Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-12-2014 01 Ran by MG (administrator) on X on 22-12-2014 11:00:52 Running from C:\Users\MG\Downloads Loaded Profile: MG (Available profiles: MG) Platform: Microsoft Windows 7 Home Premium (X86) OS Language: Polski (Polska) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe (AMD) C:\Windows\System32\atiesrxx.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (PC Tools) C:\Program Files\PC Tools Firewall Plus\FWService.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Virage Logic Corporation / Sonic Focus) C:\Program Files\ASUS\ASUS Sonic Focus\SonicFocusTray.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Zemana Ltd.) C:\Program Files\AntiLogger\AntiLogger.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (QFX Software Corporation) C:\Program Files\KeyScrambler\KeyScrambler.exe (PC Tools) C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (OldTimer Tools) C:\Users\MG\Downloads\OTL.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11430504 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1571432 2011-10-14] (Realtek Semiconductor) HKLM\...\Run: [SonicMasterTray] => C:\Program Files\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-01] (Advanced Micro Devices, Inc.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456 2014-10-01] (ESET) HKLM\...\Run: [AntiLogger] => C:\Program Files\AntiLogger\AntiLogger.exe [14268328 2014-11-06] (Zemana Ltd.) HKLM\...\Run: [KeyScrambler] => C:\Program Files\KeyScrambler\keyscrambler.exe [508744 2014-10-26] (QFX Software Corporation) HKLM\...\Run: [00PCTFW] => C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2672600 2011-04-07] (PC Tools) HKLM\...\Policies\Explorer: [NoViewContextMenu] 0 HKLM\...\Policies\Explorer: [StartMenuLogoff] 1 HKLM\...\Policies\Explorer: [NoSMHelp] 1 HKU\S-1-5-21-2226444264-1822766488-2759232319-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-2226444264-1822766488-2759232319-1000\...\Policies\Explorer: [NoCDBurning] 0 HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-12-22] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2226444264-1822766488-2759232319-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 FireFox: ======== FF ProfilePath: C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default FF Homepage: about:blank FF NetworkProxy: "http_port", 8080 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF user.js: detected! => C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\user.js FF Extension: LavaFox V2 - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\info@djzig.com [2014-12-21] FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\mintrayr@tn123.ath.cx [2014-12-21] FF Extension: Flashblock - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-12-21] FF Extension: Add-on Compatibility Reporter - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\compatibility@addons.mozilla.org.xpi [2014-12-21] FF Extension: Ghostery - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\firefox@ghostery.com.xpi [2014-12-21] FF Extension: Self-Destructing Cookies - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2014-12-21] FF Extension: Movable Firefox Button - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\movableAppButton@Merci.chao.xpi [2014-12-21] FF Extension: TrafficLight - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\trafficlight@bitdefender.com.xpi [2014-12-21] FF Extension: AniWeather - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2014-12-21] FF Extension: SmoothWheel (mozdev.org) - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2014-12-21] FF Extension: Configuration Mania? - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\{c4d362ec-1cff-4ca0-9031-99a8fad7995a}.xpi [2014-12-21] FF Extension: Adblock Plus - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-21] FF Extension: DownThemAll! - C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\6vxpse13.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-12-21] Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-11-01] (Advanced Micro Devices, Inc.) [File not signed] R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2014-10-01] (ESET) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2014-12-21] (SurfRight B.V.) R2 hmpalertsvc; C:\Program Files\HitmanPro.Alert\hmpalert.exe [1876816 2014-07-26] (SurfRight B.V.) R2 PCToolsFirewallPlus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [286000 2011-01-24] (PC Tools) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AiCharger; C:\Windows\System32\DRIVERS\AiCharger.sys [14720 2011-10-14] (ASUSTek Computer Inc.) R1 AntiLog32; C:\Windows\system32\drivers\AntiLog32.sys [80104 2014-12-21] (Zemana Ltd.) S3 cleanhlp; C:\EEK\BIN\cleanhlp32.sys [50200 2014-09-10] (Emsisoft GmbH) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [190368 2014-10-10] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123424 2014-10-10] (ESET) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [15968 2014-11-18] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2014-11-18] () R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [75640 2014-12-21] () R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [209016 2013-05-31] (QFX Software Corporation) R2 PCTAppEvent; C:\Windows\system32\drivers\PCTAppEvent.sys [160576 2011-03-02] (PC Tools) R3 PCTFW-PacketFilter; C:\Windows\system32\drivers\pctNdis-PacketFilter.sys [89472 2011-01-12] (PC Tools) R1 pctgntdi; C:\Windows\System32\drivers\pctgntdi.sys [251560 2011-01-17] (PC Tools) S3 pctNdis; C:\Windows\System32\DRIVERS\pctNdis.sys [57536 2010-07-08] (PC Tools) R3 pctNdisMP; C:\Windows\System32\DRIVERS\pctNdis.sys [57536 2010-07-08] (PC Tools) R3 pctplfw; C:\Windows\System32\drivers\pctplfw.sys [125248 2011-01-17] (PC Tools) R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) U3 DfSdkS; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-22 11:00 - 2014-12-22 11:03 - 00010392 _____ () C:\Users\MG\Downloads\FRST.txt 2014-12-22 11:00 - 2014-12-22 11:01 - 00000000 ____D () C:\FRST 2014-12-22 10:54 - 2014-12-22 10:54 - 149418204 _____ () C:\Users\MG\Downloads\Windows6.1-KB947821-v34-x86(1).msu.part 2014-12-22 10:54 - 2014-12-22 10:54 - 00000000 _____ () C:\Users\MG\Downloads\Windows6.1-KB947821-v34-x86(1).msu 2014-12-22 10:26 - 2014-12-22 10:26 - 00000000 ____D () C:\Windows\system32\SPReview 2014-12-22 10:18 - 2014-12-22 10:18 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-12-22 09:36 - 2014-12-22 09:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-12-22 09:29 - 2014-12-22 09:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-12-22 06:45 - 2014-12-22 06:45 - 00000000 ____D () C:\Windows\CheckSur 2014-12-22 06:16 - 2014-12-22 06:27 - 239126136 _____ () C:\Users\MG\Downloads\Windows6.1-KB947821-v34-x86.msu 2014-12-22 06:12 - 2014-12-22 06:13 - 01113600 _____ (Farbar) C:\Users\MG\Downloads\FRST.exe 2014-12-22 06:12 - 2014-12-22 06:12 - 00602112 _____ (OldTimer Tools) C:\Users\MG\Downloads\OTL.exe 2014-12-22 06:12 - 2014-12-22 06:12 - 00380416 _____ () C:\Users\MG\Downloads\eh20ehp0.exe 2014-12-22 05:37 - 2014-12-22 05:37 - 00000000 ____D () C:\Users\MG\AppData\Local\Geckofx 2014-12-22 01:48 - 2014-12-22 01:49 - 00000000 ____D () C:\Users\MG\AppData\Local\CyberGhost 2014-12-22 01:44 - 2014-12-22 10:45 - 00000672 _____ () C:\Windows\setupact.log 2014-12-22 01:44 - 2014-12-22 01:44 - 00000626 _____ () C:\Windows\PFRO.log 2014-12-22 01:44 - 2014-12-22 01:44 - 00000000 _____ () C:\Windows\setuperr.log 2014-12-21 22:22 - 2014-12-21 22:22 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Macromedia 2014-12-21 22:22 - 2014-12-21 22:22 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Adobe 2014-12-21 22:22 - 2014-12-21 22:22 - 00000000 ____D () C:\Users\MG\AppData\Local\Macromedia 2014-12-21 22:15 - 2014-12-21 22:15 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Ashampoo Photo Commander 11 2014-12-21 22:09 - 2014-12-21 22:09 - 00000000 ____D () C:\Users\MG\AppData\Local\Microsoft Games 2014-12-21 22:08 - 2014-12-21 22:08 - 00383562 __RSH () C:\ZHNTLDR 2014-12-21 22:08 - 2014-12-21 22:08 - 00217769 __RSH () C:\zhgrldr 2014-12-21 22:08 - 2014-12-21 22:08 - 00000449 __RSH () C:\menu.lst 2014-12-21 22:08 - 2014-12-21 22:08 - 00000000 _RSHD () C:\sources 2014-12-21 22:08 - 2014-12-21 22:08 - 00000000 _RSHD () C:\grubfiles 2014-12-21 22:08 - 2014-12-21 22:08 - 00000000 __RSH () C:\Windows\system32\mszhsdmf.srg 2014-12-21 22:07 - 2014-12-21 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Keriver 1-Click Restore Free 2014-12-21 22:06 - 2014-12-21 22:08 - 00000000 ____D () C:\Program Files\Keriver 1-Click Restore Free 2014-12-21 22:02 - 2014-12-21 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.2 2014-12-21 22:01 - 2014-12-21 22:01 - 00000000 ____D () C:\Program Files\EaseUS 2014-12-21 22:01 - 2014-11-18 14:46 - 02502240 _____ () C:\Windows\system32\BootMan.exe 2014-12-21 22:01 - 2014-11-18 14:46 - 00021088 _____ () C:\Windows\system32\EuEpmGdi.dll 2014-12-21 22:01 - 2014-11-18 14:39 - 00015968 _____ () C:\Windows\system32\epmntdrv.sys 2014-12-21 22:01 - 2014-11-18 14:39 - 00010208 _____ () C:\Windows\system32\EuGdiDrv.sys 2014-12-21 22:01 - 2014-11-18 14:38 - 00088160 _____ () C:\Windows\system32\setupempdrv03.exe 2014-12-21 22:00 - 2014-12-21 22:00 - 00000000 ____D () C:\Users\MG\AppData\Local\ESET 2014-12-21 21:18 - 2014-12-21 21:55 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Ashampoo 2014-12-21 21:18 - 2014-12-21 21:18 - 00000000 ____D () C:\Users\MG\AppData\Local\CrashRpt 2014-12-21 21:17 - 2014-12-21 21:17 - 00000000 ____D () C:\Users\MG\AppData\Local\ashampoo 2014-12-21 21:01 - 2014-12-21 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2014-12-21 21:00 - 2014-12-21 21:50 - 00000000 ____D () C:\ProgramData\Ashampoo 2014-12-21 21:00 - 2009-08-24 21:08 - 00028160 _____ (mst software GmbH, Germany) C:\Windows\system32\DfSdkBt.exe 2014-12-21 20:59 - 2014-12-21 21:50 - 00000000 ____D () C:\Program Files\Ashampoo 2014-12-21 20:49 - 2014-12-21 20:50 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-12-21 20:48 - 2014-12-21 20:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-12-21 20:48 - 2014-12-21 20:48 - 00000000 ____D () C:\Windows\system32\Macromed 2014-12-21 20:42 - 2014-12-21 20:42 - 00000000 ____D () C:\Windows\system32\EventProviders 2014-12-21 20:37 - 2014-12-21 20:39 - 00000000 ____D () C:\Users\MG\AppData\Roaming\PCToolsFirewallPlus 2014-12-21 20:36 - 2014-11-26 17:17 - 00000620 _____ () C:\Users\MG\Documents\indexfile.txt 2014-12-21 20:34 - 2014-12-21 20:35 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Mozilla 2014-12-21 20:34 - 2014-12-21 20:35 - 00000000 ____D () C:\Users\MG\AppData\Local\Mozilla 2014-12-21 20:34 - 2014-12-21 20:34 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-12-21 20:34 - 2014-12-21 20:34 - 00000000 ____D () C:\ProgramData\Mozilla 2014-12-21 20:34 - 2014-12-21 20:34 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-12-21 20:34 - 2014-12-21 20:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-12-21 20:28 - 2014-12-21 20:29 - 00000000 ____D () C:\Program Files\TAP-Windows 2014-12-21 20:26 - 2014-12-21 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5 2014-12-21 20:25 - 2014-12-22 05:34 - 00000000 ____D () C:\Program Files\CyberGhost 5 2014-12-21 20:23 - 2011-03-02 12:40 - 00160576 _____ (PC Tools) C:\Windows\system32\Drivers\PCTAppEvent.sys 2014-12-21 20:23 - 2010-03-29 11:06 - 00218592 _____ (PC Tools) C:\Windows\system32\Drivers\PCTCore.sys 2014-12-21 20:22 - 2011-03-24 12:39 - 00105280 _____ (PC Tools) C:\Windows\system32\Drivers\pctwfpfilter.sys 2014-12-21 20:22 - 2011-01-17 09:10 - 00251560 _____ (PC Tools) C:\Windows\system32\Drivers\pctgntdi.sys 2014-12-21 20:21 - 2014-12-21 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes 2014-12-21 20:21 - 2014-12-21 20:21 - 00000000 ____D () C:\Program Files\Elaborate Bytes 2014-12-21 20:13 - 2014-12-22 10:45 - 00000000 ____D () C:\ProgramData\TEMP 2014-12-21 20:12 - 2014-12-21 20:39 - 00000000 ____D () C:\Program Files\PC Tools Firewall Plus 2014-12-21 20:12 - 2014-12-21 20:23 - 00000000 ____D () C:\Program Files\Common Files\PC Tools 2014-12-21 20:12 - 2014-12-21 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Firewall Plus 2014-12-21 20:12 - 2011-01-17 08:11 - 00125248 _____ (PC Tools) C:\Windows\system32\Drivers\pctplfw.sys 2014-12-21 20:12 - 2011-01-12 10:36 - 00089472 _____ (PC Tools) C:\Windows\system32\Drivers\pctNdis-PacketFilter.sys 2014-12-21 20:12 - 2010-07-08 08:49 - 00057536 _____ (PC Tools) C:\Windows\system32\Drivers\pctNdis.sys 2014-12-21 20:12 - 2010-02-05 08:26 - 00032808 _____ (PC Tools) C:\Windows\system32\Drivers\pctNdis-DNS.sys 2014-12-21 20:10 - 2014-12-21 20:10 - 00000000 ____D () C:\Users\MG\AppData\Roaming\QFX Software 2014-12-21 20:10 - 2014-12-21 20:10 - 00000000 ____D () C:\ProgramData\QFX Software 2014-12-21 20:10 - 2014-12-21 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler 2014-12-21 20:09 - 2014-12-21 20:09 - 00000000 ____D () C:\Program Files\KeyScrambler 2014-12-21 20:09 - 2013-05-31 15:53 - 00209016 _____ (QFX Software Corporation) C:\Windows\system32\Drivers\keyscrambler.sys 2014-12-21 20:04 - 2014-12-21 22:37 - 00000000 ____D () C:\Users\MG\Downloads\tdsskiller 2014-12-21 20:04 - 2014-12-21 20:05 - 00000000 ____D () C:\Users\MG\Downloads\ccsetup500 2014-12-21 20:04 - 2014-12-21 20:04 - 00000000 ____D () C:\Users\MG\Downloads\Autoruns 2014-12-21 20:01 - 2014-12-21 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup 2014-12-21 20:01 - 2014-12-21 20:01 - 00000000 ____D () C:\Program Files\MozBackup 2014-12-21 19:59 - 2014-12-21 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield 2014-12-21 19:58 - 2014-12-22 10:45 - 00000000 ____D () C:\ProgramData\MCShield 2014-12-21 19:58 - 2014-12-21 19:59 - 00000000 ____D () C:\Program Files\MCShield 2014-12-21 19:57 - 2014-12-22 07:44 - 00000000 ____D () C:\Windows\CryptoGuard 2014-12-21 19:57 - 2014-12-21 19:57 - 00477008 _____ (SurfRight) C:\Windows\system32\hmpalert.dll 2014-12-21 19:57 - 2014-12-21 19:57 - 00075640 _____ () C:\Windows\system32\Drivers\hmpalert.sys 2014-12-21 19:57 - 2014-12-21 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert 2014-12-21 19:57 - 2014-12-21 19:57 - 00000000 ____D () C:\Program Files\HitmanPro.Alert 2014-12-21 19:56 - 2014-12-21 19:56 - 00000000 ____D () C:\Program Files\HitmanPro 2014-12-21 19:55 - 2014-12-21 22:38 - 00155400 _____ (SurfRight B.V.) C:\Windows\system32\LnkProtect.dll 2014-12-21 19:54 - 2014-12-22 01:41 - 00000000 ____D () C:\EEK 2014-12-21 19:54 - 2014-12-21 20:02 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-12-21 19:53 - 2014-12-21 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-12-21 19:53 - 2014-12-21 19:53 - 00000000 ____D () C:\Program Files\7-Zip 2014-12-21 17:51 - 2014-12-21 17:51 - 00080104 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog32.sys 2014-12-21 17:51 - 2014-12-21 17:51 - 00000000 ____D () C:\Users\MG\AppData\Local\Zemana 2014-12-21 17:50 - 2014-12-21 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiLogger 2014-12-21 17:50 - 2014-12-21 17:50 - 00000000 ____D () C:\Program Files\AntiLogger 2014-12-21 17:48 - 2014-12-21 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eset 2014-12-21 17:48 - 2014-12-21 17:48 - 00000000 ____D () C:\ProgramData\ESET 2014-12-21 17:48 - 2014-12-21 17:48 - 00000000 ____D () C:\Program Files\ESET 2014-12-21 03:56 - 2014-12-21 03:56 - 00001425 _____ () C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-12-21 03:55 - 2014-12-21 03:55 - 00000020 ___SH () C:\Users\MG\ntuser.ini 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Public\Documents\Moje wideo 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Public\Documents\Moje obrazy 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Public\Documents\Moja muzyka 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\MG\Ustawienia lokalne 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\MG\Szablony 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\MG\Moje dokumenty 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\MG\Menu Start 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\MG\Documents\Moje wideo 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\MG\Documents\Moje obrazy 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\MG\Documents\Moja muzyka 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\MG\Dane aplikacji 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\MG\AppData\Local\Historia 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\MG\AppData\Local\Dane aplikacji 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default\Ustawienia lokalne 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default\Szablony 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default\Moje dokumenty 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default\Menu Start 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default\Documents\Moje wideo 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default\Documents\Moje obrazy 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default\Documents\Moja muzyka 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default\Dane aplikacji 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historia 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dane aplikacji 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje wideo 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje obrazy 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default User\Documents\Moja muzyka 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Historia 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dane aplikacji 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\ProgramData\Ulubione 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\ProgramData\Szablony 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\ProgramData\Pulpit 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\ProgramData\Menu Start 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\ProgramData\Dokumenty 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 _SHDL () C:\ProgramData\Dane aplikacji 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 __SHD () C:\Recovery 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 ____D () C:\Users\MG\AppData\Local\VirtualStore 2014-12-21 03:55 - 2014-12-21 03:55 - 00000000 ____D () C:\Users\MG 2014-12-21 03:55 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-12-21 03:55 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-12-20 21:25 - 2014-12-20 21:25 - 00000000 ____D () C:\ProgramData\USBChargerPlus 2014-12-20 21:25 - 2014-12-20 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-12-20 21:24 - 2014-12-22 03:06 - 00000000 ____D () C:\Program Files\Microsoft Works 2014-12-20 21:23 - 2014-12-20 21:23 - 00000000 ____D () C:\Windows\PCHEALTH 2014-12-20 21:23 - 2014-12-20 21:23 - 00000000 ____D () C:\Users\MG\AppData\Local\Apps\2.0 2014-12-20 21:23 - 2014-12-20 21:23 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 2014-12-20 21:21 - 2014-12-22 10:39 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-20 21:21 - 2014-12-22 10:21 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-12-20 21:21 - 2014-12-20 21:21 - 00000000 ____D () C:\Users\MG\AppData\Local\Microsoft Help 2014-12-20 21:19 - 2014-12-20 21:19 - 00000000 __RHD () C:\MSOCache 2014-12-20 21:08 - 2014-12-20 21:08 - 00000000 _____ () C:\Windows\ativpsrm.bin 2014-12-20 21:05 - 2014-12-22 05:35 - 00084512 _____ () C:\Users\MG\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-20 21:05 - 2014-12-20 21:05 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center 2014-12-20 21:05 - 2014-12-20 21:05 - 00000000 ____D () C:\Users\MG\AppData\Roaming\ATI 2014-12-20 21:05 - 2014-12-20 21:05 - 00000000 ____D () C:\Users\MG\AppData\Local\ATI 2014-12-20 21:05 - 2014-12-20 21:05 - 00000000 ____D () C:\Users\MG\AppData\Local\AMD 2014-12-20 21:05 - 2014-12-20 21:05 - 00000000 ____D () C:\ProgramData\ATI 2014-12-20 21:04 - 2014-12-20 21:23 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-12-20 21:04 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-12-20 21:04 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll 2014-12-20 21:04 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe 2014-12-20 21:04 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll 2014-12-20 21:04 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll 2014-12-20 21:02 - 2014-12-20 21:02 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies 2014-12-20 21:02 - 2014-12-20 21:02 - 00000000 ____D () C:\Program Files\AMD APP 2014-12-20 21:02 - 2010-11-29 09:50 - 00035968 ____R (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys 2014-12-20 21:01 - 2014-12-20 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center 2014-12-20 21:00 - 2014-12-20 21:00 - 00000000 ____D () C:\ProgramData\AMD 2014-12-20 21:00 - 2011-10-17 18:40 - 00085520 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW73.sys 2014-12-20 21:00 - 2010-02-18 09:18 - 00037944 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdiox86.sys 2014-12-20 20:59 - 2011-11-02 04:03 - 00198664 _____ () C:\Windows\system32\atiapfxx.blb 2014-12-20 20:59 - 2011-11-02 03:58 - 00466944 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll 2014-12-20 20:59 - 2011-11-02 03:10 - 00052736 _____ (AMD) C:\Windows\system32\coinst.dll 2014-12-20 20:59 - 2011-09-22 08:56 - 00035707 _____ () C:\Windows\atiogl.xml 2014-12-20 20:59 - 2011-03-17 18:51 - 00003929 _____ () C:\Windows\system32\atipblag.dat 2014-12-20 20:58 - 2014-12-20 21:01 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-12-20 20:58 - 2014-12-20 20:58 - 00000000 ____D () C:\Windows\system32\RTCOM 2014-12-20 20:58 - 2014-12-20 20:58 - 00000000 ____D () C:\Users\MG\AppData\Local\Downloaded Installations 2014-12-20 20:58 - 2014-12-20 20:58 - 00000000 ____D () C:\ProgramData\SonicFocus 2014-12-20 20:58 - 2014-12-20 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility 2014-12-20 20:58 - 2014-12-20 20:58 - 00000000 ____D () C:\Program Files\ATI 2014-12-20 20:57 - 2014-12-20 21:01 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-12-20 20:57 - 2014-12-20 21:01 - 00000000 ____D () C:\Program Files\Realtek 2014-12-20 20:57 - 2014-12-20 20:58 - 00000000 ___HD () C:\Program Files\Temp 2014-12-20 20:57 - 2014-12-20 20:57 - 00000000 ____D () C:\Program Files\Common Files\InstallShield 2014-12-20 20:57 - 2011-10-18 12:53 - 03546664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys 2014-12-20 20:57 - 2011-10-18 11:10 - 00083048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInst.dll 2014-12-20 20:57 - 2011-10-18 09:41 - 00150996 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-12-20 20:57 - 2011-10-18 06:47 - 01329768 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll 2014-12-20 20:57 - 2011-10-18 04:05 - 02276968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll 2014-12-20 20:57 - 2011-10-17 10:30 - 04238440 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll 2014-12-20 20:57 - 2011-10-14 06:43 - 01873920 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat 2014-12-20 20:57 - 2011-09-02 07:21 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll 2014-12-20 20:57 - 2011-09-02 07:21 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll 2014-12-20 20:57 - 2011-09-02 07:21 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll 2014-12-20 20:57 - 2011-08-31 12:12 - 01698408 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2014-12-20 20:57 - 2011-07-27 17:54 - 01836376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll 2014-12-20 20:57 - 2011-06-30 09:14 - 01497704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl 2014-12-20 20:57 - 2011-05-31 02:42 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll 2014-12-20 20:57 - 2011-05-31 02:42 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll 2014-12-20 20:57 - 2011-05-31 02:42 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll 2014-12-20 20:57 - 2011-05-31 02:42 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll 2014-12-20 20:57 - 2011-05-31 02:42 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll 2014-12-20 20:57 - 2011-05-31 02:42 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll 2014-12-20 20:57 - 2011-05-31 02:42 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll 2014-12-20 20:57 - 2011-05-31 02:42 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll 2014-12-20 20:57 - 2011-05-31 02:42 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll 2014-12-20 20:57 - 2011-05-31 02:42 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll 2014-12-20 20:57 - 2011-05-05 08:24 - 01740352 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll 2014-12-20 20:57 - 2010-11-08 00:31 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll 2014-12-20 20:57 - 2010-11-08 00:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll 2014-12-20 20:57 - 2010-11-08 00:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll 2014-12-20 20:57 - 2010-11-08 00:31 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll 2014-12-20 20:57 - 2010-11-08 00:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll 2014-12-20 20:57 - 2010-11-08 00:31 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll 2014-12-20 20:57 - 2010-09-27 02:34 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-12-20 20:57 - 2010-07-22 09:37 - 00175200 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll 2014-12-20 20:57 - 2010-07-11 14:27 - 00214352 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXProc.dll 2014-12-20 20:57 - 2010-07-11 14:27 - 00078672 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXComm.dll 2014-12-20 20:57 - 2010-07-11 14:27 - 00074064 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXSAPO.dll 2014-12-20 20:57 - 2010-07-11 14:27 - 00074064 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXHAPO.dll 2014-12-20 20:57 - 2010-07-11 14:27 - 00074064 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXDAPO.dll 2014-12-20 20:57 - 2009-12-04 08:43 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll 2014-12-20 20:57 - 2009-11-24 02:55 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll 2014-12-20 20:57 - 2009-11-24 02:55 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll 2014-12-20 20:57 - 2009-11-24 02:55 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll 2014-12-20 20:57 - 2009-11-24 02:55 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll 2014-12-20 20:57 - 2009-11-18 11:42 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll 2014-12-20 20:57 - 2009-11-17 11:13 - 00096160 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll 2014-12-20 20:56 - 2014-12-20 20:58 - 00000000 ____D () C:\Program Files\ASUS 2014-12-20 20:56 - 2014-12-20 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus 2014-12-20 20:52 - 2014-12-22 10:51 - 01549212 _____ () C:\Windows\system32\PerfStringBackup.TMP 2014-12-20 20:40 - 2014-12-20 20:42 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-20 20:40 - 2014-11-27 16:40 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-12-20 20:38 - 2014-09-15 01:42 - 02377216 ____H (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-12-20 20:38 - 2011-04-09 07:13 - 03957632 ____H (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2014-12-20 20:38 - 2011-04-09 07:13 - 03901824 ____H (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-12-20 20:38 - 2011-04-09 06:56 - 00123904 ____H (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2014-12-20 20:38 - 2010-12-18 06:29 - 00541184 ____H (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-12-20 20:28 - 2014-11-24 14:04 - 00229000 ____H (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-12-20 20:25 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-12-20 20:25 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-12-20 20:25 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-12-20 20:25 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-12-20 20:25 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-12-20 20:25 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-12-20 20:25 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-12-20 20:25 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-12-20 20:25 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-12-20 19:58 - 2014-12-20 19:58 - 01523412 ____H () C:\Windows\system32\PerfStringBackup.INI 2014-12-20 18:48 - 2014-12-22 10:46 - 01284268 _____ () C:\Windows\WindowsUpdate.log 2014-12-20 18:47 - 2014-12-20 18:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-12-20 18:44 - 2014-12-21 22:31 - 00000000 ___HD () C:\Windows\Panther ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-22 10:53 - 2009-07-14 05:34 - 00015280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-22 10:53 - 2009-07-14 05:34 - 00015280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-22 10:45 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-22 10:07 - 2009-07-14 03:04 - 00000478 ____H () C:\Windows\win.ini 2014-12-22 05:51 - 2009-07-14 05:33 - 00336888 ____H () C:\Windows\system32\FNTCACHE.DAT 2014-12-22 03:06 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-12-21 23:18 - 2009-07-14 03:37 - 00000000 ___HD () C:\Windows\Microsoft.NET 2014-12-21 22:29 - 2009-07-14 05:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-12-21 22:09 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-12-21 19:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-12-21 03:56 - 2009-07-14 03:37 - 00000000 ___HD () C:\Windows\system32\LogFiles 2014-12-21 03:55 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default 2014-12-21 03:55 - 2009-07-14 03:37 - 00000000 ___HD () C:\Windows\system32\Recovery 2014-12-21 03:55 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Windows NT 2014-12-20 21:21 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System 2014-12-20 21:03 - 2009-07-14 03:37 - 00000000 ___HD () C:\Windows\system32\catroot2.bak 2014-12-20 20:45 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\Microsoft Games 2014-12-20 20:45 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-12-20 20:45 - 2009-07-14 03:37 - 00000000 ___HD () C:\Windows\system32\pl-PL 2014-12-20 20:24 - 2009-07-14 05:52 - 00000000 ___HD () C:\Windows\system32\restore 2014-12-20 19:58 - 2009-07-14 09:07 - 00687828 ____H () C:\Windows\system32\perfh015.dat 2014-12-20 19:58 - 2009-07-14 09:07 - 00131382 ____H () C:\Windows\system32\perfc015.dat 2014-12-20 18:43 - 2009-07-14 05:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2014-12-20 18:43 - 2009-07-14 05:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-21 19:21 ==================== End Of Log ============================