCOMM Incorporated) S3 SjtWinIo; C:\Windows\System32\DRIVERS\SjtWinIo.sys [9216 2014-07-29] (SpeedJet Technology INC.) S3 Ti64; C:\Windows\System32\DRIVERS\Ti64.sys [31232 2011-03-23] (Windows (R) Codename Longhorn DDK provider) S3 Ti64; C:\Windows\SysWOW64\DRIVERS\Ti64.sys [31232 2011-03-23] (Windows (R) Codename Longhorn DDK provider) U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2014-03-19] (Seiko Epson Corporation) R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider) S2 APXACC; system32\DRIVERS\appexDrv.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 WINIO; \??\C:\Program Files (x86)\MSI\Dragoon Gaming Center\winio64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-04 19:08 - 2014-12-04 19:09 - 00000000 ____D () C:\FRST 2014-12-04 10:28 - 2013-02-27 06:35 - 00228448 _____ (Advanced Micro Devices, INC.) C:\Windows\system32\Drivers\amdxhc.sys 2014-12-04 00:50 - 2014-12-04 00:50 - 00000000 ____D () C:\Users\Kordian\Desktop\BEKEPXD 2014-12-01 01:01 - 2014-12-01 01:01 - 00001129 _____ () C:\Users\Public\Desktop\eViacam.lnk 2014-12-01 01:01 - 2014-12-01 01:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enable Viacam 2014-12-01 01:01 - 2014-12-01 01:01 - 00000000 ____D () C:\Program Files (x86)\Enable Viacam 2014-11-30 01:29 - 2014-11-30 01:30 - 00000000 ____D () C:\Users\Kordian\Desktop\zsw 2014-11-30 01:26 - 2014-11-30 02:33 - 00000000 ____D () C:\Users\Kordian\Desktop\ROOCZE 2014-11-29 23:13 - 2014-11-30 21:47 - 00000000 ____D () C:\Users\Kordian\AppData\Local\Mathematica 2014-11-29 23:13 - 2014-11-29 23:13 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Mathematica 2014-11-29 23:13 - 2014-11-29 23:13 - 00000000 ____D () C:\Users\Kordian\AppData\Local\Wolfram Research 2014-11-29 23:12 - 2014-11-29 23:13 - 00000000 ____D () C:\ProgramData\Mathematica 2014-11-29 23:12 - 2014-11-29 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica 2014-11-29 23:12 - 2014-11-29 23:12 - 00000000 ____D () C:\Program Files\Extras 2014-11-29 23:12 - 2014-11-29 23:12 - 00000000 ____D () C:\Program Files\Common Files\Wolfram Research 2014-11-29 01:59 - 2014-12-01 17:44 - 00000000 ____D () C:\Users\Kordian\Desktop\Kloster 2014-11-29 01:52 - 2014-11-29 01:52 - 00000000 ____D () C:\Users\Kordian\Documents\Adobe Scripts 2014-11-29 01:46 - 2014-11-29 01:46 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js 2014-11-29 01:46 - 2014-11-29 01:46 - 00000000 ____D () C:\nodejs 2014-11-28 09:59 - 2014-11-28 09:59 - 00000000 ____D () C:\ProgramData\Last.fm 2014-11-28 09:55 - 2014-11-28 09:59 - 00000000 ____D () C:\Users\Kordian\AppData\Local\Last.fm 2014-11-28 09:55 - 2014-11-28 09:55 - 00000985 _____ () C:\Users\Public\Desktop\Last.fm Scrobbler.lnk 2014-11-28 09:55 - 2014-11-28 09:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm 2014-11-28 09:55 - 2014-11-28 09:55 - 00000000 ____D () C:\Program Files (x86)\Last.fm 2014-11-27 23:49 - 2014-11-27 23:49 - 00000132 _____ () C:\Users\Kordian\AppData\Roaming\Adobe PNG Format CS6 Prefs 2014-11-26 15:40 - 2014-11-26 15:40 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\FileZilla Server 2014-11-26 15:39 - 2014-11-26 15:39 - 00000000 ____D () C:\Program Files (x86)\FileZilla Server 2014-11-26 15:37 - 2014-11-26 15:37 - 02092021 _____ (FileZilla Project) C:\Users\Kordian\Downloads\FileZilla_Server-0_9_48 [1].exe 2014-11-26 14:00 - 2014-11-26 14:24 - 00000000 ____D () C:\Users\Kordian\Desktop\Edycja 2014-11-26 13:59 - 2014-11-26 13:59 - 00002695 _____ () C:\Users\Public\Desktop\Minecraft Editor 64 bits.lnk 2014-11-26 13:59 - 2014-11-26 13:59 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Axialmedia 2014-11-26 13:59 - 2014-11-26 13:59 - 00000000 ____D () C:\Users\Kordian\AppData\Local\SkinSoft 2014-11-26 13:59 - 2014-11-26 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axialmedia 2014-11-26 13:59 - 2014-11-26 13:59 - 00000000 ____D () C:\Program Files\Axialmedia 2014-11-26 13:59 - 2014-11-26 13:59 - 00000000 ____D () C:\Program Files (x86)\Axialmedia 2014-11-26 12:05 - 2014-11-26 13:39 - 00000000 ____D () C:\Users\Kordian\Desktop\Server 2014-11-25 21:50 - 2014-11-25 22:50 - 04443312 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-11-25 13:10 - 2014-11-25 13:10 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk 2014-11-25 13:09 - 2014-11-25 13:20 - 00000000 ____D () C:\ProgramData\BlueStacksSetup 2014-11-25 13:09 - 2014-11-25 13:09 - 00000000 ____D () C:\Users\Kordian\AppData\Local\Bluestacks 2014-11-25 13:09 - 2014-11-25 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2014-11-25 13:09 - 2014-11-25 13:09 - 00000000 ____D () C:\ProgramData\BlueStacks 2014-11-25 13:09 - 2014-11-25 13:09 - 00000000 ____D () C:\Program Files (x86)\BlueStacks 2014-11-21 03:53 - 2014-11-21 03:53 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\java 2014-11-21 03:52 - 2014-11-26 20:15 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\.minecraft 2014-11-21 03:52 - 2014-11-21 03:52 - 00002136 _____ () C:\Users\Kordian\Desktop\Minecraft.lnk 2014-11-21 03:52 - 2014-11-21 03:52 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2014-11-19 22:29 - 2014-11-19 22:30 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\SumatraPDF 2014-11-19 22:29 - 2014-11-19 22:29 - 00001933 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk 2014-11-19 22:29 - 2014-11-19 22:29 - 00000000 ____D () C:\Program Files (x86)\SumatraPDF 2014-11-19 16:51 - 2014-12-04 18:28 - 00000000 ____D () C:\Windows\Minidump 2014-11-19 00:12 - 2014-11-19 00:12 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux 2014-11-19 00:12 - 2014-11-19 00:12 - 00000000 ____D () C:\Users\Kordian\AppData\Local\FluxSoftware 2014-11-18 20:39 - 2014-11-18 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-11-18 20:39 - 2014-11-18 20:39 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-11-18 20:39 - 2014-11-18 20:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-11-18 10:52 - 2014-11-18 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved 2014-11-17 21:48 - 2014-11-17 21:48 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\AMD 2014-11-16 21:51 - 2014-11-08 13:35 - 00000000 ____D () C:\Users\Kordian\Desktop\Algebra 2014-11-15 10:34 - 2014-11-15 10:34 - 00000000 ____D () C:\Windows\Sun 2014-11-15 10:24 - 2014-11-15 10:24 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2014-11-15 10:24 - 2014-11-15 10:24 - 00001035 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk 2014-11-15 10:24 - 2014-11-15 10:24 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\TeamViewer 2014-11-15 10:24 - 2014-11-15 10:24 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-11-15 00:27 - 2014-11-15 00:27 - 00000000 ____D () C:\Users\Kordian\Documents\Niestandardowe szablony pakietu Office 2014-11-14 01:53 - 2014-12-04 10:28 - 00000000 ____D () C:\Users\Kordian\Desktop\PoradnikMIX 2014-11-11 00:39 - 2014-11-11 00:39 - 00000000 ____D () C:\Users\Kordian\AppData\Local\Apple Computer 2014-11-11 00:34 - 2014-11-11 00:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Ti64_01000.Wdf 2014-11-11 00:33 - 2014-11-11 00:34 - 00000000 ____D () C:\Program Files (x86)\Trackball Controller 2014-11-11 00:33 - 2014-11-11 00:33 - 00001995 _____ () C:\Users\Administrator\Desktop\Button Map.lnk 2014-11-11 00:33 - 2014-11-11 00:33 - 00001113 _____ () C:\Users\Administrator\Desktop\Trackball Controller keyboard.lnk 2014-11-11 00:33 - 2014-11-11 00:33 - 00000000 ____D () C:\Windows\Ti64 2014-11-11 00:33 - 2014-11-11 00:33 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trackball Controller 2014-11-11 00:33 - 2014-11-11 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trackball Controller 2014-11-11 00:33 - 2011-03-23 15:10 - 00031232 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\Drivers\Ti64.sys 2014-11-11 00:33 - 2011-03-23 15:10 - 00031232 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\Ti64.sys 2014-11-11 00:33 - 2005-11-29 22:27 - 01491528 _____ () C:\Windows\system32\WdfCoinstaller01000.dll 2014-11-10 12:27 - 2014-11-10 12:27 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-11-10 12:27 - 2014-11-10 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-11-10 12:27 - 2014-11-10 12:27 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-11-10 12:27 - 2014-11-10 12:27 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-11-04 17:24 - 2014-12-04 17:59 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Raptr 2014-11-04 17:14 - 2014-11-04 17:14 - 00001090 _____ () C:\Users\Kordian\Desktop\MSI Afterburner.lnk 2014-11-04 17:14 - 2014-11-04 17:14 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2014-11-04 17:14 - 2014-11-04 17:14 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-11-04 17:13 - 2014-11-04 17:13 - 00003094 _____ () C:\Windows\System32\Tasks\Process Lasso Core Engine Only 2014-11-04 17:13 - 2014-11-04 17:13 - 00003088 _____ () C:\Windows\System32\Tasks\Process Lasso Management Console (GUI) 2014-11-04 17:13 - 2014-11-04 17:13 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\ProcessLasso 2014-11-04 17:13 - 2014-11-04 17:13 - 00000000 ____D () C:\ProgramData\ProcessLasso 2014-11-04 17:13 - 2014-11-04 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso 2014-11-04 17:12 - 2014-11-04 17:13 - 00000000 ____D () C:\Program Files\Process Lasso 2014-11-04 17:10 - 2014-11-04 17:10 - 00000000 ____D () C:\ProgramData\ATI 2014-11-04 17:09 - 2014-11-04 17:09 - 00000000 _____ () C:\Windows\ativpsrm.bin 2014-11-04 17:05 - 2014-11-04 17:05 - 00067348 _____ () C:\Windows\SysWOW64\CCCInstall_201411041705482400.log 2014-11-04 17:05 - 2014-11-04 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-11-04 17:05 - 2014-11-04 17:05 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2014-11-04 17:05 - 2014-11-04 17:05 - 00000000 ____D () C:\Program Files (x86)\AMD 2014-11-04 17:04 - 2014-11-04 17:05 - 00000000 ____D () C:\Program Files\AMD 2014-11-04 17:04 - 2014-11-04 17:04 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2014-11-04 17:03 - 2014-11-04 17:03 - 00000000 ____D () C:\Program Files\ATI 2014-11-04 17:02 - 2014-11-04 17:05 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-11-04 17:00 - 2014-11-04 17:00 - 00000000 ____D () C:\AMD 2014-11-04 16:55 - 2014-11-04 16:55 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies 2014-11-04 16:30 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2014-11-04 16:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-11-04 16:30 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2014-11-04 16:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-11-04 16:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-11-04 16:30 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-11-04 16:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-11-04 16:30 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-11-04 16:30 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-11-04 16:30 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-11-04 16:30 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-11-04 16:30 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-11-04 16:30 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-11-04 16:30 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-11-04 16:30 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2014-11-04 16:30 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2014-11-04 16:30 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2014-11-04 16:30 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2014-11-04 16:30 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2014-11-04 16:30 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2014-11-04 16:30 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2014-11-04 16:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2014-11-04 16:30 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2014-11-04 16:30 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2014-11-04 16:30 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2014-11-04 16:30 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2014-11-04 16:30 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-11-04 16:30 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2014-11-04 16:30 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2014-11-04 16:30 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2014-11-04 16:30 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2014-11-04 16:30 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2014-11-04 16:30 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2014-11-04 16:30 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2014-11-04 16:30 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2014-11-04 16:30 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2014-11-04 16:30 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2014-11-04 16:30 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2014-11-04 16:30 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2014-11-04 16:30 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2014-11-04 16:30 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2014-11-04 16:30 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2014-11-04 16:30 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2014-11-04 16:30 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2014-11-04 16:30 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2014-11-04 16:30 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2014-11-04 16:30 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2014-11-04 16:30 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll 2014-11-04 16:30 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2014-11-04 16:30 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll 2014-11-04 16:30 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2014-11-04 16:30 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2014-11-04 16:30 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2014-11-04 16:30 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2014-11-04 16:30 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2014-11-04 16:30 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2014-11-04 16:30 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2014-11-04 16:30 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2014-11-04 16:30 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-11-04 16:30 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2014-11-04 16:30 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-11-04 16:30 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-11-04 16:30 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-11-04 16:30 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-11-04 16:30 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2014-11-04 16:30 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2014-11-04 16:30 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2014-11-04 16:30 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2014-11-04 16:30 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2014-11-04 16:30 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2014-11-04 16:30 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2014-11-04 16:30 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2014-11-04 16:30 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2014-11-04 16:30 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2014-11-04 16:30 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2014-11-04 16:30 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2014-11-04 16:30 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2014-11-04 16:30 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2014-11-04 16:30 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2014-11-04 16:30 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2014-11-04 16:30 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2014-11-04 16:30 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2014-11-04 16:30 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2014-11-04 16:30 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2014-11-04 16:30 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2014-11-04 16:30 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2014-11-04 16:30 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2014-11-04 16:30 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2014-11-04 16:30 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2014-11-04 16:30 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2014-11-04 16:29 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2014-11-04 16:29 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2014-11-04 16:29 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2014-11-04 16:29 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2014-11-04 16:29 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2014-11-04 16:29 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2014-11-04 16:29 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2014-11-04 16:29 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2014-11-04 16:29 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2014-11-04 16:29 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2014-11-04 16:29 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2014-11-04 16:29 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2014-11-04 16:29 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2014-11-04 16:29 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2014-11-04 16:29 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2014-11-04 16:29 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2014-11-04 16:29 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2014-11-04 16:29 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2014-11-04 16:29 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2014-11-04 16:29 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2014-11-04 16:29 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2014-11-04 16:29 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2014-11-04 16:29 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2014-11-04 16:29 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2014-11-04 16:29 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-11-04 16:29 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2014-11-04 16:29 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2014-11-04 16:29 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2014-11-04 16:29 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2014-11-04 16:29 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2014-11-04 16:29 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2014-11-04 16:29 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2014-11-04 16:29 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2014-11-04 16:29 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2014-11-04 16:29 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2014-11-04 16:29 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2014-11-04 16:29 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2014-11-04 16:29 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2014-11-04 16:29 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2014-11-04 16:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2014-11-04 16:29 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2014-11-04 16:29 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2014-11-04 16:29 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2014-11-04 16:29 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2014-11-04 16:29 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2014-11-04 16:29 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2014-11-04 16:29 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2014-11-04 16:29 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2014-11-04 16:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2014-11-04 16:29 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2014-11-04 16:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2014-11-04 16:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2014-11-04 16:29 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2014-11-04 16:29 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2014-11-04 16:29 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2014-11-04 16:29 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2014-11-04 16:29 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2014-11-04 16:29 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-11-04 16:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2014-11-04 16:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2014-11-04 16:29 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2014-11-04 16:29 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-11-04 16:29 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-11-04 16:29 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2014-11-04 16:29 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2014-11-04 16:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2014-11-04 16:29 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2014-11-04 16:29 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-11-04 16:29 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2014-11-04 16:29 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2014-11-04 16:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2014-11-04 16:29 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2014-11-04 16:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2014-11-04 16:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-11-04 16:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-11-04 16:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-11-04 16:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2014-11-04 16:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-11-04 16:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2014-11-04 16:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-11-04 16:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2014-11-04 16:29 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2014-11-04 16:29 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2014-11-04 16:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-11-04 16:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2014-11-04 16:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-11-04 16:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2014-11-04 16:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-11-04 16:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2014-11-04 09:42 - 2014-12-04 14:37 - 00267843 ____N () C:\Windows\WindowsUpdate.log ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-04 18:50 - 2014-08-01 12:47 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-12-04 18:34 - 2014-07-17 17:17 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-04 18:28 - 2014-07-17 20:17 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\uTorrent 2014-12-04 18:28 - 2014-07-17 14:46 - 00000000 ____D () C:\Users\Kordian\AppData\Local\CrashDumps 2014-12-04 17:47 - 2014-07-18 08:27 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Spotify 2014-12-04 15:07 - 2014-07-18 12:46 - 00000000 ____D () C:\Users\Kordian\AppData\Local\Spotify 2014-12-04 14:37 - 2014-07-17 17:17 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-04 14:05 - 2009-07-14 05:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-04 14:05 - 2009-07-14 05:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-04 13:59 - 2014-10-08 19:39 - 00000000 ___RD () C:\Users\Kordian\Dropbox 2014-12-04 13:59 - 2014-10-08 19:37 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Dropbox 2014-12-04 13:57 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-04 13:57 - 2009-07-14 03:34 - 00000418 _____ () C:\Windows\win.ini 2014-12-04 13:37 - 2014-07-18 15:49 - 00065536 _____ () C:\Windows\system32\spu_storage.bin 2014-12-04 09:36 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-12-04 00:49 - 2014-07-18 11:35 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Skype 2014-12-04 00:22 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-12-03 18:57 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-12-03 14:06 - 2014-10-03 19:03 - 00000000 ____D () C:\Program Files\NetBeans 8.0.1 2014-12-03 10:57 - 2014-10-08 08:56 - 00000000 ____D () C:\Users\Kordian\Desktop\KordianLedzion 2014-11-30 13:25 - 2014-07-18 10:08 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\FileZilla 2014-11-30 02:44 - 2014-10-03 00:23 - 00000000 ____D () C:\Users\Kordian\.VirtualBox 2014-11-28 10:01 - 2014-08-28 12:16 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\foobar2000 2014-11-25 22:50 - 2014-08-01 12:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-25 22:50 - 2014-08-01 12:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-25 22:50 - 2014-08-01 12:47 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-11-25 13:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-11-24 14:57 - 2014-07-28 14:57 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-11-23 19:29 - 2014-07-28 14:57 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-11-22 01:07 - 2014-07-18 14:14 - 00000000 ____D () C:\Program Files (x86)\Raptr 2014-11-21 10:13 - 2014-09-25 17:53 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-11-20 13:46 - 2014-08-06 10:22 - 00000000 ____D () C:\Users\Kordian\AppData\Local\Adobe 2014-11-19 22:21 - 2014-10-14 23:00 - 00000000 ____D () C:\Users\Kordian\Desktop\Dokumentacja Java 2014-11-18 17:43 - 2014-10-01 14:45 - 00000000 ____D () C:\JAVA 2014-11-18 01:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-11-17 21:48 - 2014-08-08 02:18 - 00000000 ____D () C:\Users\Kordian\Documents\My Games 2014-11-16 10:38 - 2014-07-17 14:42 - 00111536 _____ () C:\Users\Kordian\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-16 10:35 - 2009-07-14 05:45 - 05058728 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-15 13:56 - 2014-07-17 14:33 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite 2014-11-15 01:22 - 2014-10-08 19:38 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-11-14 14:29 - 2014-07-17 17:17 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-14 14:29 - 2014-07-17 17:17 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-13 14:58 - 2014-07-18 12:45 - 00000000 ____D () C:\Users\Kordian\AppData\Local\Black_Tree_Gaming 2014-11-13 14:56 - 2014-09-01 23:26 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run 2014-11-13 14:56 - 2014-08-20 09:40 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2014-11-13 14:55 - 2014-11-01 01:47 - 00000000 ____D () C:\Users\Kordian\Documents\Battlefield Heroes 2014-11-13 14:54 - 2014-07-18 23:40 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-11-13 14:54 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-11-13 14:53 - 2014-07-18 08:34 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-11-04 17:26 - 2014-07-19 11:48 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\DarkSoulsII 2014-11-04 17:10 - 2014-07-17 14:43 - 00000000 ____D () C:\Users\Kordian\AppData\Roaming\ATI 2014-11-04 17:10 - 2014-07-17 14:43 - 00000000 ____D () C:\Users\Kordian\AppData\Local\ATI 2014-11-04 17:05 - 2014-07-17 14:24 - 00000000 ____D () C:\ProgramData\AMD 2014-11-04 16:47 - 2014-07-17 14:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-11-04 16:46 - 2014-07-17 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2014-11-04 16:10 - 2011-04-12 14:21 - 00740348 _____ () C:\Windows\system32\perfh015.dat 2014-11-04 16:10 - 2011-04-12 14:21 - 00155890 _____ () C:\Windows\system32\perfc015.dat 2014-11-04 16:10 - 2009-07-14 06:13 - 01669190 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-04 15:33 - 2014-07-17 14:19 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-04 10:52 - 2014-07-18 08:26 - 00000000 ____D () C:\Program Files\WinRAR 2014-11-04 10:16 - 2014-11-02 22:40 - 00000000 ____D () C:\Program Files (x86)\Five Nights at Freddy's 2014-11-04 10:16 - 2014-07-18 08:26 - 00000000 ____D () C:\Program Files (x86)\foobar2000 2014-11-04 10:16 - 2014-07-18 08:26 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client 2014-11-04 10:11 - 2014-10-11 19:58 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1 Some content of TEMP: ==================== C:\Users\Kordian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_47us_.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION! LastRegBack: 2014-11-18 11:10 ==================== End Of Log ============================