Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015 Ran by Mateusz (administrator) on MATEUSZ-64BIT on 10-05-2015 09:11:17 Running from C:\Users\Mateusz\Downloads Loaded Profiles: Mateusz (Available profiles: Mateusz) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe () C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Stardock) C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Stardock) C:\Program Files (x86)\Stardock\ObjectDock\Dock64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-04-30] (Avast Software s.r.o.) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-2064069574-1004657932-3654585524-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-03-16] (Glarysoft Ltd) HKU\S-1-5-21-2064069574-1004657932-3654585524-1000\...\MountPoints2: {b3f4c276-d6dd-11e4-b512-50465d6934d8} - F:\MonopolyPBInstall.exe HKU\S-1-5-21-2064069574-1004657932-3654585524-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-03-29] (Microsoft Corporation) Startup: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MouseServer.lnk [2015-04-04] ShortcutTarget: MouseServer.lnk -> C:\Program Files (x86)\MouseServer\MouseServer.exe (wifimouse.necta.us) Startup: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2015-03-29] ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-30] (Avast Software s.r.o.) BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2064069574-1004657932-3654585524-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-22] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-30] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-22] (Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-22] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-30] (Avast Software s.r.o.) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-22] (Oracle Corporation) Toolbar: HKU\S-1-5-21-2064069574-1004657932-3654585524-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\a383k4b2.default FF Homepage: onet.pl FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-22] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-22] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2064069574-1004657932-3654585524-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mateusz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS) FF user.js: detected! => C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\a383k4b2.default\user.js [2015-03-30] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Extension: Fast Start - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\a383k4b2.default\Extensions\quick_searchff@gmail.com [2015-04-25] FF Extension: Search Enginer - C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\a383k4b2.default\Extensions\sweetsearch@gmail.com [2015-04-25] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-30] Chrome: ======= CHR HomePage: Default -> hxxp://www.youtube.com/ CHR StartupUrls: Default -> "hxxp://www.youtube.com/feed/subscriptions/u" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-29] CHR Extension: (Angry Birds) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-03-29] CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2015-03-29] CHR Extension: (Google Drive) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-29] CHR Extension: (Weather (extension)) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2015-03-29] CHR Extension: (Powiadamiacz - livegamers.pl) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blojjjemmihkcekedgokfhckimmjiicd [2015-03-29] CHR Extension: (YouTube) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-29] CHR Extension: (Pool) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb [2015-03-29] CHR Extension: (Google Search) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-29] CHR Extension: (faces.im: a facebook messenger for chrome) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddfbfhabcagnmjekibikpdacoalbmgbl [2015-04-01] CHR Extension: (Avast SafePrice) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-05-05] CHR Extension: (Chrome Remote Desktop) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-03-29] CHR Extension: (AdBlock) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-29] CHR Extension: (Bookmark Manager) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22] CHR Extension: (Avast Online Security) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-30] CHR Extension: (goo.gl URL Shortener) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2015-03-29] CHR Extension: (Extensity) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmflmamggggndanpgfnpelongoepncg [2015-03-29] CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2015-03-29] CHR Extension: (Advanced start page) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhlflcpjmbmnhfehipheboagibdjgmog [2015-03-29] CHR Extension: (Awesome New Tab Page) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg [2015-03-29] CHR Extension: (Ghostery) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-03-29] CHR Extension: (Google Wallet) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-29] CHR Extension: (Hover Zoom) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-03-29] CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-03-29] CHR Extension: (Gmail) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-30] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-30] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-30] (Avast Software s.r.o.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-04-15] (EasyAntiCheat Ltd) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2015-04-06] (Intel Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.) R2 MoboroboDeviceService; C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [70440 2013-02-27] () S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-13] (Electronic Arts) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-30] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-30] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-30] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-30] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-30] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-30] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-30] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-30] () R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-30] (Disc Soft Ltd) S3 FT38E1; C:\Windows\System32\DRIVERS\FT38E1.sys [12592 2008-09-01] () [File not signed] S3 FT38E1; C:\Windows\SysWOW64\DRIVERS\FT38E1.sys [10416 2008-09-01] () [File not signed] R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-09] (Glarysoft Ltd) S3 GWHid; C:\Windows\System32\DRIVERS\GWHid.sys [22576 2008-09-01] (Microsoft Corporation) [File not signed] S3 GWHid; C:\Windows\SysWOW64\DRIVERS\GWHid.sys [18992 2008-09-01] (Microsoft Corporation) [File not signed] S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-10 09:11 - 2015-05-10 09:11 - 00020314 _____ () C:\Users\Mateusz\Downloads\FRST.txt 2015-05-10 09:10 - 2015-05-10 09:11 - 00000000 ____D () C:\FRST 2015-05-10 09:10 - 2015-05-10 09:10 - 02102784 _____ (Farbar) C:\Users\Mateusz\Downloads\FRST64.exe 2015-05-10 08:56 - 2015-05-10 08:56 - 00010190 _____ () C:\Users\Mateusz\AppData\Local\recently-used.xbel 2015-05-09 20:38 - 2015-05-09 20:51 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\TEdit 2015-05-09 20:38 - 2015-05-09 20:38 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\TEditXna 2015-05-09 20:38 - 2015-05-09 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TEdit 2015-05-09 20:38 - 2015-05-09 20:38 - 00000000 ____D () C:\Program Files (x86)\TEdit 2015-05-09 20:37 - 2015-05-09 20:37 - 01167419 _____ () C:\Users\Mateusz\Downloads\TEdit3Installer_3.5.14228.27.zip 2015-05-09 18:59 - 2015-05-09 18:59 - 00000138 _____ () C:\Users\Mateusz\Downloads\trax.pls 2015-05-09 18:59 - 2015-05-09 18:59 - 00000138 _____ () C:\Users\Mateusz\Downloads\trax (1).pls 2015-05-09 13:55 - 2015-05-09 13:55 - 00000576 _____ () C:\Windows\PFRO.log 2015-05-09 11:31 - 2015-05-09 11:31 - 07403840 _____ () C:\Users\Mateusz\Downloads\MyPhoneExplorer_Setup_1.8.6.exe 2015-05-09 11:29 - 2015-05-09 11:29 - 00741672 _____ (Web software ) C:\Users\Mateusz\Downloads\MyPhoneExplorer(12937)-dp.exe 2015-05-09 11:23 - 2015-05-09 11:23 - 00005981 _____ () C:\Users\Mateusz\Documents\KONTAKTY.csv 2015-05-09 11:17 - 2015-05-09 11:18 - 00000000 ____D () C:\Users\Mateusz\Documents\moborobo 2015-05-09 11:17 - 2015-05-09 11:18 - 00000000 ____D () C:\Program Files (x86)\Moborobo 2015-05-09 11:17 - 2015-05-09 11:17 - 00000000 ____D () C:\ProgramData\Moborobo 2015-05-09 11:17 - 2015-05-09 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moborobo 2015-05-09 11:17 - 2013-02-27 15:57 - 00012072 _____ () C:\Windows\SysWOW64\Drivers\MoborobAssDriver64.sys 2015-05-09 11:14 - 2015-05-09 11:14 - 21414096 _____ (Moborobo Inc. ) C:\Users\Mateusz\Downloads\moborobo-42738-59404-1771382.exe 2015-05-09 11:07 - 2015-05-09 11:24 - 00021914 _____ () C:\Users\Mateusz\AppData\Roaming\Wartości oddzielone przecinkami.ADR 2015-05-09 10:06 - 2015-05-09 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone 2015-05-09 10:06 - 2015-05-09 10:06 - 00000000 ____D () C:\ProgramData\Applications 2015-05-09 10:06 - 2015-05-09 10:06 - 00000000 ____D () C:\Program Files (x86)\Windows Phone 2015-05-09 10:05 - 2015-05-09 10:06 - 06745792 _____ (Microsoft Corporation) C:\Users\Mateusz\Downloads\WindowsPhone.exe 2015-05-09 09:58 - 2015-05-09 09:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2015-05-09 09:55 - 2015-05-10 08:53 - 00004994 _____ () C:\Windows\setupact.log 2015-05-09 09:55 - 2015-05-09 09:55 - 00000000 _____ () C:\Windows\setuperr.log 2015-05-09 09:53 - 2015-05-09 09:53 - 00000000 ____D () C:\ProgramData\Samsung 2015-05-09 09:53 - 2015-05-09 09:53 - 00000000 ____D () C:\Program Files\SAMSUNG 2015-05-09 09:50 - 2015-05-09 09:58 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\Wandoujia2 2015-05-09 09:50 - 2015-05-09 09:53 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\WandoujiaUsbDriver 2015-05-09 09:50 - 2015-05-09 09:50 - 33149232 _____ (Wandou Labs) C:\Users\Mateusz\Downloads\SnapPea-snappea.exe 2015-05-09 09:50 - 2015-05-09 09:50 - 00000000 ____D () C:\Users\Mateusz\.android 2015-05-09 09:50 - 2015-05-09 09:50 - 00000000 ____D () C:\SnapPea 2015-05-09 09:48 - 2015-05-09 09:48 - 00741672 _____ (Web software ) C:\Users\Mateusz\Downloads\SnapPea(51387)-dp.exe 2015-05-09 09:42 - 2015-05-09 11:45 - 00000000 ____D () C:\Users\Mateusz\Documents\Pliki programu Outlook 2015-05-09 09:40 - 2015-05-09 18:59 - 00001024 _____ () C:\Users\Mateusz\Documents\RADIA.aimppl 2015-05-09 09:30 - 2015-05-09 09:30 - 00000302 _____ () C:\Users\Mateusz\Downloads\aac_eurowizja.pls 2015-05-09 09:23 - 2015-05-09 09:23 - 00000056 _____ () C:\Users\Mateusz\Downloads\stream.pls 2015-05-09 09:21 - 2015-05-09 19:06 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\AIMP3 2015-05-09 09:21 - 2015-05-09 09:21 - 00000000 ____D () C:\Program Files (x86)\AIMP3 2015-05-09 09:11 - 2015-05-09 09:11 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{F663FBB1-097E-4859-9FCB-63F19CD7BA22} 2015-05-09 08:51 - 2015-05-09 08:51 - 00000000 ____D () C:\ProgramData\GlarySoft 2015-05-09 08:48 - 2015-05-10 08:55 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5 2015-05-09 08:48 - 2015-05-10 08:54 - 00000334 _____ () C:\Windows\Tasks\GlaryInitialize 5.job 2015-05-09 08:48 - 2015-05-09 08:48 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys 2015-05-09 08:48 - 2015-05-09 08:48 - 00002986 _____ () C:\Windows\System32\Tasks\GU5SkipUAC 2015-05-09 08:48 - 2015-05-09 08:48 - 00002644 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5 2015-05-09 08:48 - 2015-05-09 08:48 - 00001096 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2015-05-09 08:48 - 2015-05-09 08:48 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\GlarySoft 2015-05-09 08:48 - 2015-05-09 08:48 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\DiskDefrag 2015-05-09 08:48 - 2015-05-09 08:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2015-05-08 16:24 - 2015-05-08 16:25 - 04082881 _____ () C:\Users\Mateusz\Downloads\TD-W8960N_V1_V3_111108.zip 2015-05-08 16:22 - 2015-05-08 16:23 - 09700587 _____ () C:\Users\Mateusz\Downloads\Easy Setup Assistant 8960N.zip 2015-05-07 20:36 - 2015-05-07 20:36 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{EFED833A-B7DB-4946-84A8-38D6B99E9467} 2015-05-07 14:35 - 2015-05-07 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2015-05-07 14:35 - 2015-05-07 14:35 - 00000000 ____D () C:\ProgramData\Ashampoo 2015-05-07 14:35 - 2015-05-07 14:35 - 00000000 ____D () C:\Program Files (x86)\Ashampoo 2015-05-07 14:27 - 2015-05-07 14:27 - 00000125 _____ () C:\Users\Mateusz\AppData\Roaming\burnaware.ini 2015-05-07 14:26 - 2015-05-07 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Premium 2015-05-07 14:26 - 2015-05-07 14:26 - 00000000 ____D () C:\Program Files (x86)\BurnAware Premium 2015-05-07 14:25 - 2015-05-07 14:25 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\AMS Software 2015-05-07 14:25 - 2015-05-07 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartSHOW 2015-05-07 14:25 - 2015-05-07 14:25 - 00000000 ____D () C:\Program Files (x86)\SmartSHOW 2015-05-06 15:13 - 2015-05-06 15:13 - 354320384 _____ () C:\ul.F6C43F03.SLES_552.78.04 2015-05-06 15:13 - 2015-05-06 15:13 - 1073741824 _____ () C:\ul.F6C43F03.SLES_552.78.03 2015-05-06 15:12 - 2015-05-06 15:13 - 1073741824 _____ () C:\ul.F6C43F03.SLES_552.78.02 2015-05-06 15:11 - 2015-05-06 15:12 - 1073741824 _____ () C:\ul.F6C43F03.SLES_552.78.01 2015-05-06 15:11 - 2015-05-06 15:11 - 1073741824 _____ () C:\ul.F6C43F03.SLES_552.78.00 2015-05-06 14:49 - 2015-05-06 14:49 - 00000000 ____D () C:\Users\Mateusz\Documents\TikGames 2015-05-06 14:48 - 2015-05-06 14:48 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll 2015-05-06 14:48 - 2015-05-06 14:48 - 00000000 __RHD () C:\Users\Mateusz\AppData\Roaming\SecuROM 2015-05-06 14:47 - 2015-05-06 14:47 - 00000000 ____D () C:\Program Files (x86)\Hasbro 2015-05-06 14:41 - 2015-05-06 14:41 - 05555227 _____ () C:\Users\Mateusz\Downloads\MONOPOLY.BPB.V1.0.ENG.THEDARKSEED.NOCD.ZIP 2015-05-06 14:33 - 2015-05-06 14:33 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dream Tale - The Golden Keys 2015-05-06 14:31 - 2015-05-06 14:31 - 00000000 ____D () C:\Program Files (x86)\Foxy Games 2015-05-06 14:03 - 2015-05-06 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy File Undelete 2015-05-06 14:03 - 2015-05-06 14:03 - 00000000 ____D () C:\Program Files (x86)\MunSoft 2015-05-06 14:02 - 2015-05-06 14:02 - 17404567 _____ () C:\Users\Mateusz\Downloads\Easy File Undelete 3.0.zip 2015-05-06 14:01 - 2015-05-06 14:02 - 00686504 _____ (Application Program web ) C:\Users\Mateusz\Downloads\Easy File Undelete 3.0.exe 2015-05-06 08:26 - 2015-05-06 08:26 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{F18D3845-3F54-4EB1-A1F4-D9056D70D219} 2015-05-05 20:30 - 2015-05-05 20:30 - 00005808 _____ () C:\Users\Mateusz\Downloads\Monopoly_[ENG]_[ exe][Torrenty.org].torrent 2015-05-05 20:23 - 2015-05-05 20:23 - 00021168 _____ () C:\Users\Mateusz\Downloads\Monopoly_[ENG]_[portable][Torrenty.org].torrent 2015-05-05 20:21 - 2015-05-05 20:21 - 00016345 _____ () C:\Users\Mateusz\Downloads\Monopoly _Here_ _Now_Worldwide_Edition_[ENG]_[PAL][Torrenty.org].torrent 2015-05-05 20:21 - 2015-05-05 20:21 - 00014813 _____ () C:\Users\Mateusz\Downloads\Monopoly_2012_[ENG][Torrenty.org].torrent 2015-05-05 20:12 - 2015-05-05 20:12 - 00032587 _____ () C:\Users\Mateusz\Downloads\Monopoly 3 - DEViANCE.torrent 2015-05-05 19:52 - 2015-05-05 19:52 - 00696574 _____ () C:\Users\Mateusz\Downloads\Monopoly [GRA PO POLSKU!].rar 2015-05-05 19:52 - 2015-05-05 19:52 - 00237568 _____ (Big Fish Games) C:\Users\Mateusz\Downloads\monopoly_s1_l1_gF7382T1L1_d2462315560.exe 2015-05-05 19:15 - 2015-05-05 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multiplayer Monopoly Online Game 2015-05-05 19:15 - 2015-05-05 19:15 - 00000000 ____D () C:\Program Files (x86)\Monopoly Online 2015-05-05 19:14 - 2015-05-05 19:14 - 06339072 _____ () C:\Users\Mateusz\Downloads\psmonopoly-setup.msi 2015-05-05 18:07 - 2015-05-05 18:08 - 00000000 ____D () C:\Users\Mateusz\Downloads\Terraria1241Mod_v206 2015-05-05 16:57 - 2015-05-05 16:57 - 07942144 _____ (ChbShoot.me) C:\Users\Mateusz\Downloads\TerrariaInvEdit.572.exe 2015-05-05 16:53 - 2015-05-05 16:53 - 00000000 ____D () C:\Users\Mateusz\Downloads\Monopoly (USA) (En,Fr) 2015-05-05 16:25 - 2015-05-05 16:34 - 535430542 _____ () C:\Users\Mateusz\Downloads\Monopoly (USA) (En,Fr).7z 2015-05-03 20:57 - 2015-05-03 20:57 - 00015093 _____ () C:\Users\Mateusz\Downloads\Noc w muzeum Tajemnica grobowca - Night At The Museum Secret Of The Tomb 2014 [BRRip XviD-KiT][Dubbing PL][Torrenty.org].torrent 2015-05-03 14:57 - 2015-05-03 14:57 - 00507333 _____ () C:\Users\Mateusz\Downloads\Not-Enough-Items-1.7.10.jar 2015-05-03 14:30 - 2015-05-03 14:30 - 00019646 _____ () C:\Users\Mateusz\Downloads\Noc w muzeum Tajemnica grobowca - Night at the Museum Secret of the Tomb 2014 [1080p BDrip XviD DD5 1-MAXX] [Dubbing PL][Torrenty.org].torrent 2015-05-03 14:16 - 2015-05-03 14:16 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{1A348A98-8D80-48A0-98CF-593E52371E3B} 2015-05-03 10:41 - 2015-05-03 10:41 - 00080461 _____ () C:\Users\Mateusz\Downloads\Eureka-1.7.10-3.0.2.jar 2015-05-03 10:34 - 2015-05-03 10:34 - 00025806 _____ () C:\Users\Mateusz\Downloads\Eureka-1.7.10-1.0.jar 2015-05-03 10:33 - 2015-05-03 10:33 - 00083487 _____ () C:\Users\Mateusz\Downloads\Lucky-Block-Mod-1.7.10.jar 2015-05-03 10:31 - 2015-05-03 10:31 - 00965979 _____ () C:\Users\Mateusz\Downloads\BuildcraftAdditions-1.7.10-2.1.3 (1).jar 2015-05-02 19:52 - 2015-05-02 19:52 - 00965979 _____ () C:\Users\Mateusz\Downloads\BuildcraftAdditions-1.7.10-2.1.3.jar 2015-05-02 18:12 - 2015-05-02 18:12 - 02822620 _____ () C:\Users\Mateusz\Downloads\AMIDST-3.7.exe 2015-05-02 18:07 - 2015-05-02 18:07 - 07480917 _____ () C:\Users\Mateusz\Downloads\MillenaireServer6.0.0.zip 2015-05-02 18:07 - 2015-05-02 18:07 - 07438299 _____ () C:\Users\Mateusz\Downloads\Millenaire6.0.0.zip 2015-05-02 18:05 - 2015-05-02 18:05 - 00051621 _____ () C:\Users\Mateusz\Downloads\wotmody.pl-aimbot-shatyan-do konca maja.rar 2015-05-02 17:43 - 2015-05-02 17:43 - 01946768 _____ (jrsoftware.org ) C:\Users\Mateusz\Downloads\is.exe 2015-05-02 17:43 - 2015-05-02 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inno Setup 5 2015-05-02 17:43 - 2015-05-02 17:43 - 00000000 ____D () C:\Program Files (x86)\Inno Setup 5 2015-05-02 17:42 - 2015-05-02 17:42 - 00741672 _____ (Web software ) C:\Users\Mateusz\Downloads\Inno-Setup(12208)-dp.exe 2015-05-02 09:25 - 2015-05-02 09:25 - 00154319 _____ () C:\Users\Mateusz\Downloads\Render-Player-API-Core-1.7.10.zip 2015-05-02 09:22 - 2015-05-02 09:22 - 00601978 _____ () C:\Users\Mateusz\Downloads\Smart-Moving-Mod-1.7.10.zip 2015-05-02 09:22 - 2015-05-02 09:22 - 00371498 _____ () C:\Users\Mateusz\Downloads\Player-API-Core-1.7.10.zip 2015-05-01 18:45 - 2015-05-01 18:47 - 129457992 _____ (Intel Corporation) C:\Users\Mateusz\Downloads\win64_153335.exe 2015-05-01 17:49 - 2015-05-01 17:49 - 00314389 _____ () C:\Users\Mateusz\Downloads\WarfaceUniversal_[www.unknowncheats.me]_ (1).zip 2015-05-01 17:49 - 2015-05-01 17:49 - 00000000 ____D () C:\Users\Mateusz\Downloads\WarfaceUniversal_[www.unknowncheats.me]_ (1) 2015-05-01 16:17 - 2015-05-01 16:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA 2015-05-01 16:12 - 2015-05-01 16:12 - 01650616 _____ () C:\Users\Mateusz\Downloads\TerrariaServer1241Mod206.zip 2015-05-01 16:12 - 2015-05-01 16:12 - 01287564 _____ () C:\Users\Mateusz\Downloads\Terraria1241Mod_v206.zip 2015-05-01 16:12 - 2015-05-01 16:12 - 00000000 ____D () C:\Users\Mateusz\Downloads\Terraria 1.2.4.1 Fusionz Cracked 2015-05-01 16:09 - 2015-05-01 16:09 - 52432519 _____ () C:\Users\Mateusz\Downloads\Terraria 1.2.4.1 Fusionz Cracked.rar 2015-05-01 14:14 - 2015-05-01 14:14 - 04020224 _____ () C:\Users\Mateusz\Desktop\Plants Vs Zombies Trainer.EXE 2015-05-01 11:57 - 2015-05-01 11:57 - 00001276 _____ () C:\Users\Public\Desktop\SimCity™.lnk 2015-05-01 11:49 - 2015-05-01 11:49 - 00000000 ____D () C:\ProgramData\PopCap Games 2015-05-01 11:49 - 2015-05-01 11:49 - 00000000 ____D () C:\ProgramData\EA Core 2015-04-30 21:40 - 2015-05-09 21:02 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\screenSHU 2015-04-30 21:40 - 2015-04-30 21:40 - 00001053 _____ () C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\screenSHU.lnk 2015-04-30 21:40 - 2015-04-30 21:40 - 00001023 _____ () C:\Users\Mateusz\Desktop\screenSHU.lnk 2015-04-30 21:40 - 2015-04-30 21:40 - 00000000 ____D () C:\Program Files (x86)\screenSHU 2015-04-30 21:39 - 2015-04-30 21:40 - 08059407 _____ (screenSHU) C:\Users\Mateusz\Downloads\screenSHU-setup.exe 2015-04-30 17:40 - 2015-04-30 17:40 - 11090675 _____ () C:\Users\Mateusz\Downloads\GalacticraftCore-1.7-3.0.11.324.jar 2015-04-30 17:40 - 2015-04-30 17:40 - 03377523 _____ () C:\Users\Mateusz\Downloads\Galacticraft-Planets-1.7-3.0.11.324.jar 2015-04-30 17:40 - 2015-04-30 17:40 - 00060716 _____ () C:\Users\Mateusz\Downloads\MicdoodleCore-1.7-3.0.11.324.jar 2015-04-30 17:39 - 2015-04-30 17:39 - 06016840 _____ () C:\Users\Mateusz\Downloads\More-Planets-1.7.10-1.2.6.jar 2015-04-30 15:52 - 2015-05-09 08:43 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-04-30 15:52 - 2015-05-04 17:13 - 00000000 ____D () C:\Windows\System32\Tasks\AVAST Software 2015-04-30 15:52 - 2015-04-30 15:52 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys 2015-04-30 15:52 - 2015-04-30 15:52 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe 2015-04-30 15:52 - 2015-04-30 15:52 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-04-30 15:52 - 2015-04-30 15:52 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys 2015-04-30 15:52 - 2015-04-30 15:52 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys 2015-04-30 15:52 - 2015-04-30 15:52 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-04-30 15:52 - 2015-04-30 15:52 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-04-30 15:52 - 2015-04-30 15:52 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr 2015-04-30 15:52 - 2015-04-30 15:52 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-04-30 15:52 - 2015-04-30 15:52 - 00001922 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2015-04-30 15:52 - 2015-04-30 15:52 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\AVAST Software 2015-04-30 15:52 - 2015-04-30 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-04-30 15:52 - 2015-04-30 15:51 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys 2015-04-30 15:50 - 2015-04-30 15:50 - 00000000 ____D () C:\Program Files\AVAST Software 2015-04-30 15:49 - 2015-04-30 15:49 - 05481344 _____ (Avast Software s.r.o.) C:\Users\Mateusz\Downloads\avast_free_antivirus_setup_online_dobreprogramy.exe 2015-04-30 15:49 - 2015-04-30 15:49 - 00000000 ____D () C:\ProgramData\AVAST Software 2015-04-30 15:34 - 2015-04-30 15:34 - 01996112 _____ (BitTorrent Inc.) C:\Users\Mateusz\Desktop\uTorrent.exe 2015-04-30 15:21 - 2015-04-30 15:21 - 00046080 ___SH () C:\Users\Mateusz\AppData\Thumbs.db 2015-04-30 15:17 - 2015-04-30 15:17 - 01996112 _____ (BitTorrent Inc.) C:\Users\Mateusz\Downloads\uTorrent (1).exe 2015-04-30 15:03 - 2015-04-30 15:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf 2015-04-30 15:03 - 2015-04-30 15:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_GDKBB64_01007.Wdf 2015-04-30 15:03 - 2015-04-30 15:03 - 00000000 _____ () C:\Users\Mateusz\AppData\Roaming\gdfw.log 2015-04-30 15:02 - 2015-04-30 15:03 - 00000779 _____ () C:\Users\Mateusz\AppData\Roaming\gdscan.log 2015-04-30 15:01 - 2015-04-30 15:36 - 00000000 ____D () C:\ProgramData\G Data 2015-04-30 14:26 - 2015-04-30 14:33 - 513963888 _____ (G Data Software AG) C:\Users\Mateusz\Downloads\setup_tp.exe 2015-04-29 18:20 - 2015-04-29 18:20 - 00015026 _____ () C:\Users\Mateusz\Downloads\Pan Peabody i Sherman - Mr Peabody Sherman 2014 [BRRip XviD-XM][DUBBiNG PL][Torrenty.org].torrent 2015-04-29 08:14 - 2015-04-29 08:14 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{EFD1C585-5384-4F2D-B84D-711838B40C1D} 2015-04-28 19:00 - 2015-04-28 19:00 - 00051900 _____ () C:\Users\Mateusz\Downloads\aimbot do wot shatyan - wotmody.pl.rar 2015-04-28 18:59 - 2015-04-28 19:03 - 63693110 _____ (Aslain ) C:\Users\Mateusz\Downloads\Aslains_XVM_Mod_Installer_v.4.3.4_97.exe 2015-04-28 17:55 - 2015-04-28 17:55 - 00000000 ____D () C:\ProgramData\DeviceSync 2015-04-28 17:37 - 2015-04-28 17:37 - 00147335 _____ () C:\Users\Mateusz\Downloads\[www.OldSchoolHack.de]_WarfaceUniversal.zip 2015-04-28 17:37 - 2015-04-28 17:37 - 00000000 ____D () C:\Users\Mateusz\Downloads\[www.OldSchoolHack.de]_WarfaceUniversal 2015-04-28 17:30 - 2015-04-28 17:30 - 00000000 ____D () C:\Users\Mateusz\Downloads\WarfaceUniversal_[www.unknowncheats.me]_ 2015-04-27 20:47 - 2015-04-27 20:47 - 00155254 _____ () C:\Users\Mateusz\Downloads\WarfaceUniversal_[www.unknowncheats.me]_.zip 2015-04-27 19:59 - 2015-04-27 19:59 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\CrashRpt 2015-04-27 19:57 - 2015-05-02 22:14 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\wf-launcher 2015-04-27 19:57 - 2015-05-02 21:50 - 00000000 ____D () C:\ProgramData\GFACE 2015-04-26 16:58 - 2015-04-26 16:58 - 00043126 _____ () C:\Users\Mateusz\Downloads\aimbot shatyan 038 do konca kwietnia.rar 2015-04-26 14:38 - 2015-04-26 14:39 - 39313052 _____ (Aslain ) C:\Users\Mateusz\Downloads\Aslains_XVM_Mod_Installer_v.4.2.2_96.exe 2015-04-26 14:18 - 2015-04-26 14:18 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Wargaming.net 2015-04-26 11:45 - 2015-04-26 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundWire Server 2015-04-26 11:45 - 2015-04-26 11:45 - 00000000 ____D () C:\Program Files (x86)\SoundWire Server 2015-04-26 11:44 - 2015-04-26 11:45 - 01711094 _____ (GeorgieLabs ) C:\Users\Mateusz\Downloads\SoundWire_Server_setup7.exe 2015-04-26 10:09 - 2015-04-26 10:09 - 06169504 _____ (Wargaming.net ) C:\Users\Mateusz\Downloads\WoT_internet_install_eu.exe 2015-04-26 10:09 - 2015-04-26 10:09 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks 2015-04-25 22:24 - 2015-04-25 22:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-04-25 20:38 - 2015-04-25 20:38 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{731DBBDA-1E9F-4562-A0F9-9B8BC7E993B6} 2015-04-25 20:28 - 2015-04-25 20:35 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\istartsurf 2015-04-25 20:22 - 2015-04-25 20:22 - 00000000 ____D () C:\Users\Mateusz\Downloads\Manycam_crack_ 2015-04-25 12:08 - 2015-04-25 12:08 - 00000118 _____ () C:\Users\Mateusz\Downloads\t043-1.mp3.pls 2015-04-25 12:08 - 2015-04-25 12:08 - 00000118 _____ () C:\Users\Mateusz\Downloads\t043-1.aac.pls 2015-04-25 11:57 - 2015-04-25 11:57 - 00000000 _____ () C:\Users\Mateusz\Documents\radio.php 2015-04-23 20:20 - 2015-05-01 16:18 - 00000000 ____D () C:\Users\Mateusz\Documents\My Games 2015-04-23 20:09 - 2015-04-23 20:09 - 00546867 _____ () C:\Users\Mateusz\Downloads\drweb-1.00-android-toorchremover.apk 2015-04-23 17:56 - 2015-04-26 09:44 - 01401509 _____ () C:\Users\Mateusz\Downloads\android-netspoof-2.0.2.apk 2015-04-23 13:26 - 2015-04-23 13:26 - 00000000 ____D () C:\Spintires 2015-04-23 13:25 - 2015-04-23 13:25 - 00000000 ____D () C:\Users\Mateusz\Downloads\IGG-Spintires.Build.13.04.15.v1 2015-04-23 13:23 - 2015-04-23 13:24 - 426266993 _____ () C:\Users\Mateusz\Downloads\IGG-Spintires.Build.13.04.15.v1.rar 2015-04-22 21:32 - 2015-04-22 21:32 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{F91AF7D3-8381-4D9E-81AA-9ABC81E3AD60} 2015-04-22 17:50 - 2015-04-22 17:50 - 00006543 _____ () C:\Users\Mateusz\Documents\MamCie.html 2015-04-22 13:00 - 2015-04-22 13:00 - 00000000 ____D () C:\Users\Mateusz\Downloads\GrepolisBot2_v2.84.0.1 2015-04-22 11:59 - 2015-04-22 11:59 - 02463915 _____ () C:\Users\Mateusz\Downloads\GrepolisBot2_v2.84.0.1.zip 2015-04-22 11:26 - 2015-04-22 11:26 - 00000000 _____ () C:\Windows\SysWOW64\REN7129.tmp 2015-04-21 18:16 - 2015-04-21 18:16 - 00000140 _____ () C:\Users\Mateusz\Downloads\pomoc-biednym-ru-społecznyinvalida-zaplac.php 2015-04-21 11:36 - 2015-04-21 11:36 - 01088905 _____ (pendrivelinux.com) C:\Users\Mateusz\Downloads\Universal-USB-Installer-1.9.5.9.exe 2015-04-21 11:29 - 2015-04-21 11:29 - 00024265 _____ () C:\Users\Mateusz\Downloads\Triumfalna-Turkawka-14.04.1PL-DVD-i386.iso.torrent 2015-04-20 16:53 - 2015-04-20 16:53 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\pamm-atom 2015-04-20 16:53 - 2015-04-20 16:53 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Atom-Shell 2015-04-20 07:52 - 2015-04-20 07:52 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{26158575-5F18-4F63-A87A-1D0DB073BBE9} 2015-04-19 17:58 - 2015-04-19 17:58 - 35108798 _____ () C:\Users\Mateusz\Downloads\PAMM.msi 2015-04-19 17:56 - 2015-04-19 17:56 - 03779081 _____ () C:\Users\Mateusz\Downloads\com.pa.uber.client.commandertextures2048.imperial_invictus-2333ffb03f5b5f9e5b130f141c1d9aa3452ee760.zip 2015-04-19 17:55 - 2015-04-19 17:55 - 02283062 _____ () C:\Users\Mateusz\Downloads\com.pa.uber.client.commandertextures2048.quad_osiris-0e0b6ae5d1b41dbba4ab717f3e9672786c41bb1d.zip 2015-04-19 12:43 - 2015-04-19 12:43 - 00015253 _____ () C:\Users\Mateusz\Downloads\Wielka Szostka - Big Hero 6 2014 [BRRip] [XviD-KiT] [Dubbing PL][Torrenty.org].torrent 2015-04-19 09:55 - 2015-04-19 09:55 - 00017619 _____ () C:\Users\Mateusz\Downloads\[kickass.to]reassembly.v17.03.2015.windows.viruz.torrent 2015-04-18 14:40 - 2015-04-18 14:40 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\ABBYY 2015-04-18 14:37 - 2015-04-18 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12 2015-04-18 14:32 - 2015-04-18 14:40 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\ABBYY 2015-04-18 14:32 - 2015-04-18 14:40 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 12 2015-04-18 14:31 - 2015-04-18 14:31 - 00000000 ____D () C:\ProgramData\ABBYY 2015-04-18 14:27 - 2015-04-18 14:28 - 00000000 ____D () C:\Users\Mateusz\Downloads\GgmM 2015-04-18 14:26 - 2015-04-18 14:26 - 368451969 _____ () C:\Users\Mateusz\Downloads\FR12_Trial_PL.exe 2015-04-18 14:21 - 2015-04-18 14:21 - 00738232 _____ (Generic internet ) C:\Users\Mateusz\Downloads\ABBYY-FineReader-Professional(12711)-dp.exe 2015-04-18 13:30 - 2015-04-18 13:30 - 00000000 ____D () C:\Users\Mateusz\Documents\Niestandardowe szablony pakietu Office 2015-04-18 13:27 - 2015-04-18 13:31 - 00000000 ___RD () C:\Users\Mateusz\Documents\Expressivo Podcasts 2015-04-18 13:27 - 2015-04-18 13:27 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\IVONA_INST 2015-04-18 13:24 - 2015-04-18 13:24 - 41301843 _____ () C:\Users\Mateusz\Downloads\Expressivo_1.5.1(dobreprogramy.pl).exe 2015-04-18 13:23 - 2015-04-18 13:23 - 00738232 _____ (Generic internet ) C:\Users\Mateusz\Downloads\Expressivo(12840)-dp.exe 2015-04-18 10:47 - 2015-04-18 10:47 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\spacegame 2015-04-17 18:15 - 2015-04-17 18:15 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\LolClient 2015-04-17 08:22 - 2015-04-17 08:22 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{9101449D-39C0-4F39-BC28-1DBC94E16D4C} 2015-04-15 18:25 - 2015-04-15 18:10 - 00237864 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe 2015-04-15 18:11 - 2015-04-15 18:12 - 02863750 _____ () C:\Users\Mateusz\Downloads\CrystalDiskInfo6_3_2.zip 2015-04-15 15:44 - 2015-04-15 15:44 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\openvr 2015-04-15 15:08 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-04-15 15:08 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-04-15 15:08 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-04-15 15:08 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-04-15 15:08 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-04-15 15:08 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-04-15 15:08 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-04-15 15:08 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-04-15 15:08 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-04-15 15:08 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-04-15 15:08 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-04-15 15:08 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-04-15 15:08 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-04-15 15:08 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-04-15 15:08 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-04-15 15:08 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-04-15 15:08 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-04-15 15:08 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-04-15 15:08 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-04-15 15:08 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-04-15 15:08 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-04-15 15:08 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-04-15 15:08 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-04-15 15:08 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-04-15 15:08 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-04-15 15:08 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-04-15 15:08 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-04-15 15:08 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-04-15 15:08 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-04-15 15:08 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-04-15 15:07 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-04-15 15:07 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-04-15 15:07 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-04-15 15:07 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-04-15 15:07 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-04-15 15:07 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-04-15 15:07 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-04-15 15:07 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-04-15 15:07 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-04-15 15:07 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-04-15 15:07 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-04-15 15:07 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-04-15 15:07 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-04-15 15:07 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-04-15 15:07 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-04-15 15:07 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-04-15 15:07 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-04-15 15:07 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-04-15 15:07 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-04-15 15:07 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-04-15 15:07 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-04-15 15:07 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-04-15 15:07 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-04-15 15:07 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-04-15 15:07 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-04-15 15:07 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-04-15 15:07 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-04-15 15:07 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-04-15 15:07 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-04-15 15:07 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-04-15 15:07 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-04-15 15:07 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-04-15 15:07 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-04-15 15:07 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-04-15 15:07 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-04-15 15:07 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-04-15 15:07 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-04-15 15:07 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-04-15 15:07 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-04-15 15:07 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-04-15 15:07 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-04-15 15:07 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-04-15 15:07 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-04-15 15:07 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-04-15 15:07 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-04-15 15:07 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-04-15 15:07 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-04-15 15:07 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-04-15 15:07 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-04-15 15:07 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-04-15 15:07 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-04-15 15:07 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-04-15 15:07 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-04-15 15:07 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-04-15 15:07 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-04-15 15:07 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-04-15 15:07 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-04-15 15:07 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-04-15 15:07 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-04-15 15:07 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-04-15 15:07 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-04-15 15:07 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-04-15 15:07 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-04-15 15:07 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-04-15 15:07 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-04-15 15:07 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-04-15 15:07 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-04-15 15:07 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-04-15 15:07 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-04-15 15:07 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-04-15 15:07 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-04-15 15:07 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-04-15 15:07 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-04-15 15:07 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-04-15 15:07 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-04-15 15:07 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-04-15 15:07 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-04-15 15:07 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-04-15 15:07 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-04-15 15:07 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-04-15 15:07 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-04-15 15:07 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-04-15 15:07 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-04-15 15:07 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-04-15 15:07 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-04-15 15:07 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-04-15 15:07 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-04-15 15:07 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-04-15 15:07 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-04-15 15:07 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-04-15 15:07 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-04-15 15:07 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-04-15 15:07 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-04-15 15:07 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-04-15 15:07 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-04-15 15:07 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-04-15 15:07 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-04-15 15:05 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2015-04-15 15:05 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-04-15 15:05 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll 2015-04-14 18:58 - 2015-04-14 19:04 - 00000000 ____D () C:\Users\Mateusz\Downloads\nfsw_hack (1) 2015-04-14 18:55 - 2015-04-14 18:56 - 04544217 _____ () C:\Users\Mateusz\Downloads\nfsw_hack (1).rar 2015-04-14 08:23 - 2015-04-14 08:23 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{2617962E-54C3-49CB-8025-FBCBED259B8F} 2015-04-13 19:30 - 2015-04-13 19:30 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Macromedia 2015-04-13 19:25 - 2015-04-13 19:25 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Need for Speed World 2015-04-13 18:45 - 2015-04-13 18:45 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\Electronic_Arts_Inc 2015-04-13 18:36 - 2015-05-01 11:57 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2015-04-13 18:35 - 2015-05-01 11:11 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Origin 2015-04-13 18:35 - 2015-04-13 18:36 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\Origin 2015-04-13 18:32 - 2015-05-03 14:49 - 00000000 ____D () C:\ProgramData\Origin 2015-04-13 18:32 - 2015-05-01 11:49 - 00000000 ____D () C:\ProgramData\Electronic Arts 2015-04-13 18:32 - 2015-04-13 18:35 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-04-13 18:31 - 2015-04-13 18:32 - 17110336 _____ (Electronic Arts, Inc.) C:\Users\Mateusz\Downloads\OriginThinSetup.exe 2015-04-12 18:55 - 2015-04-12 18:55 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\{4F548556-02E3-4BA7-B294-89492358AC00} 2015-04-12 15:37 - 2015-04-12 15:43 - 170781011 _____ () C:\Users\Mateusz\Downloads\SafePack_Ultra_serwer_v1.1.zip 2015-04-12 15:37 - 2015-04-12 15:43 - 145420218 _____ () C:\Users\Mateusz\Downloads\SafePack_Ultra_v1.1.zip 2015-04-12 14:28 - 2015-04-12 14:28 - 00051064 _____ () C:\Users\Mateusz\Downloads\Dense-Ores-Mod-1.7.10.jar 2015-04-12 14:11 - 2015-04-12 14:12 - 00686636 _____ () C:\Users\Mateusz\Downloads\Steves-Factory-Manager-Mod-1.7.10.jar 2015-04-12 14:10 - 2015-04-12 14:10 - 00996826 _____ () C:\Users\Mateusz\Downloads\Skype Voice Changer 1.2.zip 2015-04-12 14:10 - 2015-04-12 14:10 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\StormFall 2015-04-12 14:08 - 2015-04-12 14:11 - 02531999 _____ () C:\Users\Mateusz\Downloads\Steves-Carts-2-Mod-1.7.10.jar 2015-04-12 14:08 - 2015-04-12 14:11 - 02531999 _____ () C:\Users\Mateusz\Downloads\Steves-Carts-2-Mod-1.7.10 (1).jar 2015-04-12 14:06 - 2015-04-12 14:06 - 00714472 _____ (Generic ) C:\Users\Mateusz\Downloads\Skype Voice Changer 1.2.exe 2015-04-11 21:29 - 2015-04-11 21:31 - 975800431 _____ () C:\Users\Mateusz\Downloads\Cliente Completo.rar 2015-04-11 20:02 - 2015-04-11 20:02 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\Uber Entertainment 2015-04-11 19:59 - 2015-04-18 10:46 - 00000000 ____D () C:\ProgramData\Package Cache 2015-04-11 19:21 - 2015-04-11 19:22 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\skyz 2015-04-11 19:21 - 2015-04-11 19:21 - 01177888 _____ () C:\Users\Mateusz\Downloads\Archimedes Ships Mod Installer 1.7.10.exe 2015-04-11 19:21 - 2015-04-11 19:21 - 00167936 _____ (ICSharpCode.net) C:\Users\Mateusz\Downloads\ICSharpCode.SharpZipLib1.dll 2015-04-11 18:09 - 2015-04-11 18:10 - 00207214 _____ () C:\Users\Mateusz\Downloads\iChun-Util-Mod-1.7.10.jar 2015-04-11 18:09 - 2015-04-11 18:09 - 01039596 _____ () C:\Users\Mateusz\Downloads\Morphing-Mod-1.7.10.jar 2015-04-11 18:08 - 2015-04-11 18:08 - 00398586 _____ () C:\Users\Mateusz\Downloads\GlibysVC-1.7.10-0.6.0.jar 2015-04-11 14:31 - 2015-04-11 14:31 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\SuperSplatters 2015-04-11 14:30 - 2015-04-11 14:30 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supper Splatters 1.0 2015-04-11 14:08 - 2015-04-11 14:08 - 00016763 _____ () C:\Users\Mateusz\Downloads\super.splatters.2013.pc_.eng_.torrent 2015-04-11 10:47 - 2015-04-11 10:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2015-04-11 10:47 - 2015-04-11 10:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf 2015-04-11 10:43 - 2015-04-11 10:44 - 05458238 _____ () C:\Users\Mateusz\Downloads\Sugar,Sugar v1.5.apk 2015-04-11 10:36 - 2015-05-06 14:57 - 00000000 ___RD () C:\Users\Mateusz\Desktop\  2015-04-11 10:24 - 2015-04-30 16:06 - 00000000 ___RD () C:\Users\Mateusz\Desktop\Tata i Mama kliknijcie to! 2015-04-10 16:33 - 2015-04-10 16:33 - 00000000 ___SH () C:\Users\Mateusz\AppData\Local\LumaEmu 2015-04-10 16:30 - 2015-04-10 16:30 - 00000000 ____D () C:\Users\Mateusz\Downloads\IGG-Reign.Of.Kings.Alpha.10 2015-04-10 16:28 - 2015-04-10 16:29 - 1038090240 _____ () C:\Users\Mateusz\Downloads\IGG-Reign.Of.Kings.Alpha.10.part1.rar 2015-04-10 16:14 - 2015-04-10 16:14 - 29657683 _____ () C:\Users\Mateusz\Downloads\IGG-Reign.Of.Kings.Alpha.10.part2.rar ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-10 09:02 - 2009-07-14 06:45 - 00017072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-10 09:02 - 2009-07-14 06:45 - 00017072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-10 09:00 - 2015-03-29 20:54 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-10 08:57 - 2015-03-29 20:24 - 02077883 _____ () C:\Windows\WindowsUpdate.log 2015-05-10 08:56 - 2015-04-02 11:55 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\gtk-2.0 2015-05-10 08:56 - 2015-03-31 17:58 - 00000000 ____D () C:\Users\Mateusz\.gimp-2.8 2015-05-10 08:55 - 2015-03-30 15:32 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\LogMeIn Hamachi 2015-05-10 08:54 - 2015-03-29 20:54 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-10 08:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-09 21:08 - 2015-03-29 21:53 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Skype 2015-05-09 19:27 - 2015-03-30 17:35 - 00000000 ____D () C:\Users\Mateusz\Downloads\powder-90.2-win32 2015-05-09 19:16 - 2015-03-29 21:58 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-05-09 14:01 - 2015-03-29 22:12 - 00000000 ___RD () C:\Users\Mateusz\Desktop\-= Narzędzia =- 2015-05-09 13:55 - 2009-07-14 06:45 - 00446096 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-09 11:18 - 2015-03-29 20:24 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\VirtualStore 2015-05-09 10:20 - 2015-03-29 21:09 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\Windows Live 2015-05-09 09:52 - 2015-03-29 20:54 - 00114360 _____ () C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT 2015-05-09 09:50 - 2015-03-29 20:24 - 00000000 ____D () C:\Users\Mateusz 2015-05-09 09:18 - 2015-04-01 14:33 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\SKIDROW 2015-05-09 09:18 - 2015-04-01 14:19 - 00000000 ____D () C:\Games 2015-05-06 15:13 - 2015-03-31 21:14 - 00000192 _____ () C:\ul.cfg 2015-05-06 15:11 - 2015-03-29 21:01 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\uTorrent 2015-05-06 14:47 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-05-06 14:43 - 2015-03-29 22:08 - 00000000 ___RD () C:\Users\Mateusz\Desktop\-= FILMY =- 2015-05-06 13:54 - 2015-03-29 21:40 - 00000000 ___RD () C:\Users\Mateusz\Desktop\-= Janisz =- 2015-05-06 13:52 - 2009-07-14 07:08 - 00032592 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-05-04 19:22 - 2015-03-30 15:01 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\HpUpdate 2015-05-03 15:01 - 2015-04-02 15:38 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\.minecraft 2015-05-01 18:55 - 2015-03-29 22:01 - 00000451 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-05-01 18:55 - 2015-03-29 20:41 - 00018308 _____ () C:\Windows\system32\results.xml 2015-05-01 18:51 - 2009-07-14 19:55 - 00740098 _____ () C:\Windows\system32\perfh015.dat 2015-05-01 18:51 - 2009-07-14 19:55 - 00155672 _____ () C:\Windows\system32\perfc015.dat 2015-05-01 18:51 - 2009-07-14 07:13 - 01669190 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-01 18:03 - 2015-03-30 16:58 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\CrashDumps 2015-05-01 14:31 - 2015-03-31 18:27 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\FileZilla 2015-05-01 10:00 - 2015-03-29 20:55 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-04-30 15:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup 2015-04-30 15:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe 2015-04-30 15:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI 2015-04-30 15:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com 2015-04-27 08:03 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2015-04-26 09:38 - 2015-03-29 21:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-04-25 20:35 - 2015-03-31 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer 2015-04-25 20:35 - 2015-03-29 20:56 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome 2015-04-25 20:35 - 2015-03-29 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-04-25 20:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2015-04-22 11:26 - 2015-04-02 14:10 - 00000000 ____D () C:\Program Files\Java 2015-04-22 11:26 - 2015-03-29 21:47 - 00000000 ____D () C:\ProgramData\Oracle 2015-04-22 11:26 - 2015-03-29 21:47 - 00000000 ____D () C:\Program Files (x86)\Java 2015-04-22 11:25 - 2015-04-02 14:10 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2015-04-21 11:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2015-04-18 13:13 - 2015-03-30 15:01 - 00000000 ____D () C:\Users\Mateusz\AppData\Local\HP 2015-04-16 19:21 - 2015-04-04 09:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-04-16 19:21 - 2015-04-04 09:28 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-04-16 08:21 - 2015-03-29 22:31 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-04-16 08:21 - 2015-03-29 22:31 - 00000000 ____D () C:\Windows\system32\appraiser 2015-04-15 19:25 - 2015-03-30 14:58 - 01640860 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-04-15 19:21 - 2015-03-29 22:24 - 00000000 ____D () C:\Windows\system32\MRT 2015-04-15 19:10 - 2015-03-29 22:24 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-04-15 19:09 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini 2015-04-15 18:31 - 2015-04-05 14:43 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\.mono 2015-04-14 15:09 - 2015-03-29 21:52 - 00000000 ____D () C:\ProgramData\Skype 2015-04-11 20:10 - 2015-03-31 18:57 - 00000000 ____D () C:\Users\Mateusz\AppData\Roaming\ObviousIdea 2015-04-11 16:23 - 2015-04-04 20:41 - 00000000 ____D () C:\Program Files\Highresolution Enterprises 2015-04-11 10:08 - 2015-03-29 21:45 - 00000000 ___RD () C:\Users\Mateusz\Desktop\Win7pl-w-code5-patch 2015-04-11 09:59 - 2015-04-04 20:39 - 00000000 ____D () C:\Program Files (x86)\CodeStuff ==================== Files in the root of some directories ======= 2015-05-07 14:27 - 2015-05-07 14:27 - 0000125 _____ () C:\Users\Mateusz\AppData\Roaming\burnaware.ini 2015-04-30 15:03 - 2015-04-30 15:03 - 0000000 _____ () C:\Users\Mateusz\AppData\Roaming\gdfw.log 2015-04-30 15:02 - 2015-04-30 15:03 - 0000779 _____ () C:\Users\Mateusz\AppData\Roaming\gdscan.log 2015-05-09 11:07 - 2015-05-09 11:24 - 0021914 _____ () C:\Users\Mateusz\AppData\Roaming\Wartości oddzielone przecinkami.ADR 2015-04-10 16:33 - 2015-04-10 16:33 - 0000000 ___SH () C:\Users\Mateusz\AppData\Local\LumaEmu 2015-05-10 08:56 - 2015-05-10 08:56 - 0010190 _____ () C:\Users\Mateusz\AppData\Local\recently-used.xbel 2015-03-30 15:01 - 2015-03-30 15:01 - 0000057 _____ () C:\ProgramData\Ament.ini Some content of TEMP: ==================== C:\Users\Mateusz\AppData\Local\Temp\MusicStudio.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-29 20:18 ==================== End Of Log ============================