Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014 02
- Ran by nikslo (administrator) on NIKSLO-PC on 26-05-2014 19:12:22
- Running from C:\Users\nikslo\Desktop
- Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
- Internet Explorer Version 11
- Boot Mode: Normal
- The only official download link for FRST:
- Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
- Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
- Download link from any site other than Bleeping Computer is unpermitted or outdated.
- See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
- (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
- (Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
- (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
- () C:\Users\nikslo\Documents\programs\CoreTemp32\Core Temp.exe
- (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
- (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
- (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
- (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
- (Tesline-service) C:\Program Files\KidLogger\Kidlogger.exe
- (Samsung) C:\Program Files\Samsung\Kies\Kies.exe
- (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
- (Microsoft Corporation) C:\Windows\System32\wscript.exe
- (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
- ==================== Registry (Whitelisted) ==================
- HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8092192 2009-11-17] (Realtek Semiconductor)
- HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
- HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap.dll [955168 2013-10-18] (NVIDIA Corporation)
- HKLM\...\Run: [MS Shell Services] => [X]
- HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
- HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
- HKLM\...\Run: [iSaverCtrl] => "C:\Program Files\iSaver\iSaverCtrl.exe" --startup
- HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
- HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
- HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-21] (AVAST Software)
- HKLM\...\Run: [oky] => wscript.exe //B "C:\Users\nikslo\AppData\Roaming\oky.vbs"
- HKU\S-1-5-21-521604535-668715220-891425747-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
- HKU\S-1-5-21-521604535-668715220-891425747-1000\...\Run: [MS Shell Services] => C:\Program Files\KidLogger\Kidlogger.exe [751184 2014-01-09] (Tesline-service)
- HKU\S-1-5-21-521604535-668715220-891425747-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
- HKU\S-1-5-21-521604535-668715220-891425747-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
- HKU\S-1-5-21-521604535-668715220-891425747-1000\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
- HKU\S-1-5-21-521604535-668715220-891425747-1000\...\Run: [oky] => wscript.exe //B "C:\Users\nikslo\AppData\Roaming\oky.vbs"
- Startup: C:\Users\nikslo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\oky.vbs ()
- ==================== Internet (Whitelisted) ====================
- HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
- HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
- HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDA4B0C31C11ECF01
- HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
- BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
- BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll No File
- BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
- BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
- BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
- BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
- BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
- Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
- Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
- Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
- FireFox:
- ========
- FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
- FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
- FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
- FF Plugin: @microsoft.com/GENUINE - disabled No File
- FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
- FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
- FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
- FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
- FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
- FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
- FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
- FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
- Chrome:
- =======
- CHR HomePage: hxxp://www.google.com/
- CHR StartupUrls: "hxxp://www.google.com/", "hxxp://google.com/"
- CHR DefaultSearchURL: http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
- CHR DefaultNewTabURL:
- CHR Extension: (Google Translate) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-01-31]
- CHR Extension: (Entanglement Web App) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-01-31]
- CHR Extension: (Google Translate Pad) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgpafgiahigeanbnnmdbnkdkllhjndl [2014-01-31]
- CHR Extension: (Google Docs) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-31]
- CHR Extension: (Google Drive) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-31]
- CHR Extension: (SPOI Options) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn [2014-01-31]
- CHR Extension: (TV) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-01-31]
- CHR Extension: (YouTube) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-31]
- CHR Extension: (Pool) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb [2014-01-31]
- CHR Extension: (Google Search) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-31]
- CHR Extension: (Slagalica fer igra - Ludara.com) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpifakoabdhigpeebhalfkjkoidenba [2014-01-31]
- CHR Extension: (Instant Translate) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2014-01-31]
- CHR Extension: (Google Maps) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-01-31]
- CHR Extension: (Google Mail Checker) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-01-31]
- CHR Extension: (Google Wallet) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-31]
- CHR Extension: (Auto Download for Filesonic, Rapidshare etc.) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbckjfkhmpfjnhghgmmkbhdpinbmjpeg [2014-01-31]
- CHR Extension: (Gmail) - C:\Users\nikslo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-31]
- CHR HKLM\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Users\nikslo\AppData\Local\Temp\swlfiles\smileyswelovetoolbar.crx [2014-01-22]
- CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-21]
- ========================== Services (Whitelisted) =================
- R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-21] (AVAST Software)
- R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-05-21] (AVAST Software)
- R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
- R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
- R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14650144 2013-10-18] (NVIDIA Corporation)
- ==================== Drivers (Whitelisted) ====================
- R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-05-21] ()
- R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-05-21] (AVAST Software)
- R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-05-21] (AVAST Software)
- R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [270240 2014-05-21] (AVAST Software)
- R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-05-21] (AVAST Software)
- R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-05-21] ()
- R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-21] (AVAST Software)
- R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-21] (AVAST Software)
- R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-05-21] (AVAST Software)
- R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-05-21] ()
- R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-02-01] (Disc Soft Ltd)
- R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
- R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-05-26] (Malwarebytes Corporation)
- R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
- R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-09-28] (NVIDIA Corporation)
- R0 oem-drv86; C:\Windows\System32\DRIVERS\oem-drv86.sys [28160 2014-05-26] (secr9tos)
- R3 RT61; C:\Windows\System32\DRIVERS\rt61.sys [368128 2009-06-02] (Ralink Technology, Corp.)
- S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [104448 2014-01-23] (MCCI Corporation)
- S3 ssm_mdfl; C:\Windows\System32\DRIVERS\ssm_mdfl.sys [14848 2014-01-23] (MCCI Corporation)
- S3 ssm_mdm; C:\Windows\System32\DRIVERS\ssm_mdm.sys [132608 2014-01-23] (MCCI Corporation)
- R3 ALSysIO; \??\C:\Users\nikslo\AppData\Local\Temp\ALSysIO.sys [X]
- S3 VGPU; System32\drivers\rdvgkmd.sys [X]
- ==================== NetSvcs (Whitelisted) ===================
- ==================== One Month Created Files and Folders ========
- 2014-05-26 19:12 - 2014-05-26 19:12 - 00014834 _____ () C:\Users\nikslo\Desktop\FRST.txt
- 2014-05-26 19:12 - 2014-05-26 19:12 - 00000000 ____D () C:\FRST
- 2014-05-26 19:08 - 2014-05-26 19:11 - 01056256 _____ (Farbar) C:\Users\nikslo\Desktop\FRST.exe
- 2014-05-25 19:59 - 2014-05-26 00:05 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
- 2014-05-25 19:59 - 2014-05-26 00:04 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
- 2014-05-25 05:37 - 2014-05-25 06:15 - 16409960 _____ (Safer Networking Limited ) C:\Users\nikslo\Downloads\spybotsd162.exe
- 2014-05-25 04:06 - 2014-05-26 19:05 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
- 2014-05-25 04:06 - 2014-05-25 04:06 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
- 2014-05-25 04:06 - 2014-05-25 04:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
- 2014-05-25 04:06 - 2014-05-25 04:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
- 2014-05-25 04:06 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
- 2014-05-25 04:06 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
- 2014-05-25 04:06 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
- 2014-05-25 04:05 - 2014-05-25 04:05 - 00000000 ____D () C:\Users\nikslo\Downloads\Malwarebytes Anti-Malware 2.0.2.1012 + SeRiAl KeYs -==Eagle_ShaDow==-
- 2014-05-24 16:48 - 2014-05-24 16:48 - 00000000 ____D () C:\Program Files\Common Files\Skype
- 2014-05-24 03:20 - 2014-05-24 03:20 - 00001630 _____ () C:\Users\nikslo\Desktop\Warcraft 3 TFT PvPGN.lnk
- 2014-05-24 02:47 - 2014-05-24 02:47 - 00001898 _____ () C:\Users\UpdatusUser\Desktop\Frozen Throne.lnk
- 2014-05-24 02:45 - 2014-05-24 03:20 - 00076321 _____ () C:\Windows\War3Unin.dat
- 2014-05-24 02:45 - 2014-05-24 02:47 - 00139264 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe
- 2014-05-24 02:45 - 2014-05-24 02:47 - 00002829 _____ () C:\Windows\War3Unin.pif
- 2014-05-24 02:45 - 2014-05-24 02:47 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
- 2014-05-24 02:44 - 2014-05-26 05:39 - 00000000 ____D () C:\Program Files\Warcraft III
- 2014-05-23 20:11 - 2014-04-28 12:38 - 00156730 ___SH () C:\Users\nikslo\AppData\Roaming\oky.vbs
- 2014-05-22 19:51 - 2014-05-22 19:51 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\InstallShield
- 2014-05-22 19:51 - 2014-05-22 19:51 - 00000000 ____D () C:\Program Files\D-Link
- 2014-05-22 19:51 - 2009-06-02 17:35 - 00368128 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\rt61.sys
- 2014-05-22 19:51 - 2009-06-02 17:31 - 00221184 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInst.dll
- 2014-05-22 18:36 - 2014-05-26 19:05 - 00000348 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
- 2014-05-22 18:34 - 2014-05-22 18:37 - 00000000 ____D () C:\Program Files\DriverToolkit
- 2014-05-22 18:34 - 2014-05-22 18:34 - 00000000 ____D () C:\Users\nikslo\AppData\Local\DriverToolkit
- 2014-05-22 18:31 - 2014-05-22 18:31 - 00000000 ____D () C:\Users\nikslo\AppData\Local\Codemasters
- 2014-05-22 16:02 - 2014-05-22 16:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
- 2014-05-21 09:01 - 2014-05-21 09:04 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
- 2014-05-21 09:01 - 2014-05-21 09:00 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
- 2014-05-21 09:00 - 2014-05-21 09:04 - 00270240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
- 2014-05-21 09:00 - 2014-05-21 09:00 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
- 2014-05-17 01:33 - 2014-05-17 01:29 - 01180099 _____ () C:\Windows\unins000.exe
- 2014-05-17 01:29 - 2014-05-21 09:04 - 00002033 _____ () C:\Users\Public\Desktop\avast! Premier.lnk
- 2014-05-17 01:29 - 2014-05-17 01:29 - 00002161 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
- 2014-05-17 01:29 - 2014-05-17 01:29 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\AVAST Software
- 2014-05-17 01:29 - 2014-05-17 01:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
- 2014-05-17 01:28 - 2014-05-21 09:04 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
- 2014-05-17 01:28 - 2014-05-21 09:04 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
- 2014-05-17 01:28 - 2014-05-21 09:00 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
- 2014-05-17 01:28 - 2014-05-21 09:00 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
- 2014-05-17 01:28 - 2014-05-21 09:00 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
- 2014-05-17 01:28 - 2014-05-21 09:00 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
- 2014-05-17 01:28 - 2014-05-21 09:00 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
- 2014-05-17 01:28 - 2014-05-21 09:00 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
- 2014-05-17 01:28 - 2014-05-17 01:28 - 00403440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400517216
- 2014-05-17 01:24 - 2014-05-17 01:34 - 00002016 _____ () C:\Windows\unins000.dat
- 2014-05-17 01:24 - 2014-05-17 01:24 - 00000000 ____D () C:\Program Files\AVAST Software
- 2014-05-17 01:23 - 2014-05-17 01:23 - 00000000 ____D () C:\ProgramData\AVAST Software
- 2014-05-17 01:21 - 2014-05-25 05:26 - 00000000 ____D () C:\Users\nikslo\Desktop\avast
- 2014-05-16 08:35 - 2014-05-16 08:35 - 00002241 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk
- 2014-05-16 08:35 - 2014-05-16 08:35 - 00000000 ____D () C:\ProgramData\InstallShield
- 2014-05-16 08:35 - 2004-06-16 06:03 - 00073728 _____ (InstallShield Software Corporation) C:\Windows\system32\ISUSPM.cpl
- 2014-05-16 04:39 - 2003-03-18 21:20 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\MFC71.dll
- 2014-05-16 04:39 - 2003-03-18 20:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP71.dll
- 2014-05-16 04:39 - 2003-02-21 04:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR71.dll
- 2014-05-16 04:35 - 2014-05-16 04:38 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\BSplayer Pro
- 2014-05-15 14:56 - 2014-05-15 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bwin Poker
- 2014-05-14 20:04 - 2014-05-14 20:04 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\system32\CmdLineExt.dll
- 2014-05-14 20:03 - 2014-05-22 18:54 - 00003208 _____ () C:\Windows\DXError.log
- 2014-05-14 20:02 - 2014-05-14 20:02 - 00000535 _____ () C:\Windows\KB893803v2.log
- 2014-05-14 13:09 - 2014-05-14 13:09 - 00001439 _____ () C:\Users\nikslo\Desktop\age3y.exe.lnk
- 2014-05-14 13:08 - 2014-05-14 13:08 - 00000000 ____D () C:\ProgramData\Age of Empires 3
- 2014-05-14 13:07 - 2014-05-14 13:11 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Games
- 2014-05-14 02:14 - 2014-05-14 02:14 - 00000783 _____ () C:\Users\nikslo\Desktop\cheat.txt
- 2014-05-14 01:59 - 2014-05-22 18:54 - 00286315 _____ () C:\Windows\DirectX.log
- 2014-05-14 01:59 - 2014-05-14 01:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
- 2014-05-14 01:57 - 2014-05-14 13:11 - 00000000 ____D () C:\Program Files\Age of Empires III
- 2014-05-12 00:09 - 2014-05-12 00:09 - 00000774 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metal Slug 3.lnk
- 2014-05-12 00:09 - 2014-05-12 00:09 - 00000762 _____ () C:\Users\Public\Desktop\Metal Slug 3.lnk
- 2014-05-12 00:09 - 2014-05-12 00:09 - 00000000 ____D () C:\Users\nikslo\AppData\Local\mslug3
- 2014-05-12 00:09 - 2014-05-12 00:09 - 00000000 ____D () C:\Program Files\Metal Slug 3
- 2014-05-09 01:55 - 2014-05-09 01:55 - 00000000 ____D () C:\Users\nikslo\AppData\Local\Setup Integrity Check
- 2014-05-07 15:29 - 2014-05-07 15:29 - 00000000 ____D () C:\Users\nikslo\AppData\Local\SpookyManor
- 2014-05-07 13:24 - 2014-05-07 13:49 - 00000000 ____D () C:\Users\nikslo\AppData\Local\NBGI
- 2014-05-06 20:10 - 2014-05-06 20:10 - 00000000 __RSH () C:\MSDOS.SYS
- 2014-05-06 20:10 - 2014-05-06 20:10 - 00000000 __RSH () C:\IO.SYS
- 2014-05-06 20:06 - 2014-05-06 20:06 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\Hoyle Puzzle and Board Games
- 2014-05-06 20:06 - 2014-05-06 20:06 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\Hoyle FaceCreator
- 2014-05-06 18:56 - 2014-05-06 20:01 - 00000000 ____D () C:\ProgramData\SKiDROW
- 2014-05-03 17:01 - 2014-05-03 17:01 - 00000000 ____D () C:\Users\nikslo\AppData\Local\Microsoft Games
- 2014-05-02 15:38 - 2014-05-02 15:38 - 00000000 ____D () C:\Program Files\Microsoft Chart Controls
- 2014-04-29 16:53 - 2014-04-29 16:53 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\Nero
- 2014-04-29 16:49 - 2014-04-29 17:16 - 00000000 ____D () C:\Program Files\Common Files\Nero
- 2014-04-29 16:49 - 2014-04-29 17:15 - 00000000 ____D () C:\ProgramData\Nero
- 2014-04-29 16:18 - 2014-04-29 16:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
- 2014-04-28 08:53 - 2014-05-12 16:10 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\DarknessII
- ==================== One Month Modified Files and Folders =======
- 2014-05-26 19:12 - 2014-05-26 19:12 - 00014834 _____ () C:\Users\nikslo\Desktop\FRST.txt
- 2014-05-26 19:12 - 2014-05-26 19:12 - 00000000 ____D () C:\FRST
- 2014-05-26 19:12 - 2009-07-14 06:34 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2014-05-26 19:12 - 2009-07-14 06:34 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2014-05-26 19:11 - 2014-05-26 19:08 - 01056256 _____ (Farbar) C:\Users\nikslo\Desktop\FRST.exe
- 2014-05-26 19:10 - 2013-12-11 09:39 - 00726824 _____ () C:\Windows\system32\perfh019.dat
- 2014-05-26 19:10 - 2013-12-11 09:39 - 00151066 _____ () C:\Windows\system32\perfc019.dat
- 2014-05-26 19:10 - 2010-11-20 23:01 - 01655266 _____ () C:\Windows\system32\PerfStringBackup.INI
- 2014-05-26 19:08 - 2014-01-31 22:13 - 01199611 _____ () C:\Windows\WindowsUpdate.log
- 2014-05-26 19:05 - 2014-05-25 04:06 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
- 2014-05-26 19:05 - 2014-05-22 18:36 - 00000348 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
- 2014-05-26 19:05 - 2014-01-31 22:45 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- 2014-05-26 19:05 - 2009-07-14 06:39 - 00089429 _____ () C:\Windows\setupact.log
- 2014-05-26 19:04 - 2014-02-01 07:01 - 00028160 _____ (secr9tos) C:\Windows\system32\Drivers\oem-drv86.sys
- 2014-05-26 19:04 - 2014-01-31 22:56 - 00000000 ____D () C:\ProgramData\NVIDIA
- 2014-05-26 19:04 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
- 2014-05-26 18:02 - 2014-01-31 22:45 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- 2014-05-26 17:25 - 2014-02-21 19:23 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\AIMP3
- 2014-05-26 15:16 - 2014-03-02 02:36 - 00000000 ____D () C:\Program Files\Sid Meier's Civilization V
- 2014-05-26 05:44 - 2014-01-31 22:23 - 00000000 ____D () C:\Users\nikslo\Documents\igre inst
- 2014-05-26 05:39 - 2014-05-24 02:44 - 00000000 ____D () C:\Program Files\Warcraft III
- 2014-05-26 01:12 - 2014-02-01 01:39 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\uTorrent
- 2014-05-26 00:05 - 2014-05-25 19:59 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
- 2014-05-26 00:05 - 2010-11-20 23:48 - 00187654 _____ () C:\Windows\PFRO.log
- 2014-05-26 00:04 - 2014-05-25 19:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
- 2014-05-25 06:15 - 2014-05-25 05:37 - 16409960 _____ (Safer Networking Limited ) C:\Users\nikslo\Downloads\spybotsd162.exe
- 2014-05-25 05:27 - 2011-04-12 04:24 - 00000000 ____D () C:\Windows\ShellNew
- 2014-05-25 05:26 - 2014-05-17 01:21 - 00000000 ____D () C:\Users\nikslo\Desktop\avast
- 2014-05-25 04:06 - 2014-05-25 04:06 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
- 2014-05-25 04:06 - 2014-05-25 04:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
- 2014-05-25 04:06 - 2014-05-25 04:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
- 2014-05-25 04:05 - 2014-05-25 04:05 - 00000000 ____D () C:\Users\nikslo\Downloads\Malwarebytes Anti-Malware 2.0.2.1012 + SeRiAl KeYs -==Eagle_ShaDow==-
- 2014-05-24 18:30 - 2014-02-02 12:55 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\Skype
- 2014-05-24 16:48 - 2014-05-24 16:48 - 00000000 ____D () C:\Program Files\Common Files\Skype
- 2014-05-24 16:48 - 2014-02-02 12:55 - 00000000 ___RD () C:\Program Files\Skype
- 2014-05-24 16:48 - 2014-02-02 12:55 - 00000000 ____D () C:\ProgramData\Skype
- 2014-05-24 03:20 - 2014-05-24 03:20 - 00001630 _____ () C:\Users\nikslo\Desktop\Warcraft 3 TFT PvPGN.lnk
- 2014-05-24 03:20 - 2014-05-24 02:45 - 00076321 _____ () C:\Windows\War3Unin.dat
- 2014-05-24 03:20 - 2014-02-09 19:35 - 00001646 _____ () C:\Users\UpdatusUser\Desktop\Warcraft 3 RoC PvPGN.lnk
- 2014-05-24 03:20 - 2014-02-09 19:35 - 00001630 _____ () C:\Users\UpdatusUser\Desktop\Warcraft 3 TFT PvPGN.lnk
- 2014-05-24 02:48 - 2014-03-13 20:15 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
- 2014-05-24 02:47 - 2014-05-24 02:47 - 00001898 _____ () C:\Users\UpdatusUser\Desktop\Frozen Throne.lnk
- 2014-05-24 02:47 - 2014-05-24 02:45 - 00139264 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe
- 2014-05-24 02:47 - 2014-05-24 02:45 - 00002829 _____ () C:\Windows\War3Unin.pif
- 2014-05-24 02:47 - 2014-05-24 02:45 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
- 2014-05-22 19:55 - 2009-07-14 06:33 - 00434448 _____ () C:\Windows\system32\FNTCACHE.DAT
- 2014-05-22 19:51 - 2014-05-22 19:51 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\InstallShield
- 2014-05-22 19:51 - 2014-05-22 19:51 - 00000000 ____D () C:\Program Files\D-Link
- 2014-05-22 19:03 - 2014-01-31 22:45 - 00111520 _____ () C:\Users\nikslo\AppData\Local\GDIPFONTCACHEV1.DAT
- 2014-05-22 18:54 - 2014-05-14 20:03 - 00003208 _____ () C:\Windows\DXError.log
- 2014-05-22 18:54 - 2014-05-14 01:59 - 00286315 _____ () C:\Windows\DirectX.log
- 2014-05-22 18:37 - 2014-05-22 18:34 - 00000000 ____D () C:\Program Files\DriverToolkit
- 2014-05-22 18:34 - 2014-05-22 18:34 - 00000000 ____D () C:\Users\nikslo\AppData\Local\DriverToolkit
- 2014-05-22 18:31 - 2014-05-22 18:31 - 00000000 ____D () C:\Users\nikslo\AppData\Local\Codemasters
- 2014-05-22 18:09 - 2014-01-31 22:51 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
- 2014-05-22 16:20 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\schemas
- 2014-05-22 16:02 - 2014-05-22 16:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
- 2014-05-21 09:04 - 2014-05-21 09:01 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
- 2014-05-21 09:04 - 2014-05-21 09:00 - 00270240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
- 2014-05-21 09:04 - 2014-05-17 01:29 - 00002033 _____ () C:\Users\Public\Desktop\avast! Premier.lnk
- 2014-05-21 09:04 - 2014-05-17 01:28 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
- 2014-05-21 09:04 - 2014-05-17 01:28 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
- 2014-05-21 09:00 - 2014-05-21 09:01 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
- 2014-05-21 09:00 - 2014-05-21 09:00 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
- 2014-05-21 09:00 - 2014-05-17 01:28 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
- 2014-05-21 09:00 - 2014-05-17 01:28 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
- 2014-05-21 09:00 - 2014-05-17 01:28 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
- 2014-05-21 09:00 - 2014-05-17 01:28 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
- 2014-05-21 09:00 - 2014-05-17 01:28 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
- 2014-05-21 09:00 - 2014-05-17 01:28 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
- 2014-05-18 17:08 - 2014-02-02 12:58 - 00000033 _____ () C:\ProgramData\droidcam-settings
- 2014-05-17 01:34 - 2014-05-17 01:24 - 00002016 _____ () C:\Windows\unins000.dat
- 2014-05-17 01:29 - 2014-05-17 01:33 - 01180099 _____ () C:\Windows\unins000.exe
- 2014-05-17 01:29 - 2014-05-17 01:29 - 00002161 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
- 2014-05-17 01:29 - 2014-05-17 01:29 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\AVAST Software
- 2014-05-17 01:29 - 2014-05-17 01:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
- 2014-05-17 01:28 - 2014-05-17 01:28 - 00403440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400517216
- 2014-05-17 01:24 - 2014-05-17 01:24 - 00000000 ____D () C:\Program Files\AVAST Software
- 2014-05-17 01:23 - 2014-05-17 01:23 - 00000000 ____D () C:\ProgramData\AVAST Software
- 2014-05-16 19:15 - 2014-02-12 00:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
- 2014-05-16 19:15 - 2014-02-12 00:56 - 00000000 ____D () C:\Program Files\Common Files\Adobe
- 2014-05-16 08:35 - 2014-05-16 08:35 - 00002241 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk
- 2014-05-16 08:35 - 2014-05-16 08:35 - 00000000 ____D () C:\ProgramData\InstallShield
- 2014-05-16 08:35 - 2014-01-31 22:51 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
- 2014-05-16 08:32 - 2014-01-31 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
- 2014-05-16 08:30 - 2014-01-31 22:55 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
- 2014-05-16 04:58 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
- 2014-05-16 04:41 - 2009-07-14 04:04 - 00002577 _____ () C:\Windows\system32\config.nt
- 2014-05-16 04:38 - 2014-05-16 04:35 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\BSplayer Pro
- 2014-05-15 14:56 - 2014-05-15 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bwin Poker
- 2014-05-15 14:56 - 2014-03-11 18:57 - 00001489 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\bwin Poker.lnk
- 2014-05-15 14:38 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
- 2014-05-15 14:36 - 2014-03-25 19:34 - 00000000 ___RD () C:\Users\nikslo\Documents\Koncerti
- 2014-05-14 20:04 - 2014-05-14 20:04 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\system32\CmdLineExt.dll
- 2014-05-14 20:02 - 2014-05-14 20:02 - 00000535 _____ () C:\Windows\KB893803v2.log
- 2014-05-14 13:11 - 2014-05-14 13:07 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Games
- 2014-05-14 13:11 - 2014-05-14 01:57 - 00000000 ____D () C:\Program Files\Age of Empires III
- 2014-05-14 13:09 - 2014-05-14 13:09 - 00001439 _____ () C:\Users\nikslo\Desktop\age3y.exe.lnk
- 2014-05-14 13:08 - 2014-05-14 13:08 - 00000000 ____D () C:\ProgramData\Age of Empires 3
- 2014-05-14 02:14 - 2014-05-14 02:14 - 00000783 _____ () C:\Users\nikslo\Desktop\cheat.txt
- 2014-05-14 02:00 - 2014-03-02 02:41 - 00000000 ____D () C:\Users\nikslo\Documents\My Games
- 2014-05-14 01:59 - 2014-05-14 01:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
- 2014-05-14 01:46 - 2014-01-31 22:23 - 00000000 ____D () C:\Users\nikslo\Documents\filmovi
- 2014-05-12 16:10 - 2014-04-28 08:53 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\DarknessII
- 2014-05-12 07:26 - 2014-05-25 04:06 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
- 2014-05-12 07:25 - 2014-05-25 04:06 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
- 2014-05-12 07:25 - 2014-05-25 04:06 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
- 2014-05-12 00:09 - 2014-05-12 00:09 - 00000774 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metal Slug 3.lnk
- 2014-05-12 00:09 - 2014-05-12 00:09 - 00000762 _____ () C:\Users\Public\Desktop\Metal Slug 3.lnk
- 2014-05-12 00:09 - 2014-05-12 00:09 - 00000000 ____D () C:\Users\nikslo\AppData\Local\mslug3
- 2014-05-12 00:09 - 2014-05-12 00:09 - 00000000 ____D () C:\Program Files\Metal Slug 3
- 2014-05-11 23:51 - 2014-03-01 16:14 - 00000000 ____D () C:\Program Files\World_of_Tanks
- 2014-05-09 01:55 - 2014-05-09 01:55 - 00000000 ____D () C:\Users\nikslo\AppData\Local\Setup Integrity Check
- 2014-05-08 15:25 - 2014-02-01 14:18 - 00000000 ____D () C:\Program Files\KidLogger
- 2014-05-07 15:29 - 2014-05-07 15:29 - 00000000 ____D () C:\Users\nikslo\AppData\Local\SpookyManor
- 2014-05-07 13:49 - 2014-05-07 13:24 - 00000000 ____D () C:\Users\nikslo\AppData\Local\NBGI
- 2014-05-06 20:10 - 2014-05-06 20:10 - 00000000 __RSH () C:\MSDOS.SYS
- 2014-05-06 20:10 - 2014-05-06 20:10 - 00000000 __RSH () C:\IO.SYS
- 2014-05-06 20:06 - 2014-05-06 20:06 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\Hoyle Puzzle and Board Games
- 2014-05-06 20:06 - 2014-05-06 20:06 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\Hoyle FaceCreator
- 2014-05-06 20:01 - 2014-05-06 18:56 - 00000000 ____D () C:\ProgramData\SKiDROW
- 2014-05-04 17:48 - 2014-01-31 22:23 - 00000000 ____D () C:\Users\nikslo\Documents\serije
- 2014-05-04 17:14 - 2013-12-11 12:11 - 90547776 ____N (Microsoft Corporation) C:\Windows\system32\MRT.exe
- 2014-05-03 17:01 - 2014-05-03 17:01 - 00000000 ____D () C:\Users\nikslo\AppData\Local\Microsoft Games
- 2014-05-02 15:38 - 2014-05-02 15:38 - 00000000 ____D () C:\Program Files\Microsoft Chart Controls
- 2014-05-02 15:02 - 2014-03-09 23:31 - 00000000 ____D () C:\Users\nikslo\Documents\Ubisoft
- 2014-05-02 15:02 - 2014-03-09 23:31 - 00000000 ____D () C:\ProgramData\Orbit
- 2014-05-01 11:20 - 2014-04-02 09:16 - 00000000 ____D () C:\Program Files\Counter-Strike
- 2014-04-29 17:16 - 2014-04-29 16:49 - 00000000 ____D () C:\Program Files\Common Files\Nero
- 2014-04-29 17:15 - 2014-04-29 16:49 - 00000000 ____D () C:\ProgramData\Nero
- 2014-04-29 16:53 - 2014-04-29 16:53 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\Nero
- 2014-04-29 16:18 - 2014-04-29 16:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
- 2014-04-29 11:42 - 2014-03-05 00:08 - 00000000 ____D () C:\Users\nikslo\AppData\Roaming\Samsung
- 2014-04-28 12:38 - 2014-05-23 20:11 - 00156730 ___SH () C:\Users\nikslo\AppData\Roaming\oky.vbs
- 2014-04-28 08:53 - 2014-03-02 03:12 - 00000000 ____D () C:\Users\nikslo\AppData\Local\SKIDROW
- Some content of TEMP:
- ====================
- C:\Users\nikslo\AppData\Local\Temp\cabex.dll
- C:\Users\nikslo\AppData\Local\Temp\CmdLineExt02.dll
- C:\Users\nikslo\AppData\Local\Temp\htchome_installer.exe
- C:\Users\nikslo\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
- C:\Users\nikslo\AppData\Local\Temp\SIInvoker.exe
- C:\Users\nikslo\AppData\Local\Temp\SIntf16.dll
- C:\Users\nikslo\AppData\Local\Temp\SIntf32.dll
- C:\Users\nikslo\AppData\Local\Temp\SIntfNT.dll
- C:\Users\nikslo\AppData\Local\Temp\tu17p84.exe
- C:\Users\nikslo\AppData\Local\Temp\unelevate.exe
- C:\Users\nikslo\AppData\Local\Temp\war3_Install.exe
- C:\Users\nikslo\AppData\Local\Temp\ytai_ytareg_setup.exe
- C:\Users\nikslo\AppData\Local\Temp\{DB0F499C-DEDE-4225-BDC4-ABF55497B9D7}-34.0.1847.131_34.0.1847.116_chrome_updater.exe
- ==================== Bamital & volsnap Check =================
- C:\Windows\explorer.exe => MD5 is legit
- C:\Windows\system32\winlogon.exe => MD5 is legit
- C:\Windows\system32\wininit.exe => MD5 is legit
- C:\Windows\system32\svchost.exe => MD5 is legit
- C:\Windows\system32\services.exe => MD5 is legit
- C:\Windows\system32\User32.dll => MD5 is legit
- C:\Windows\system32\userinit.exe => MD5 is legit
- C:\Windows\system32\rpcss.dll => MD5 is legit
- C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
- LastRegBack: 2014-05-19 04:52
- ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement