OTL logfile created on: 2014-12-26 04:25:55 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\grs\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17501) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,92 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 62,47% Memory free 5,83 Gb Paging File | 4,60 Gb Available in Paging File | 78,92% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 341,89 Gb Total Space | 313,67 Gb Free Space | 91,74% Space Free | Partition Type: NTFS Drive D: | 123,77 Gb Total Space | 123,68 Gb Free Space | 99,93% Space Free | Partition Type: NTFS Computer Name: GRS-KOMPUTER | User Name: grs | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-12-26 04:19:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\grs\Downloads\OTL.exe PRC - [2014-12-26 01:51:36 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Users\grs\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe PRC - [2014-11-18 21:23:36 | 001,519,808 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\bin\steamwebhelper.exe PRC - [2014-11-18 21:23:34 | 001,940,160 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe PRC - [2014-11-18 21:23:34 | 000,833,728 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe PRC - [2014-09-10 08:56:48 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2014-09-10 08:50:24 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2014-09-10 08:43:31 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2013-08-27 15:25:12 | 004,057,920 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\ASC.exe PRC - [2013-04-18 20:38:38 | 000,491,840 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe PRC - [2013-04-18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe PRC - [2011-02-14 11:52:24 | 001,738,024 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Drivers\Synaptics TouchPad Driver\ELAN\XP_X86\Setup.exe PRC - [2011-01-21 17:43:34 | 008,968,096 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe PRC - [2011-01-06 18:47:54 | 005,646,272 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe PRC - [2010-11-20 22:29:12 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe PRC - [2010-11-02 19:50:32 | 001,696,400 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Drivers\Synaptics TouchPad Driver\ELAN\Setup.exe PRC - [2009-07-14 02:14:24 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-12-26 02:11:40 | 001,545,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCEx\b3f460ee8763e099485cb30b9af557ab\MMCEx.ni.dll MOD - [2014-12-26 02:10:52 | 000,561,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\5226b41757b9adeaf2e8366923a285ac\Microsoft.ManagementConsole.ni.dll MOD - [2014-12-26 02:10:52 | 000,287,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\475081bcfcacbee098b812818cce78de\MMCFxCommon.ni.dll MOD - [2014-12-26 01:39:18 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll MOD - [2014-12-26 01:27:25 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll MOD - [2014-12-26 01:27:20 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll MOD - [2014-12-26 01:27:15 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll MOD - [2014-12-26 01:26:58 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll MOD - [2014-12-06 02:50:50 | 009,009,480 | ---- | M] () -- C:\Users\grs\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll MOD - [2014-12-06 02:50:46 | 001,077,064 | ---- | M] () -- C:\Users\grs\AppData\Local\Google\Chrome\Application\39.0.2171.95\libglesv2.dll MOD - [2014-12-06 02:50:45 | 000,211,272 | ---- | M] () -- C:\Users\grs\AppData\Local\Google\Chrome\Application\39.0.2171.95\libegl.dll MOD - [2014-12-06 02:50:44 | 001,677,128 | ---- | M] () -- C:\Users\grs\AppData\Local\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll MOD - [2014-11-18 21:23:50 | 002,227,904 | ---- | M] () -- C:\Program Files\Steam\video.dll MOD - [2014-11-18 21:23:34 | 000,690,880 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll MOD - [2014-11-11 19:48:12 | 001,171,456 | ---- | M] () -- C:\Program Files\Steam\libavcodec-56.dll MOD - [2014-11-11 19:48:12 | 000,485,888 | ---- | M] () -- C:\Program Files\Steam\libswscale-3.dll MOD - [2014-11-11 19:48:12 | 000,442,368 | ---- | M] () -- C:\Program Files\Steam\libavutil-54.dll MOD - [2014-11-11 19:48:12 | 000,403,968 | ---- | M] () -- C:\Program Files\Steam\libavformat-56.dll MOD - [2014-11-11 19:48:12 | 000,332,800 | ---- | M] () -- C:\Program Files\Steam\libavresample-2.dll MOD - [2014-11-11 19:48:04 | 034,589,888 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll MOD - [2014-11-11 19:48:02 | 000,837,824 | ---- | M] () -- C:\Program Files\Steam\bin\ffmpegsumo.dll MOD - [2014-11-11 19:47:56 | 000,774,656 | ---- | M] () -- C:\Program Files\Steam\SDL2.dll MOD - [2014-09-10 21:25:01 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\0483c93466914f3fbd5b44454b0c8a98\Accessibility.ni.dll MOD - [2014-09-10 21:24:38 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll MOD - [2014-09-10 08:45:14 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2013-06-17 16:30:08 | 001,233,728 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\Scan.dll MOD - [2013-01-15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\madexcept_.bpl MOD - [2013-01-15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\maddisAsm_.bpl MOD - [2013-01-15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\madbasic_.bpl MOD - [2013-01-15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\webres.dll MOD - [2013-01-15 18:47:50 | 000,517,440 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll MOD - [2013-01-15 18:47:02 | 000,143,168 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\ASCExtMenu.dll MOD - [2011-04-12 06:08:14 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MMCEx.resources\3.0.0.0_pl_31bf3856ad364e35\MMCEx.resources.dll MOD - [2011-04-12 06:08:10 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.ManagementConsole.resources\3.0.0.0_pl_31bf3856ad364e35\Microsoft.ManagementConsole.resources.dll MOD - [2011-03-25 12:28:22 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll MOD - [2008-12-20 03:20:50 | 000,063,304 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll MOD - [2008-12-20 03:20:08 | 000,051,016 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2014-12-26 01:48:12 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2014-11-18 21:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2014-09-10 08:53:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2014-01-29 23:12:30 | 000,279,000 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs) SRV - [2013-04-18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Disabled | Running] -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6) SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2014-09-10 08:52:15 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2014-09-10 08:52:15 | 000,026,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2014-09-10 08:44:57 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt) DRV - [2014-09-10 08:44:57 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2013-09-30 14:06:00 | 000,029,912 | ---- | M] (IObit) [Kernel | Disabled | Stopped] -- C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys -- (IObitUnlocker) DRV - [2010-11-24 11:30:40 | 002,128,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2010-11-20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc) DRV - [2010-11-20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-10-25 19:44:36 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC) DRV - [2010-10-14 19:27:18 | 000,269,824 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) DRV - [2010-01-15 18:08:42 | 000,032,352 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LhdX86.sys -- (LHDmgr) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsoft.com/search/lobby/search.asp IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1575902675-2907110004-2948346364-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp IE - HKU\S-1-5-21-1575902675-2907110004-2948346364-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsoft.com/search/lobby/search.asp IE - HKU\S-1-5-21-1575902675-2907110004-2948346364-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com IE - HKU\S-1-5-21-1575902675-2907110004-2948346364-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp IE - HKU\S-1-5-21-1575902675-2907110004-2948346364-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl-PL IE - HKU\S-1-5-21-1575902675-2907110004-2948346364-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C4 EE 95 16 8D 20 D0 01 [binary data] IE - HKU\S-1-5-21-1575902675-2907110004-2948346364-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1575902675-2907110004-2948346364-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKU\S-1-5-21-1575902675-2907110004-2948346364-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\grs\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\grs\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) [color=#E56717]========== Chrome ==========[/color] CHR - plugin: Error reading preferences file CHR - Extension: No name found = C:\Users\grs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_1\ CHR - Extension: No name found = C:\Users\grs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_1\ CHR - Extension: No name found = C:\Users\grs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\ CHR - Extension: No name found = C:\Users\grs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\ CHR - Extension: No name found = C:\Users\grs\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\ CHR - Extension: No name found = C:\Users\grs\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_1\ CHR - Extension: No name found = C:\Users\grs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\ CHR - Extension: No name found = C:\Users\grs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_3\ O1 HOSTS File: ([2014-12-26 01:15:20 | 000,000,824 | --S- | M]) - C:\Windows\System32\drivers\etc\hosts O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4 - HKU\S-1-5-21-1575902675-2907110004-2948346364-1000..\Run: [Advanced SystemCare 6] C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe (IObit) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-1575902675-2907110004-2948346364-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A57F4D3B-0C3C-4F81-BBAE-DA5496BE1350}: DhcpNameServer = 192.168.1.1 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-12-26 03:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2014-12-26 03:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2014-12-26 03:40:23 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2014-12-26 03:34:41 | 000,000,000 | -HSD | C] -- C:\Users\grs\AppData\Local\EmieBrowserModeList [2014-12-26 02:54:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2014-12-26 02:50:43 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech [2014-12-26 02:49:58 | 000,000,000 | ---D | C] -- C:\Drivers [2014-12-26 01:52:13 | 000,000,000 | ---D | C] -- C:\Users\grs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2014-12-26 01:48:12 | 004,299,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014-12-26 01:48:12 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014-12-26 01:48:12 | 002,052,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014-12-26 01:48:12 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll [2014-12-26 01:48:12 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2014-12-26 01:48:12 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014-12-26 01:48:12 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2014-12-26 01:48:12 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe [2014-12-26 01:48:12 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll [2014-12-26 01:48:12 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014-12-26 01:48:12 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2014-12-26 01:48:12 | 000,342,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2014-12-26 01:48:12 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2014-12-26 01:48:12 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2014-12-26 01:48:12 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014-12-26 01:48:12 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe [2014-12-26 01:48:12 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll [2014-12-26 01:48:12 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2014-12-26 01:48:12 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [2014-12-26 01:48:12 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll [2014-12-26 01:48:12 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014-12-26 01:48:12 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2014-12-26 01:48:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll [2014-12-26 01:46:36 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\charmap.exe [2014-12-26 01:46:21 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2014-12-26 01:46:21 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2014-12-26 01:46:21 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2014-12-26 01:46:21 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2014-12-26 01:46:04 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2014-12-26 01:46:04 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll [2014-12-26 01:46:04 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe [2014-12-26 01:46:04 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe [2014-12-26 01:46:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll [2014-12-26 01:45:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2014-12-26 01:44:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2014-12-26 01:43:53 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll [2014-12-26 01:43:53 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll [2014-12-26 01:43:17 | 002,379,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2014-12-26 01:43:07 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2014-12-26 01:42:45 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll [2014-12-26 01:42:45 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll [2014-12-26 01:42:45 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll [2014-12-26 01:42:45 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll [2014-12-26 01:42:15 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL [2014-12-26 01:41:54 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2014-12-26 01:41:10 | 002,744,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll [2014-12-26 01:40:41 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll [2014-12-26 01:35:29 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2014-12-26 01:24:44 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll [2014-12-26 01:24:44 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll [2014-12-26 01:23:52 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2014-12-26 01:17:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2 [2014-12-26 01:11:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker [2014-12-26 01:04:27 | 000,000,000 | ---D | C] -- C:\Windows\tasks\TaskDisabled [2014-12-26 00:57:53 | 000,023,872 | ---- | C] (IObit) -- C:\Windows\System32\RegistryDefragBootTime.exe [2014-12-26 00:49:37 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} [2014-12-26 00:49:36 | 000,000,000 | ---D | C] -- C:\Users\grs\AppData\Roaming\Apple Computer [2014-12-26 00:49:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{BDDB56DE-AE4E-48A2-B856-FB60C8498453} [2014-12-26 00:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6 [2014-12-26 00:49:10 | 000,000,000 | ---D | C] -- C:\Users\grs\AppData\Roaming\IObit [2014-12-26 00:49:08 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2014-12-26 00:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2014-12-26 00:39:51 | 000,000,000 | ---D | C] -- C:\Users\grs\AppData\Local\Google [2014-12-25 23:02:41 | 000,000,000 | ---D | C] -- C:\Users\grs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo [2014-12-25 23:02:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lenovo [2014-12-25 23:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2014-12-25 22:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2014-12-25 22:56:09 | 000,269,824 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\drivers\IntcDAud.sys [2014-12-25 22:56:09 | 000,012,288 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\IntcDAuC.dll [2014-12-25 22:55:49 | 011,049,472 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll [2014-12-25 22:55:49 | 009,023,488 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll [2014-12-25 22:55:49 | 008,198,680 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\TVWSetup.exe [2014-12-25 22:55:49 | 000,575,488 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumdx32.dll [2014-12-25 22:55:49 | 000,313,344 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll [2014-12-25 22:55:49 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll [2014-12-25 22:55:49 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxCoIn_v2342.dll [2014-12-25 22:55:49 | 000,059,904 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll [2014-12-25 11:44:14 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll [2014-12-25 11:44:14 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2014-12-25 11:44:00 | 000,000,000 | ---D | C] -- C:\Intel [2014-12-25 11:43:11 | 000,000,000 | -HSD | C] -- C:\Users\grs\AppData\Local\EmieUserList [2014-12-25 11:43:11 | 000,000,000 | -HSD | C] -- C:\Users\grs\AppData\Local\EmieSiteList [2014-12-25 11:42:17 | 002,128,384 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys [2014-12-25 11:42:17 | 002,128,384 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys [2014-12-25 11:42:17 | 000,000,000 | ---D | C] -- C:\Windows\Options [2014-12-25 11:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros [2014-12-25 11:42:14 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2014-12-25 11:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros [2014-12-25 11:41:51 | 000,000,000 | ---D | C] -- C:\Users\grs\AppData\Roaming\InstallShield [2014-12-25 02:09:07 | 000,000,000 | R--D | C] -- C:\Users\grs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2014-12-25 02:09:07 | 000,000,000 | R--D | C] -- C:\Users\grs\Searches [2014-12-25 02:09:07 | 000,000,000 | R--D | C] -- C:\Users\grs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2014-12-25 02:08:58 | 000,000,000 | ---D | C] -- C:\Users\grs\AppData\Roaming\Identities [2014-12-25 02:08:56 | 000,000,000 | R--D | C] -- C:\Users\grs\Contacts [2014-12-25 02:08:51 | 000,000,000 | ---D | C] -- C:\Users\grs\AppData\Roaming\Adobe [2014-12-25 02:08:49 | 000,000,000 | ---D | C] -- C:\Users\grs\AppData\Local\VirtualStore [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\Ustawienia lokalne [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\AppData\Local\Temporary Internet Files [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\Szablony [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\SendTo [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\Recent [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\PrintHood [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\NetHood [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\Documents\Moje wideo [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\Documents\Moje obrazy [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\Moje dokumenty [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\Documents\Moja muzyka [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\Menu Start [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\AppData\Local\Historia [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\Dane aplikacji [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\AppData\Local\Dane aplikacji [2014-12-25 02:08:46 | 000,000,000 | -HSD | C] -- C:\Users\grs\Cookies [2014-12-25 02:08:44 | 000,000,000 | --SD | C] -- C:\Users\grs\AppData\Roaming\Microsoft [2014-12-25 02:08:44 | 000,000,000 | R--D | C] -- C:\Users\grs\Videos [2014-12-25 02:08:44 | 000,000,000 | R--D | C] -- C:\Users\grs\Saved Games [2014-12-25 02:08:44 | 000,000,000 | R--D | C] -- C:\Users\grs\Pictures [2014-12-25 02:08:44 | 000,000,000 | R--D | C] -- C:\Users\grs\Music [2014-12-25 02:08:44 | 000,000,000 | R--D | C] -- C:\Users\grs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2014-12-25 02:08:44 | 000,000,000 | R--D | C] -- C:\Users\grs\Links [2014-12-25 02:08:44 | 000,000,000 | R--D | C] -- C:\Users\grs\Favorites [2014-12-25 02:08:44 | 000,000,000 | R--D | C] -- C:\Users\grs\Downloads [2014-12-25 02:08:44 | 000,000,000 | R--D | C] -- C:\Users\grs\Documents [2014-12-25 02:08:44 | 000,000,000 | R--D | C] -- C:\Users\grs\Desktop [2014-12-25 02:08:44 | 000,000,000 | R--D | C] -- C:\Users\grs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2014-12-25 02:08:44 | 000,000,000 | -H-D | C] -- C:\Users\grs\AppData [2014-12-25 02:08:44 | 000,000,000 | ---D | C] -- C:\Users\grs\AppData\Local\Temp [2014-12-25 02:08:44 | 000,000,000 | ---D | C] -- C:\Users\grs\AppData\Local\Microsoft [2014-12-25 02:08:44 | 000,000,000 | ---D | C] -- C:\Users\grs\AppData\Roaming\Media Center Programs [2014-12-25 02:08:38 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2014-12-25 02:08:38 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2014-12-25 02:08:38 | 000,000,000 | -HSD | C] -- C:\Recovery [2014-12-25 02:08:38 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2014-12-25 02:08:38 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2014-12-25 02:08:38 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2014-12-25 02:08:38 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2014-12-25 02:08:38 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2014-12-25 02:08:38 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2014-12-25 02:08:38 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2014-12-24 23:57:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2014-12-24 23:55:14 | 000,000,000 | ---D | C] -- C:\Windows\CSC [2014-12-24 23:54:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2014-12-24 23:53:47 | 000,000,000 | -HSD | C] -- C:\Boot [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-12-26 04:29:17 | 001,572,864 | -HS- | M] () -- C:\Users\grs\NTUSER.DAT [2014-12-26 04:08:00 | 000,000,213 | ---- | M] () -- C:\Users\grs\Desktop\Counter-Strike Global Offensive.url [2014-12-26 04:00:53 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2014-12-26 03:56:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1575902675-2907110004-2948346364-1000UA.job [2014-12-26 02:51:11 | 000,031,088 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-12-26 02:51:11 | 000,031,088 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-12-26 02:48:58 | 001,668,226 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2014-12-26 02:48:58 | 000,739,932 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-12-26 02:48:58 | 000,653,724 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-12-26 02:48:58 | 000,155,474 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-12-26 02:48:58 | 000,121,596 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-12-26 02:44:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2014-12-26 02:44:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-12-26 02:44:00 | 2349,969,408 | -HS- | M] () -- C:\hiberfil.sys [2014-12-26 02:42:10 | 000,226,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2014-12-26 02:41:02 | 001,660,246 | -H-- | M] () -- C:\Users\grs\AppData\Local\IconCache.db [2014-12-26 01:56:00 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1575902675-2907110004-2948346364-1000Core.job [2014-12-26 01:52:13 | 000,002,368 | ---- | M] () -- C:\Users\grs\Desktop\Google Chrome.lnk [2014-12-26 01:48:12 | 004,299,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014-12-26 01:48:12 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014-12-26 01:48:12 | 002,052,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014-12-26 01:48:12 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll [2014-12-26 01:48:12 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2014-12-26 01:48:12 | 000,688,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014-12-26 01:48:12 | 000,684,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2014-12-26 01:48:12 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe [2014-12-26 01:48:12 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll [2014-12-26 01:48:12 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014-12-26 01:48:12 | 000,418,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2014-12-26 01:48:12 | 000,342,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2014-12-26 01:48:12 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2014-12-26 01:48:12 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2014-12-26 01:48:12 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014-12-26 01:48:12 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe [2014-12-26 01:48:12 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll [2014-12-26 01:48:12 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2014-12-26 01:48:12 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [2014-12-26 01:48:12 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll [2014-12-26 01:48:12 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014-12-26 01:48:12 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2014-12-26 01:48:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll [2014-12-26 01:46:36 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\charmap.exe [2014-12-26 01:46:21 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2014-12-26 01:46:21 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2014-12-26 01:46:21 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2014-12-26 01:46:21 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2014-12-26 01:46:04 | 003,209,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2014-12-26 01:46:04 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll [2014-12-26 01:46:04 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe [2014-12-26 01:46:04 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe [2014-12-26 01:46:04 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll [2014-12-26 01:45:47 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2014-12-26 01:44:27 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2014-12-26 01:43:53 | 000,681,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll [2014-12-26 01:43:53 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll [2014-12-26 01:43:17 | 002,379,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2014-12-26 01:43:07 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2014-12-26 01:42:45 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll [2014-12-26 01:42:45 | 000,374,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll [2014-12-26 01:42:45 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll [2014-12-26 01:42:45 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll [2014-12-26 01:42:15 | 000,701,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL [2014-12-26 01:41:54 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2014-12-26 01:41:10 | 002,744,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll [2014-12-26 01:40:41 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll [2014-12-26 01:24:44 | 000,156,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll [2014-12-26 01:24:44 | 000,081,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll [2014-12-26 01:23:52 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2014-12-26 01:17:32 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk [2014-12-26 01:14:05 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest [2014-12-26 01:11:55 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\IObit Unlocker.lnk [2014-12-26 00:58:45 | 000,052,088 | ---- | M] () -- C:\Users\grs\AppData\Local\GDIPFONTCACHEV1.DAT [2014-12-26 00:53:43 | 000,622,592 | ---- | M] () -- C:\Users\grs\NTUSER.DAT.iobit [2014-12-26 00:49:34 | 000,001,238 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk [2014-12-26 00:49:34 | 000,001,187 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 6.lnk [2014-12-25 11:39:43 | 000,524,288 | -HS- | M] () -- C:\Users\grs\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2014-12-25 11:39:43 | 000,524,288 | -HS- | M] () -- C:\Users\grs\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2014-12-25 11:39:43 | 000,065,536 | -HS- | M] () -- C:\Users\grs\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2014-12-25 02:08:46 | 000,000,020 | -HS- | M] () -- C:\Users\grs\ntuser.ini [2014-12-24 23:58:31 | 000,185,589 | ---- | M] () -- C:\Windows\System32\license.rtf [2014-12-24 23:53:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-12-26 04:08:00 | 000,000,213 | ---- | C] () -- C:\Users\grs\Desktop\Counter-Strike Global Offensive.url [2014-12-26 03:40:23 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2014-12-26 01:52:13 | 000,002,368 | ---- | C] () -- C:\Users\grs\Desktop\Google Chrome.lnk [2014-12-26 01:51:38 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1575902675-2907110004-2948346364-1000UA.job [2014-12-26 01:51:37 | 000,000,998 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1575902675-2907110004-2948346364-1000Core.job [2014-12-26 01:17:32 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk [2014-12-26 01:11:55 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\IObit Unlocker.lnk [2014-12-26 00:53:43 | 000,622,592 | ---- | C] () -- C:\Users\grs\NTUSER.DAT.iobit [2014-12-26 00:49:34 | 000,001,238 | ---- | C] () -- C:\Users\Public\Desktop\Uninstaller.lnk [2014-12-26 00:49:34 | 000,001,187 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 6.lnk [2014-12-25 23:02:51 | 000,052,088 | ---- | C] () -- C:\Users\grs\AppData\Local\GDIPFONTCACHEV1.DAT [2014-12-25 22:55:49 | 000,963,116 | ---- | C] () -- C:\Windows\System32\igkrng600.bin [2014-12-25 22:55:49 | 000,216,876 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin [2014-12-25 22:55:49 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin [2014-12-25 22:55:49 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll [2014-12-25 11:42:17 | 000,401,774 | ---- | C] () -- C:\Windows\System32\netathr.inf [2014-12-25 11:42:17 | 000,061,456 | ---- | C] () -- C:\Windows\System32\athrext.cat [2014-12-25 11:39:40 | 001,660,246 | -H-- | C] () -- C:\Users\grs\AppData\Local\IconCache.db [2014-12-25 02:08:51 | 000,001,437 | ---- | C] () -- C:\Users\grs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2014-12-25 02:08:46 | 000,000,020 | -HS- | C] () -- C:\Users\grs\ntuser.ini [2014-12-25 02:08:45 | 000,524,288 | -HS- | C] () -- C:\Users\grs\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2014-12-25 02:08:45 | 000,524,288 | -HS- | C] () -- C:\Users\grs\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2014-12-25 02:08:45 | 000,065,536 | -HS- | C] () -- C:\Users\grs\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2014-12-25 02:08:44 | 001,572,864 | -HS- | C] () -- C:\Users\grs\NTUSER.DAT [2014-12-24 23:54:41 | 2349,969,408 | -HS- | C] () -- C:\hiberfil.sys [2014-12-24 23:53:49 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2014-12-24 23:53:47 | 000,383,786 | RHS- | C] () -- C:\bootmgr [2014-01-29 23:12:28 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin [2014-01-29 23:12:24 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [2014-01-29 23:12:16 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin [2014-01-29 23:12:16 | 000,077,312 | ---- | C] () -- C:\Windows\System32\igdde32.dll [2014-01-29 23:12:10 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-09-10 09:03:13 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2014-12-26 01:17:33 | 000,000,000 | ---D | M] -- C:\Users\grs\AppData\Roaming\IObit [color=#E56717]========== Purity Check ==========[/color] < End of report >