kuker173 utworzono 6 września 2014 utworzono 6 września 2014 (edytowane) Podobno robi to printscreeny i wysyła na serwery. Uruchamia mi się to co jakiś czas w google chrome i to nie jest żadne rozszerzenie. Nie wiem w jaki sposób mi się to zainstalowało być może system jest zainfekowany. Latop ostatnimi czasy bardziej się grzeje i głośniej chodzi - pewnie znowu wentylator się zakurzył, a może jest jakiś wirus ? OTL [log]OTL logfile created on: 2014-09-06 14:04:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcin\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 42,21% Memory free 4,24 Gb Paging File | 2,98 Gb Available in Paging File | 70,35% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 93,16 Gb Total Space | 62,84 Gb Free Space | 67,46% Space Free | Partition Type: NTFS Computer Name: MARCIN-PC | User Name: Marcin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014-09-06 14:03:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marcin\Downloads\OTL.exe PRC - [2014-09-06 10:12:37 | 002,715,648 | ---- | M] () -- C:\Users\Marcin\AppData\Local\fabulous_09060812\fabulous_09060812.exe PRC - [2014-08-30 04:49:43 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2014-08-14 09:21:20 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe PRC - [2014-08-12 10:58:04 | 001,801,960 | ---- | M] (SeriousBit) -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe PRC - [2014-08-12 10:58:02 | 000,129,256 | ---- | M] (SeriousBit) -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe PRC - [2011-10-24 17:53:14 | 000,870,672 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2011-10-24 17:34:56 | 000,481,552 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010-07-04 21:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe PRC - [2009-04-11 15:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe ========== Modules (No Company Name) ========== MOD - [2014-09-06 10:12:37 | 002,715,648 | ---- | M] () -- C:\Users\Marcin\AppData\Local\fabulous_09060812\fabulous_09060812.exe MOD - [2014-08-30 04:49:41 | 000,331,592 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.103\ppgooglenaclpluginchrome.dll MOD - [2014-08-30 04:49:38 | 008,577,864 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.103\pdf.dll MOD - [2014-08-30 04:49:30 | 001,660,232 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll MOD - [2014-08-11 20:16:45 | 000,797,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\57d66541f1d5d1c7888058a8d52b0b9c\System.Runtime.Remoting.ni.dll MOD - [2014-08-11 20:16:35 | 007,785,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\668bc5e53fd656dc16c9f40ea15e872e\System.Xml.ni.dll MOD - [2014-08-11 20:16:28 | 012,895,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ac38cb30c15eb9e4a54459ee01e9f8e6\System.Windows.Forms.ni.dll MOD - [2014-08-11 20:16:21 | 000,967,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7ece7799d670cdfc1393b98b0668a046\System.Configuration.ni.dll MOD - [2014-08-11 20:16:18 | 001,639,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ce11900fa489575613dc777c7fbb0d7d\System.Drawing.ni.dll MOD - [2014-08-11 20:16:16 | 010,067,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\b75ba99f72f116d8951b0f2bba8c276a\System.ni.dll MOD - [2014-08-11 20:16:08 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll MOD - [2014-02-10 13:44:24 | 004,592,128 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll MOD - [2014-02-10 13:44:24 | 000,112,128 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll MOD - [2010-07-04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll MOD - [2010-07-04 23:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll MOD - [2010-07-04 21:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe MOD - [2007-06-21 17:27:32 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll ========== Services (SafeList) ========== SRV - [2014-08-25 08:37:25 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-08-12 10:58:02 | 000,129,256 | ---- | M] (SeriousBit) [Auto | Running] -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe -- (NetBalancerService) SRV - [2014-07-17 07:42:17 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011-10-24 17:53:14 | 000,870,672 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2011-10-24 17:34:56 | 000,481,552 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2013-11-25 10:28:34 | 000,035,712 | ---- | M] (SeriousBit) [Kernel | System | Running] -- C:\Windows\System32\drivers\nbdrv.sys -- (nbdrv) DRV - [2010-10-07 05:11:38 | 006,639,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwLv32.sys -- (NETwLv32) DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2008-01-21 04:23:26 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM) DRV - [2008-01-21 04:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) DRV - [2008-01-21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) DRV - [2007-06-21 17:36:32 | 002,600,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-2624493067-400939339-2161531577-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-2624493067-400939339-2161531577-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2624493067-400939339-2161531577-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2624493067-400939339-2161531577-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-08-11 19:45:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcin\AppData\Roaming\mozilla\Extensions [2014-08-11 20:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcin\AppData\Roaming\mozilla\Firefox\Profiles\5yyqmk4y.default\extensions [2014-08-11 19:45:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-08-11 19:45:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - plugin: Error reading preferences file CHR - Extension: Dokumenty Google = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\ CHR - Extension: Dysk Google = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Adblock Plus = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.4_0\ CHR - Extension: Szukaj w Google = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Wallet = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: Gmail = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2014-08-12 08:03:51 | 000,000,831 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 255.255.255.255 bolscripts.net O1 - Hosts: 255.255.255.255 www.bolscripts.net O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKU\S-1-5-21-2624493067-400939339-2161531577-1000..\Run: [fabulous_09060812] c:\users\marcin\appdata\local\fabulous_09060812\fabulous_09060812.exe () O4 - HKU\S-1-5-21-2624493067-400939339-2161531577-1000..\Run: [NetBalancer] C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe (SeriousBit) O4 - Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fabulous_09060812.lnk = C:\Users\Marcin\AppData\Local\fabulous_09060812\fabulous_09060812.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\S-1-5-21-2624493067-400939339-2161531577-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2624493067-400939339-2161531577-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2BEE1CC1-D4C7-4ECA-B0DD-05357127241E}: DhcpNameServer = 192.168.1.1 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: CertPropSvc - File not found NetSvcs: SCPolicySvc - File not found NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found ========== Files/Folders - Created Within 30 Days ========== [2014-09-06 13:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2014-09-06 10:12:30 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\fabulous_09060812 [2014-09-06 10:12:24 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [2014-09-06 10:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker [2014-09-05 16:30:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker [2014-09-05 16:30:58 | 000,000,000 | ---D | C] -- C:\Program Files\Resource Hacker [2014-08-29 07:57:07 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\cloudrop [2014-08-21 09:00:28 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\gtk-2.0 [2014-08-21 08:56:56 | 000,000,000 | ---D | C] -- C:\Users\Marcin\.thumbnails [2014-08-21 08:56:14 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\fontconfig [2014-08-21 08:56:12 | 000,000,000 | ---D | C] -- C:\Users\Marcin\.gimp-2.8 [2014-08-21 08:56:11 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\gegl-0.2 [2014-08-21 08:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2014-08-21 07:46:44 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2014-08-21 07:46:44 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2014-08-21 07:46:23 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2014-08-21 07:46:23 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2014-08-21 07:46:23 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2014-08-21 07:46:14 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2014-08-21 07:46:14 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2014-08-21 07:38:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2014-08-21 07:38:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2014-08-21 07:37:43 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2014-08-21 07:35:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2014-08-21 07:34:50 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Microsoft Help [2014-08-21 07:34:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2014-08-21 07:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2014-08-21 07:33:49 | 000,000,000 | RH-D | C] -- C:\MSOCache [2014-08-20 23:16:17 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Serif [2014-08-20 23:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2014-08-20 23:10:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications [2014-08-20 23:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Serif [2014-08-18 20:54:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2014-08-18 20:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2014-08-17 19:29:18 | 000,000,000 | ---D | C] -- C:\Program Files\EPSON [2014-08-17 19:26:45 | 000,000,000 | ---D | C] -- C:\epson [2014-08-16 23:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\SeriousBit [2014-08-16 23:27:44 | 000,035,712 | ---- | C] (SeriousBit) -- C:\Windows\System32\drivers\nbdrv.sys [2014-08-16 23:27:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBalancer [2014-08-16 23:27:43 | 000,000,000 | ---D | C] -- C:\Program Files\NetBalancer [2014-08-16 23:26:51 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Locktime Software [2014-08-14 09:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Install Manager [2014-08-14 09:40:39 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2014-08-14 09:35:27 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Intel [2014-08-14 09:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco [2014-08-14 09:34:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2014-08-14 09:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2014-08-14 09:34:00 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2014-08-14 09:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2014-08-14 09:16:26 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Google [2014-08-14 09:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2014-08-13 16:10:22 | 000,000,000 | ---D | C] -- C:\0c87a7da8cfce48ca538bdb9b0 [2014-08-11 22:00:18 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\BoL [2014-08-11 21:57:35 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\BoL+Studio [2014-08-11 21:06:52 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\LolClient [2014-08-11 21:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Riot Games [2014-08-11 20:58:33 | 000,000,000 | ---D | C] -- C:\League of Legends [2014-08-11 20:50:09 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\ATI [2014-08-11 20:50:09 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\ATI [2014-08-11 20:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2014-08-11 20:44:08 | 000,000,000 | ---D | C] -- C:\DRIVERS [2014-08-11 20:39:47 | 000,000,000 | --SD | C] -- C:\Downloads [2014-08-11 20:39:17 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\FlashgetSetup [2014-08-11 20:39:17 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\BITS [2014-08-11 20:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\FlashGet Network [2014-08-11 20:30:41 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\SlimWare Utilities Inc [2014-08-11 20:30:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers [2014-08-11 20:29:32 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled [2014-08-11 20:28:19 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\IObit [2014-08-11 20:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2014-08-11 20:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit [2014-08-11 20:16:51 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2014-08-11 20:16:37 | 000,000,000 | -HSD | C] -- C:\Boot [2014-08-11 20:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2014-08-11 20:13:37 | 000,000,000 | ---D | C] -- C:\Windows\Migration [2014-08-11 20:13:06 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2014-08-11 20:13:06 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2014-08-11 20:13:06 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2014-08-11 19:58:24 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Macromedia [2014-08-11 19:54:27 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Macromedia [2014-08-11 19:54:07 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\vlc [2014-08-11 19:53:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2014-08-11 19:53:53 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2014-08-11 19:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2014-08-11 19:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2014-08-11 19:51:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2014-08-11 19:50:19 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Adobe [2014-08-11 19:49:47 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Oracle [2014-08-11 19:49:41 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2014-08-11 19:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2014-08-11 19:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2014-08-11 19:49:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2014-08-11 19:49:22 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2014-08-11 19:49:18 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2014-08-11 19:49:18 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2014-08-11 19:49:18 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2014-08-11 19:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2014-08-11 19:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2014-08-11 19:47:10 | 000,699,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014-08-11 19:47:10 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014-08-11 19:47:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2014-08-11 19:45:49 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Mozilla [2014-08-11 19:45:49 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Mozilla [2014-08-11 19:45:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2014-08-11 19:45:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2014-08-11 19:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014-08-11 19:39:22 | 000,000,000 | R--D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2014-08-11 19:39:22 | 000,000,000 | R--D | C] -- C:\Users\Marcin\Searches [2014-08-11 19:39:22 | 000,000,000 | R--D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2014-08-11 19:39:12 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Identities [2014-08-11 19:39:09 | 000,000,000 | R--D | C] -- C:\Users\Marcin\Contacts [2014-08-11 19:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2014-08-11 19:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2014-08-11 19:37:55 | 000,398,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\vbrun300.dll [2014-08-11 19:37:55 | 000,356,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\vbrun200.dll [2014-08-11 19:37:54 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm50.dll [2014-08-11 19:37:54 | 000,935,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\vb40016.dll [2014-08-11 19:37:54 | 000,722,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vb40032.dll [2014-08-11 19:37:54 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp70.dll [2014-08-11 19:37:54 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll [2014-08-11 19:37:54 | 000,221,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabctl32.ocx [2014-08-11 19:37:54 | 000,218,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\richtx32.ocx [2014-08-11 19:37:54 | 000,178,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmask32.ocx [2014-08-11 19:37:54 | 000,136,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinet.ocx [2014-08-11 19:37:54 | 000,129,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstdfmt.dll [2014-08-11 19:37:54 | 000,126,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswinsck.ocx [2014-08-11 19:37:54 | 000,107,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstkprp.dll [2014-08-11 19:37:54 | 000,100,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\picclp32.ocx [2014-08-11 19:37:54 | 000,080,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysinfo.ocx [2014-08-11 19:37:54 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvci70.dll [2014-08-11 19:37:53 | 001,070,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscomctl.ocx [2014-08-11 19:37:53 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscomctl32.ocx [2014-08-11 19:37:53 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll [2014-08-11 19:37:53 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71u.dll [2014-08-11 19:37:53 | 001,024,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70.dll [2014-08-11 19:37:53 | 001,017,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70u.dll [2014-08-11 19:37:53 | 000,659,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscomct2.ocx [2014-08-11 19:37:53 | 000,443,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshflxgd.ocx [2014-08-11 19:37:53 | 000,278,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdatgrd.ocx [2014-08-11 19:37:53 | 000,258,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msflxgrd.ocx [2014-08-11 19:37:53 | 000,252,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdatlst.ocx [2014-08-11 19:37:53 | 000,119,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscomm32.ocx [2014-08-11 19:37:53 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71deu.dll [2014-08-11 19:37:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71ita.dll [2014-08-11 19:37:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71fra.dll [2014-08-11 19:37:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71esp.dll [2014-08-11 19:37:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70ita.dll [2014-08-11 19:37:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70fra.dll [2014-08-11 19:37:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70esp.dll [2014-08-11 19:37:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70deu.dll [2014-08-11 19:37:53 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71enu.dll [2014-08-11 19:37:53 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70enu.dll [2014-08-11 19:37:53 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71kor.dll [2014-08-11 19:37:53 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71jpn.dll [2014-08-11 19:37:53 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70kor.dll [2014-08-11 19:37:53 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70jpn.dll [2014-08-11 19:37:53 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71cht.dll [2014-08-11 19:37:53 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70cht.dll [2014-08-11 19:37:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71chs.dll [2014-08-11 19:37:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70chs.dll [2014-08-11 19:37:52 | 000,614,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comctl32.ocx [2014-08-11 19:37:52 | 000,415,552 | ---- | C] (Microsoft Corporation ) -- C:\Windows\System32\comct332.ocx [2014-08-11 19:37:52 | 000,222,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dblist32.ocx [2014-08-11 19:37:52 | 000,215,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mci32.ocx [2014-08-11 19:37:52 | 000,170,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comct232.ocx [2014-08-11 19:37:52 | 000,155,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.ocx [2014-08-11 19:37:52 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll [2014-08-11 19:37:52 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl70.dll [2014-08-11 19:34:01 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2014-08-11 19:33:37 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_40.dll [2014-08-11 19:33:37 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_41.dll [2014-08-11 19:33:37 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_39.dll [2014-08-11 19:33:37 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_38.dll [2014-08-11 19:33:37 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_37.dll [2014-08-11 19:33:37 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2014-08-11 19:33:37 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2014-08-11 19:33:37 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2014-08-11 19:33:37 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2014-08-11 19:33:37 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2014-08-11 19:33:37 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2014-08-11 19:33:37 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_43.dll [2014-08-11 19:33:37 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_42.dll [2014-08-11 19:33:37 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2014-08-11 19:33:37 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2014-08-11 19:33:37 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2014-08-11 19:33:37 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2014-08-11 19:33:37 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2014-08-11 19:33:37 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2014-08-11 19:33:37 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2014-08-11 19:33:37 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2014-08-11 19:33:37 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2014-08-11 19:33:37 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2014-08-11 19:33:37 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2014-08-11 19:33:37 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2014-08-11 19:33:37 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2014-08-11 19:33:37 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2014-08-11 19:33:37 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2014-08-11 19:33:37 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2014-08-11 19:33:37 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2014-08-11 19:33:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2014-08-11 19:33:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2014-08-11 19:33:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2014-08-11 19:33:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2014-08-11 19:33:37 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2014-08-11 19:33:37 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2014-08-11 19:33:37 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2014-08-11 19:33:37 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2014-08-11 19:33:37 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2014-08-11 19:33:37 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2014-08-11 19:33:37 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2014-08-11 19:33:37 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2014-08-11 19:33:37 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2014-08-11 19:33:37 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2014-08-11 19:33:37 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2014-08-11 19:33:37 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2014-08-11 19:33:37 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2014-08-11 19:33:37 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2014-08-11 19:33:37 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2014-08-11 19:33:37 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2014-08-11 19:33:37 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2014-08-11 19:33:37 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2014-08-11 19:33:37 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2014-08-11 19:33:37 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2014-08-11 19:33:37 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_2.dll [2014-08-11 19:33:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2014-08-11 19:33:37 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2014-08-11 19:33:36 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2014-08-11 19:33:36 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2014-08-11 19:33:36 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2014-08-11 19:33:36 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2014-08-11 19:33:36 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2014-08-11 19:33:36 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2014-08-11 19:33:36 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2014-08-11 19:33:36 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2014-08-11 19:33:36 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2014-08-11 19:33:36 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2014-08-11 19:33:36 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2014-08-11 19:33:36 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2014-08-11 19:33:36 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2014-08-11 19:33:36 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2014-08-11 19:33:36 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2014-08-11 19:33:36 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2014-08-11 19:33:36 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcompiler_36.dll [2014-08-11 19:33:36 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2014-08-11 19:33:36 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2014-08-11 19:33:36 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2014-08-11 19:33:36 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2014-08-11 19:33:36 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2014-08-11 19:33:36 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2014-08-11 19:33:36 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2014-08-11 19:33:36 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2014-08-11 19:33:36 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2014-08-11 19:33:36 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2014-08-11 19:33:36 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2014-08-11 19:33:36 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2014-08-11 19:33:36 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2014-08-11 19:33:36 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2014-08-11 19:33:35 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcompiler_35.dll [2014-08-11 19:33:35 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcompiler_34.dll [2014-08-11 19:33:35 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcompiler_33.dll [2014-08-11 19:32:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\ShellExt [2014-08-11 19:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2014-08-11 19:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\Ustawienia lokalne [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\AppData\Local\Temporary Internet Files [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\Szablony [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\SendTo [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\Recent [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\PrintHood [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\NetHood [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\Documents\Moje wideo [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\Documents\Moje obrazy [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\Moje dokumenty [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\Documents\Moja muzyka [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\Menu Start [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\AppData\Local\Historia [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\Dane aplikacji [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\AppData\Local\Dane aplikacji [2014-08-11 19:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Marcin\Cookies [2014-08-11 19:32:36 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Temp [2014-08-11 19:32:36 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Microsoft [2014-08-11 19:32:35 | 000,000,000 | --SD | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft [2014-08-11 19:32:35 | 000,000,000 | R--D | C] -- C:\Users\Marcin\Videos [2014-08-11 19:32:35 | 000,000,000 | R--D | C] -- C:\Users\Marcin\Saved Games [2014-08-11 19:32:35 | 000,000,000 | R--D | C] -- C:\Users\Marcin\Pictures [2014-08-11 19:32:35 | 000,000,000 | R--D | C] -- C:\Users\Marcin\Music [2014-08-11 19:32:35 | 000,000,000 | R--D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2014-08-11 19:32:35 | 000,000,000 | R--D | C] -- C:\Users\Marcin\Links [2014-08-11 19:32:35 | 000,000,000 | R--D | C] -- C:\Users\Marcin\Favorites [2014-08-11 19:32:35 | 000,000,000 | R--D | C] -- C:\Users\Marcin\Downloads [2014-08-11 19:32:35 | 000,000,000 | R--D | C] -- C:\Users\Marcin\Documents [2014-08-11 19:32:35 | 000,000,000 | R--D | C] -- C:\Users\Marcin\Desktop [2014-08-11 19:32:35 | 000,000,000 | R--D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2014-08-11 19:32:35 | 000,000,000 | -H-D | C] -- C:\Users\Marcin\AppData [2014-08-11 19:31:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2014-08-11 19:31:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2014-08-11 19:31:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2014-08-11 19:31:00 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2014-08-11 19:31:00 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2014-08-11 19:31:00 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2014-08-11 19:31:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2014-08-11 19:31:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2014-08-11 19:31:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2014-08-11 19:30:15 | 000,000,000 | ---D | C] -- C:\Windows\Debug [2014-08-11 19:21:41 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2014-08-11 19:17:48 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014-09-06 14:05:23 | 000,000,990 | ---- | M] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fabulous_09060812.lnk [2014-09-06 13:26:30 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-09-06 13:16:59 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-09-06 12:17:57 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2014-09-06 12:17:57 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2014-09-06 10:22:48 | 000,714,160 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-09-06 10:22:48 | 000,633,712 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-09-06 10:22:48 | 000,151,000 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-09-06 10:22:48 | 000,119,278 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-09-06 10:17:57 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-09-06 10:17:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-09-06 10:17:47 | 215,355,532 | ---- | M] () -- C:\Windows\MEMORY.DMP [2014-09-04 18:41:06 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-08-29 07:53:27 | 000,000,653 | ---- | M] () -- C:\Users\Marcin\Desktop\LoL.lnk [2014-08-25 08:37:25 | 000,699,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014-08-25 08:37:25 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014-08-22 09:51:16 | 000,212,080 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2014-08-21 10:20:18 | 000,012,335 | ---- | M] () -- C:\Users\Marcin\AppData\Local\recently-used.xbel [2014-08-20 23:07:38 | 000,000,009 | ---- | M] () -- C:\END [2014-08-17 19:26:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2014-08-17 19:26:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2014-08-14 09:39:29 | 000,000,680 | ---- | M] () -- C:\Users\Marcin\AppData\Local\d3d9caps.dat [2014-08-14 09:31:24 | 000,000,891 | ---- | M] () -- C:\Windows\System32\secushr.dat [2014-08-14 08:44:26 | 000,000,248 | ---- | M] () -- C:\Windows\System32\secustat.dat [2014-08-11 20:39:48 | 000,000,025 | ---- | M] () -- C:\Windows\emcore.INI [2014-08-11 20:16:38 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2014-08-11 19:49:07 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2014-08-11 19:49:06 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2014-08-11 19:49:06 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2014-08-11 19:49:06 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2014-08-11 19:28:16 | 000,390,342 | ---- | M] () -- C:\Windows\System32\license.rtf [2014-08-11 18:54:30 | 000,000,120 | ---- | M] () -- C:\Windows\restartexplorer.bat [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] ========== Files Created - No Company Name ========== [2014-09-06 10:17:47 | 215,355,532 | ---- | C] () -- C:\Windows\MEMORY.DMP [2014-09-06 10:12:37 | 000,000,990 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fabulous_09060812.lnk [2014-08-29 07:53:27 | 000,000,653 | ---- | C] () -- C:\Users\Marcin\Desktop\LoL.lnk [2014-08-21 10:20:18 | 000,012,335 | ---- | C] () -- C:\Users\Marcin\AppData\Local\recently-used.xbel [2014-08-21 08:54:25 | 000,000,882 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [2014-08-20 23:10:20 | 000,001,866 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif PagePlus Starter Edition.lnk [2014-08-20 23:02:38 | 000,000,009 | ---- | C] () -- C:\END [2014-08-17 19:26:48 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2014-08-17 19:26:48 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2014-08-14 09:22:46 | 000,001,979 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-08-14 09:16:35 | 000,001,036 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-08-14 09:16:31 | 000,001,032 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-08-11 20:44:38 | 000,000,248 | ---- | C] () -- C:\Windows\System32\secustat.dat [2014-08-11 20:43:54 | 000,000,891 | ---- | C] () -- C:\Windows\System32\secushr.dat [2014-08-11 20:39:48 | 000,000,025 | ---- | C] () -- C:\Windows\emcore.INI [2014-08-11 20:16:38 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK [2014-08-11 20:16:37 | 000,333,257 | RHS- | C] () -- C:\bootmgr [2014-08-11 20:16:25 | 000,000,120 | ---- | C] () -- C:\Windows\restartexplorer.bat [2014-08-11 19:52:15 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2014-08-11 19:47:11 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-08-11 19:45:44 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2014-08-11 19:39:23 | 000,000,949 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2014-08-11 19:39:21 | 000,000,944 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2014-08-11 19:39:09 | 000,000,915 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk [2014-08-11 19:37:55 | 000,271,264 | ---- | C] () -- C:\Windows\System\vbrun100.dll [2014-08-11 19:37:54 | 000,210,944 | ---- | C] () -- C:\Windows\System32\msvcrt10.dll [2014-08-11 19:32:37 | 000,000,680 | ---- | C] () -- C:\Users\Marcin\AppData\Local\d3d9caps.dat [2014-08-11 19:27:33 | 000,000,314 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk [2014-08-11 19:19:01 | 000,212,080 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012-09-09 15:48:40 | 000,714,240 | ---- | C] () -- C:\Windows\System32\notepad.exe [2012-09-09 15:48:12 | 000,714,240 | ---- | C] () -- C:\Windows\notepad.exe ========== ZeroAccess Check ========== [2006-11-02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-08-16 15:54:01 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 15:18:30 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 15:18:20 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2014-08-14 08:44:26 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\BITS [2014-09-05 21:23:48 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\BoL [2014-08-31 18:01:08 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\cloudrop [2014-08-11 20:39:17 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\FlashgetSetup [2014-08-11 20:28:19 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\IObit [2014-08-16 23:26:51 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Locktime Software [2014-08-11 21:06:52 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\LolClient [2014-08-11 19:49:47 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Oracle [2014-08-20 23:16:17 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Serif ========== Purity Check ========== ========== Custom Scans ========== < > [2006-11-02 15:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2006-11-02 15:01:49 | 000,031,616 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2014-08-11 19:47:11 | 000,000,930 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2014-08-14 09:16:31 | 000,001,032 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2014-08-14 09:16:35 | 000,001,036 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job < C:\*.* > [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-04-11 15:18:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2014-08-11 20:16:38 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2014-08-20 23:07:38 | 000,000,009 | ---- | M] () -- C:\END [2014-08-17 19:26:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2014-08-17 19:26:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2014-09-06 10:17:47 | 2459,607,040 | -HS- | M] () -- C:\pagefile.sys < D:\*.* > < E:\*.* > < F:\*.* > < G:\*.* > < H:\*.* > < %ALLUSERSPROFILE%\Application Data\*. > < %APPDATA%\*. > [2014-08-11 19:50:19 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Adobe [2014-08-11 20:50:09 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\ATI [2014-08-14 08:44:26 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\BITS [2014-09-05 21:23:48 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\BoL [2014-08-31 18:01:08 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\cloudrop [2014-08-11 20:39:17 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\FlashgetSetup [2014-08-11 19:39:12 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Identities [2014-08-14 09:35:27 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Intel [2014-08-11 20:28:19 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\IObit [2014-08-16 23:26:51 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Locktime Software [2014-08-11 21:06:52 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\LolClient [2014-08-11 19:54:27 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Macromedia [2014-08-21 07:48:32 | 000,000,000 | --SD | M] -- C:\Users\Marcin\AppData\Roaming\Microsoft [2014-08-11 19:45:53 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Mozilla [2014-08-11 19:49:47 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Oracle [2014-08-20 23:16:17 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Serif [2014-08-11 19:54:10 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\vlc < %SYSTEMDRIVE%\*. /mp /s > < MD5 for: AGP440.SYS > [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009-04-11 15:18:00 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\Marcin\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140811T183110322427\internal_ide_channel\atapi.sys [2009-04-11 15:18:00 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\Marcin\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140811T183110322427\pci\cc_010601\atapi.sys [2009-04-11 15:18:00 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\Marcin\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140811T183110322427\pci\ven_8086&dev_27df\atapi.sys [2009-04-11 15:18:00 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009-04-11 15:18:00 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-11 15:18:00 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: BEEP.SYS > [2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys < MD5 for: EXPLORER.EXE > [2009-04-11 15:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009-04-11 15:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe < MD5 for: NTFS.SYS > [2013-03-03 21:07:52 | 001,082,232 | ---- | M] (Microsoft Corporation) MD5=2C1121F2B87E9A6B12485DF53CD848C7 -- C:\Windows\SoftwareDistribution\Download\041c6f58fca65edef1467ca9da2a7f02\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18799_none_a7ff61ef1a52b1c5\ntfs.sys [2009-04-11 15:18:16 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys [2009-04-11 15:18:16 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys [2013-03-03 21:07:52 | 001,083,240 | ---- | M] (Microsoft Corporation) MD5=ECB54A0E9C40B00CF8FEFE5F455A1EFB -- C:\Windows\SoftwareDistribution\Download\041c6f58fca65edef1467ca9da2a7f02\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.23070_none_a895760033686607\ntfs.sys < MD5 for: SVCHOST.EXE > [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe < MD5 for: USERINIT.EXE > [2008-01-21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008-01-21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WINLOGON.EXE > [2009-04-11 15:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009-04-11 15:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe < %systemroot%\system32\ws2_32.dll /md5 > [2008-01-21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ws2_32.dll < %systemroot%\system32\kernel32.dll /md5 > [2012-08-16 14:46:33 | 000,892,416 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\kernel32.dll < %systemroot%\system32\user32.dll /md5 > [2009-04-11 15:18:28 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\user32.dll < %systemroot%\Tasks\*.* /lockedfiles > [2014-09-06 10:13:02 | 000,031,616 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Restore Points Found ========== ========== Hard Links - Junction Points - Mount Points - Symbolic Links ========== [C:\Users\All Users] -> -> Unknown point type < End of report > [/log] [log]OTL Extras logfile created on: 2014-09-06 14:04:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcin\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 42,21% Memory free 4,24 Gb Paging File | 2,98 Gb Available in Paging File | 70,35% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 93,16 Gb Total Space | 62,84 Gb Free Space | 67,46% Space Free | Partition Type: NTFS Computer Name: MARCIN-PC | User Name: Marcin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE () .ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE () .txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE () [HKEY_USERS\S-1-5-21-2624493067-400939339-2161531577-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 () inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 () jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 () jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 () jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 () jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 () piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" () regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" () scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 () txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" () vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 () vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 () vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 () vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 () wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 () wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 () Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 "{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67 "{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{85467CBC-7A39-33C9-8940-D72D9269B84F}" = Microsoft Visual F# 2.0 Runtime "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010 "{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0016-0415-0000-0000000FF1CE}_Office14.STANDARD_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0018-0415-0000-0000000FF1CE}_Office14.STANDARD_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-0019-0415-0000-0000000FF1CE}_Office14.STANDARD_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001A-0415-0000-0000000FF1CE}_Office14.STANDARD_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001B-0415-0000-0000000FF1CE}_Office14.STANDARD_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.STANDARD_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-001F-0415-0000-0000000FF1CE}_Office14.STANDARD_{1D751709-BA6C-49E2-844B-4F4F20F410C9}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-002C-0415-0000-0000000FF1CE}_Office14.STANDARD_{6606F321-8216-466E-981E-B75A14C46894}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-006E-0415-0000-0000000FF1CE}_Office14.STANDARD_{6AF8887A-72F7-4FA0-ABE4-396172B64550}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00A1-0415-0000-0000000FF1CE}_Office14.STANDARD_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6276 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Polish "{AFF3E3F2-1F74-3D30-3F2B-87C48FE0E34C}" = ATI Catalyst Install Manager "{C675C60B-0CB7-4108-B8CA-C3EC0706DEF0}" = Serif PagePlus Starter Edition "{C8005A7B-9638-41DD-B83B-AF277754E211}" = Oprogramowanie Intel(R) PROSet/Wireless WiFi "{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 "{DFAA3D2B-7087-464E-823B-738A23C29C27}" = Microsoft Visual J# 2.0 Redistributable Package - SE "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin "ATI Uninstaller" = ATI Uninstaller "Cg Toolkit_is1" = NVIDIA Cg Toolkit 3.1 April 2012 "EPSON Printer and Utilities" = EPSON Printer Software "GIMP-2_is1" = GIMP 2.8.10 "Google Chrome" = Google Chrome "HashCheck Shell Extension" = HashCheck Shell Extension (x86-32) "Mozilla Firefox 31.0 (x86 pl)" = Mozilla Firefox 31.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NetBalancer_is1" = NetBalancer "Office14.STANDARD" = Microsoft Office Standard 2010 "ProInst" = Intel PROSet Wireless "ResourceHacker_is1" = Resource Hacker Version 3.6.0 "Unlocker" = Unlocker 1.9.2 "VLC media player" = VLC media player ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2624493067-400939339-2161531577-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "fabulous_09060812" = Fabulous discounts ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2014-09-06 04:15:19 | Computer Name = Marcin-PC | Source = NetBalancer 8.2.2 140812.1057 | ID = 0 Description = System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: Próba połączenia nie powiodła się, ponieważ połączona strona nie odpowiedziała poprawnie po ustalonym okresie czasu lub utworzone połączenie nie powiodło się, ponieważ połączony host nie odpowiedział 162.243.3.184:443 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetResponse() at ey.b() at ey.a() Error - 2014-09-06 04:18:36 | Computer Name = Marcin-PC | Source = NetBalancer 8.2.2 140812.1057 | ID = 0 Description = System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: Próba połączenia nie powiodła się, ponieważ połączona strona nie odpowiedziała poprawnie po ustalonym okresie czasu lub utworzone połączenie nie powiodło się, ponieważ połączony host nie odpowiedział 162.243.3.184:443 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetResponse() at ey.b() at ey.a() Error - 2014-09-06 07:21:33 | Computer Name = Marcin-PC | Source = .NET Runtime | ID = 1026 Description = Error - 2014-09-06 07:21:35 | Computer Name = Marcin-PC | Source = .NET Runtime | ID = 1026 Description = Error - 2014-09-06 07:21:35 | Computer Name = Marcin-PC | Source = .NET Runtime | ID = 1026 Description = Error - 2014-09-06 07:21:36 | Computer Name = Marcin-PC | Source = .NET Runtime | ID = 1026 Description = Error - 2014-09-06 07:21:36 | Computer Name = Marcin-PC | Source = .NET Runtime | ID = 1026 Description = Error - 2014-09-06 07:21:36 | Computer Name = Marcin-PC | Source = .NET Runtime | ID = 1026 Description = Error - 2014-09-06 07:21:37 | Computer Name = Marcin-PC | Source = .NET Runtime | ID = 1026 Description = Error - 2014-09-06 07:21:37 | Computer Name = Marcin-PC | Source = .NET Runtime | ID = 1026 Description = [ System Events ] Error - 2014-09-06 03:53:28 | Computer Name = Marcin-PC | Source = atikmdag | ID = 43034 Description = Unknown EDID version Error - 2014-09-06 03:53:36 | Computer Name = Marcin-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2014-09-06 04:12:56 | Computer Name = Marcin-PC | Source = DCOM | ID = 10010 Description = Error - 2014-09-06 04:14:42 | Computer Name = Marcin-PC | Source = atikmdag | ID = 43034 Description = Unknown EDID version Error - 2014-09-06 04:14:42 | Computer Name = Marcin-PC | Source = atikmdag | ID = 43034 Description = Unknown EDID version Error - 2014-09-06 04:14:50 | Computer Name = Marcin-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2014-09-06 04:17:52 | Computer Name = Marcin-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 10:15:39 na 2014-09-06 było nieoczekiwane. Error - 2014-09-06 04:17:49 | Computer Name = Marcin-PC | Source = atikmdag | ID = 43034 Description = Unknown EDID version Error - 2014-09-06 04:17:49 | Computer Name = Marcin-PC | Source = atikmdag | ID = 43034 Description = Unknown EDID version Error - 2014-09-06 04:17:57 | Computer Name = Marcin-PC | Source = Service Control Manager | ID = 7000 Description = < End of report > [/log] FRST [log]Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-09-2014 Ran by Marcin (administrator) on MARCIN-PC on 06-09-2014 14:13:51 Running from C:\Users\Marcin\Downloads Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe () C:\Program Files\Unlocker\UnlockerAssistant.exe (SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe (Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe () C:\Users\Marcin\AppData\Local\fabulous_09060812\fabulous_09060812.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated) HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] () HKLM\...\Policies\Explorer: [NoRemoteRecursiveEvents] 1 HKU\S-1-5-21-2624493067-400939339-2161531577-1000\...\Run: [NetBalancer] => C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1801960 2014-08-12] (SeriousBit) HKU\S-1-5-21-2624493067-400939339-2161531577-1000\...\Run: [fabulous_09060812] => c:\users\marcin\appdata\local\fabulous_09060812\fabulous_09060812.exe [2715648 2014-09-06] () HKU\S-1-5-21-2624493067-400939339-2161531577-1000\...\Policies\Explorer: [NoSaveSettings] 0 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Optymalizacja systemu.lnk ShortcutTarget: Optymalizacja systemu.lnk -> C:\Windows\VistaMOD\Optymalizacja.cmd () Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fabulous_09060812.lnk ShortcutTarget: fabulous_09060812.lnk -> C:\Users\Marcin\AppData\Local\fabulous_09060812\fabulous_09060812.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\5yyqmk4y.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: ======= CHR HomePage: Default -> 42DBDFD5C7F96C9CEFFD584FF51CDF3CBB335D490CA9A6306E8B54956B09A264 CHR DefaultSearchKeyword: Default -> 56C07937DE158E6DDFFD6283937D3CCF345AD11D2E17CBCE7DDD5822BB8DB54F CHR DefaultSearchProvider: Default -> BDC605B536E26F0A56A074A20F54AE368FC79DCCDF38BF58923163615F7456E1 CHR DefaultSearchURL: Default -> 2CD526BE5B008132F43FD8B13969236EB0EA19C94FAC00CD56F33FF7C7A7AEE8 CHR CustomProfile: C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-14] CHR Extension: (Dysk Google) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-14] CHR Extension: (YouTube) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-14] CHR Extension: (Adblock Plus) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-03] CHR Extension: (Szukaj w Google) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-14] CHR Extension: (Google Wallet) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14] CHR Extension: (Gmail) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-14] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [129256 2014-08-12] (SeriousBit) R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [247808 2012-08-12] (Microsoft Corporation) [File not signed] R2 Themes; C:\Windows\system32\shsvcs.dll [247808 2012-08-12] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [35712 2013-11-25] (SeriousBit) R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2010-10-07] (Intel Corporation) S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-06 14:13 - 2014-09-06 14:14 - 00009224 _____ () C:\Users\Marcin\Downloads\FRST.txt 2014-09-06 14:13 - 2014-09-06 14:13 - 00000000 ____D () C:\FRST 2014-09-06 14:12 - 2014-09-06 14:13 - 01096704 _____ (Farbar) C:\Users\Marcin\Downloads\FRST.exe 2014-09-06 14:10 - 2014-09-06 14:10 - 00130028 _____ () C:\Users\Marcin\Downloads\OTL.Txt 2014-09-06 14:10 - 2014-09-06 14:10 - 00032144 _____ () C:\Users\Marcin\Downloads\Extras.Txt 2014-09-06 14:03 - 2014-09-06 14:03 - 00602112 _____ (OldTimer Tools) C:\Users\Marcin\Downloads\OTL.exe 2014-09-06 13:57 - 2014-09-06 13:57 - 06498200 _____ (Microsoft Corporation) C:\Users\Marcin\Downloads\vcredist_x86.exe 2014-09-06 13:57 - 2014-09-06 13:57 - 00000000 ____D () C:\ProgramData\Package Cache 2014-09-06 13:21 - 2014-09-06 13:21 - 04435856 _____ () C:\Users\Marcin\Downloads\LSharp (3).rar 2014-09-06 13:21 - 2014-09-06 13:21 - 04435856 _____ () C:\Users\Marcin\Downloads\LSharp (2).rar 2014-09-06 10:17 - 2014-09-06 10:17 - 215355532 _____ () C:\Windows\MEMORY.DMP 2014-09-06 10:12 - 2014-09-06 14:12 - 00000000 ____D () C:\Users\Marcin\AppData\Local\fabulous_09060812 2014-09-06 10:12 - 2014-09-06 10:15 - 00000000 ____D () C:\Program Files\Unlocker 2014-09-06 10:12 - 2014-09-06 10:12 - 00402911 _____ () C:\Users\Marcin\Downloads\Unlocker1.9.2 (1).exe 2014-09-06 10:12 - 2014-09-06 10:12 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2014-09-06 10:09 - 2014-09-06 10:09 - 00000622 _____ () C:\Users\Marcin\Downloads\TakeOwnership.zip 2014-09-06 10:09 - 2014-09-06 10:09 - 00000000 ____D () C:\Users\Marcin\Downloads\TakeOwnership 2014-09-06 10:02 - 2014-09-06 10:02 - 00403223 _____ () C:\Users\Marcin\Downloads\kernel32.zip 2014-09-06 10:02 - 2014-09-06 10:02 - 00000000 ____D () C:\Users\Marcin\Downloads\kernel32 2014-09-06 09:56 - 2014-09-06 09:56 - 03530977 _____ () C:\Users\Marcin\Downloads\Leaguesharp 2kelo.rar 2014-09-05 19:07 - 2014-09-05 19:07 - 00016944 _____ () C:\Users\Marcin\Downloads\DeYasuoGodOfLateGame.lua 2014-09-05 18:45 - 2014-09-05 18:45 - 00056405 _____ () C:\Users\Marcin\Downloads\DatYasuo 4.9.9-fix.lua 2014-09-05 16:30 - 2014-09-05 16:31 - 00000000 ____D () C:\Program Files\Resource Hacker 2014-09-05 16:30 - 2014-09-05 16:30 - 00748246 _____ ( ) C:\Users\Marcin\Downloads\reshack_setup.exe 2014-09-05 16:30 - 2014-09-05 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker 2014-09-05 16:20 - 2014-09-05 16:20 - 00102625 _____ () C:\Users\Marcin\Downloads\LeagueSharp-master (1).zip 2014-09-05 16:19 - 2014-09-05 16:19 - 00102625 _____ () C:\Users\Marcin\Downloads\LeagueSharp-master.zip 2014-09-05 16:19 - 2014-09-05 16:19 - 00000000 ____D () C:\Users\Marcin\Downloads\LeagueSharp-master 2014-09-05 16:17 - 2014-09-05 16:17 - 05592697 _____ () C:\Users\Marcin\Downloads\LSharp (1).rar 2014-09-05 12:13 - 2014-09-06 13:57 - 00000000 ____D () C:\Users\Marcin\Downloads\LSharp 2014-09-05 12:11 - 2014-09-05 12:11 - 00872699 _____ () C:\Users\Marcin\Downloads\lsharp.zip 2014-09-05 12:01 - 2014-09-05 12:01 - 05592697 _____ () C:\Users\Marcin\Downloads\LSharp.rar 2014-09-04 13:37 - 2014-09-04 16:32 - 00000088 _____ () C:\Users\Marcin\Desktop\Nowy Text Document (3).txt 2014-09-03 19:08 - 2014-09-03 19:09 - 06958304 _____ (Microsoft Corporation) C:\Users\Marcin\Downloads\Silverlight.exe 2014-09-01 09:20 - 2014-09-03 08:23 - 00000027 _____ () C:\Users\Marcin\Desktop\Nowy Text Document (2).txt 2014-08-31 18:15 - 2014-08-31 18:17 - 00000000 ____D () C:\Users\Marcin\Downloads\BoL Studio 2014-08-29 07:57 - 2014-08-31 18:01 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\cloudrop 2014-08-29 07:53 - 2014-08-29 07:53 - 00000653 _____ () C:\Users\Marcin\Desktop\LoL.lnk 2014-08-21 10:20 - 2014-08-21 10:20 - 00012335 _____ () C:\Users\Marcin\AppData\Local\recently-used.xbel 2014-08-21 09:00 - 2014-08-21 10:20 - 00000000 ____D () C:\Users\Marcin\AppData\Local\gtk-2.0 2014-08-21 08:56 - 2014-08-21 10:20 - 00000000 ____D () C:\Users\Marcin\.gimp-2.8 2014-08-21 08:56 - 2014-08-21 08:56 - 00000000 ____D () C:\Users\Marcin\AppData\Local\gegl-0.2 2014-08-21 08:56 - 2014-08-21 08:56 - 00000000 ____D () C:\Users\Marcin\AppData\Local\fontconfig 2014-08-21 08:56 - 2014-08-21 08:56 - 00000000 ____D () C:\Users\Marcin\.thumbnails 2014-08-21 08:54 - 2014-08-21 08:54 - 00000882 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2014-08-21 08:51 - 2014-08-21 08:54 - 00000000 ____D () C:\Program Files\GIMP 2 2014-08-21 07:46 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-21 07:46 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-21 07:46 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-21 07:46 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-21 07:46 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-21 07:46 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-21 07:46 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-21 07:46 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-21 07:46 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-21 07:38 - 2014-08-21 07:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-08-21 07:38 - 2014-08-21 07:38 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-08-21 07:37 - 2014-08-21 07:37 - 00000000 ____D () C:\Windows\PCHEALTH 2014-08-21 07:35 - 2014-08-21 07:35 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services 2014-08-21 07:34 - 2014-08-21 07:45 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-21 07:34 - 2014-08-21 07:37 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-08-21 07:34 - 2014-08-21 07:34 - 00000000 ____D () C:\Users\Marcin\AppData\Local\Microsoft Help 2014-08-21 07:33 - 2014-08-21 07:33 - 00000000 __RHD () C:\MSOCache 2014-08-20 23:16 - 2014-08-20 23:16 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Serif 2014-08-20 23:10 - 2014-08-20 23:10 - 00001866 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif PagePlus Starter Edition.lnk 2014-08-20 23:10 - 2014-08-20 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications 2014-08-20 23:10 - 2014-08-20 23:10 - 00000000 ____D () C:\Program Files\Common Files\MSSoap 2014-08-20 23:09 - 2014-08-20 23:09 - 00000000 ____D () C:\Program Files\Serif 2014-08-20 23:02 - 2014-08-20 23:07 - 00000009 _____ () C:\END 2014-08-20 22:59 - 2014-08-20 23:03 - 00000029 _____ () C:\Users\Marcin\Desktop\Nowy Text Document.txt 2014-08-18 20:54 - 2014-08-18 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-08-18 20:54 - 2014-08-18 20:54 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-08-17 19:29 - 2014-08-17 19:29 - 00000000 ____D () C:\Program Files\EPSON 2014-08-17 19:26 - 2014-08-17 19:26 - 00000000 __RSH () C:\MSDOS.SYS 2014-08-17 19:26 - 2014-08-17 19:26 - 00000000 __RSH () C:\IO.SYS 2014-08-17 19:26 - 2014-08-17 19:26 - 00000000 ____D () C:\epson 2014-08-16 23:29 - 2014-08-16 23:29 - 00000000 ____D () C:\ProgramData\SeriousBit 2014-08-16 23:27 - 2014-08-16 23:29 - 00000000 ____D () C:\Program Files\NetBalancer 2014-08-16 23:27 - 2014-08-16 23:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBalancer 2014-08-16 23:27 - 2013-11-25 10:28 - 00035712 _____ (SeriousBit) C:\Windows\system32\Drivers\nbdrv.sys 2014-08-16 23:26 - 2014-08-16 23:26 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Locktime Software 2014-08-14 09:41 - 2014-08-14 09:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Install Manager 2014-08-14 09:40 - 2014-08-14 09:40 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-08-14 09:39 - 2014-09-06 10:14 - 00000680 _____ () C:\Windows\PFRO.log 2014-08-14 09:35 - 2014-08-14 09:35 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Intel 2014-08-14 09:34 - 2014-08-14 09:34 - 00006436 _____ () C:\Windows\DPINST.LOG 2014-08-14 09:34 - 2014-08-14 09:34 - 00000000 ____D () C:\ProgramData\Intel 2014-08-14 09:34 - 2014-08-14 09:34 - 00000000 ____D () C:\Program Files\Intel 2014-08-14 09:34 - 2014-08-14 09:34 - 00000000 ____D () C:\Program Files\Common Files\Intel 2014-08-14 09:34 - 2014-08-14 09:34 - 00000000 ____D () C:\Program Files\Cisco 2014-08-14 09:22 - 2014-09-04 18:41 - 00001979 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-08-14 09:22 - 2014-08-14 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-08-14 09:16 - 2014-09-06 13:26 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-14 09:16 - 2014-09-06 10:17 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-14 09:16 - 2014-08-14 09:22 - 00000000 ____D () C:\Users\Marcin\AppData\Local\Google 2014-08-14 09:16 - 2014-08-14 09:22 - 00000000 ____D () C:\Program Files\Google 2014-08-14 09:16 - 2014-08-14 09:19 - 06010880 _____ () C:\Program Files\GUTC0F0.tmp 2014-08-14 09:16 - 2014-08-14 09:16 - 00000000 ____D () C:\Program Files\GUMC0EF.tmp 2014-08-13 16:10 - 2014-08-14 07:54 - 00000000 ____D () C:\0c87a7da8cfce48ca538bdb9b0 2014-08-11 22:00 - 2014-09-05 21:23 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\BoL 2014-08-11 21:57 - 2014-08-28 15:09 - 00000000 ____D () C:\Users\Marcin\Documents\BoL+Studio 2014-08-11 21:06 - 2014-08-11 21:06 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\LolClient 2014-08-11 21:06 - 2014-08-11 21:06 - 00000000 ____D () C:\ProgramData\Riot Games 2014-08-11 20:58 - 2014-08-11 21:15 - 00000000 ____D () C:\League of Legends 2014-08-11 20:50 - 2014-08-11 20:50 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\ATI 2014-08-11 20:50 - 2014-08-11 20:50 - 00000000 ____D () C:\Users\Marcin\AppData\Local\ATI 2014-08-11 20:44 - 2014-08-14 08:44 - 00000248 _____ () C:\Windows\system32\secustat.dat 2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\Program Files\ATI 2014-08-11 20:43 - 2014-08-14 09:31 - 00000891 _____ () C:\Windows\system32\secushr.dat 2014-08-11 20:39 - 2014-08-14 08:44 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\BITS 2014-08-11 20:39 - 2014-08-11 20:39 - 00000025 _____ () C:\Windows\emcore.INI 2014-08-11 20:39 - 2014-08-11 20:39 - 00000000 ____D () C:\Program Files\FlashGet Network 2014-08-11 20:30 - 2014-08-11 20:30 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-08-11 20:30 - 2014-08-11 20:30 - 00000000 ____D () C:\Users\Marcin\AppData\Local\SlimWare Utilities Inc 2014-08-11 20:29 - 2014-08-11 20:29 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled 2014-08-11 20:28 - 2014-08-11 20:28 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\IObit 2014-08-11 20:28 - 2014-08-11 20:28 - 00000000 ____D () C:\ProgramData\IObit 2014-08-11 20:17 - 2014-08-11 20:17 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit 2014-08-11 20:16 - 2014-08-11 20:16 - 00050176 ____H () C:\Windows\system32\config\BCD-Template.LOG 2014-08-11 20:16 - 2014-08-11 20:16 - 00008192 ___RS () C:\BOOTSECT.BAK 2014-08-11 20:16 - 2014-08-11 19:29 - 00000000 ____D () C:\Windows\Panther 2014-08-11 20:16 - 2014-08-11 18:54 - 00000120 _____ () C:\Windows\restartexplorer.bat 2014-08-11 20:16 - 2009-04-11 15:18 - 00333257 __RSH () C:\bootmgr 2014-08-11 20:13 - 2014-08-21 07:37 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-08-11 20:13 - 2009-11-08 09:55 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-08-11 20:13 - 2009-11-08 09:55 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll 2014-08-11 20:13 - 2009-11-08 09:55 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe 2014-08-11 20:13 - 2009-11-08 09:55 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll 2014-08-11 20:13 - 2009-11-08 09:55 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll 2014-08-11 20:02 - 2014-08-21 07:58 - 00058384 _____ () C:\Users\Marcin\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-11 19:58 - 2014-08-11 19:58 - 00000000 ____D () C:\Users\Marcin\AppData\Local\Macromedia 2014-08-11 19:54 - 2014-08-11 19:54 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\vlc 2014-08-11 19:54 - 2014-08-11 19:54 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Macromedia 2014-08-11 19:53 - 2014-08-11 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-08-11 19:53 - 2014-08-11 19:53 - 00000000 ____D () C:\Program Files\VideoLAN 2014-08-11 19:52 - 2014-08-11 19:52 - 00001804 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-08-11 19:52 - 2014-08-11 19:52 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-08-11 19:52 - 2014-08-11 19:52 - 00000000 ____D () C:\Program Files\Adobe 2014-08-11 19:51 - 2014-08-11 19:52 - 00000000 ____D () C:\ProgramData\Adobe 2014-08-11 19:50 - 2014-08-11 19:50 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Adobe 2014-08-11 19:49 - 2014-08-11 19:49 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-08-11 19:49 - 2014-08-11 19:49 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-08-11 19:49 - 2014-08-11 19:49 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-08-11 19:49 - 2014-08-11 19:49 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\Windows\Sun 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Oracle 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\ProgramData\Sun 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\Program Files\Java 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-08-11 19:47 - 2014-09-06 13:16 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-11 19:47 - 2014-08-25 08:37 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-08-11 19:47 - 2014-08-25 08:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-08-11 19:47 - 2014-08-11 19:47 - 00000000 ____D () C:\Windows\system32\Macromed 2014-08-11 19:45 - 2014-08-11 21:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-08-11 19:45 - 2014-08-11 19:45 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-08-11 19:45 - 2014-08-11 19:45 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Mozilla 2014-08-11 19:45 - 2014-08-11 19:45 - 00000000 ____D () C:\Users\Marcin\AppData\Local\Mozilla 2014-08-11 19:45 - 2014-08-11 19:45 - 00000000 ____D () C:\ProgramData\Mozilla 2014-08-11 19:45 - 2014-08-11 19:45 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-08-11 19:39 - 2014-08-11 20:49 - 00000944 _____ () C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-08-11 19:39 - 2014-08-11 19:39 - 00000949 _____ () C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-11 19:39 - 2014-08-11 19:39 - 00000915 _____ () C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk 2014-08-11 19:38 - 2014-09-03 20:44 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-08-11 19:38 - 2014-09-03 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-08-11 19:37 - 2011-11-04 06:13 - 01070352 _____ (Microsoft Corporation) C:\Windows\system32\mscomctl.ocx 2014-08-11 19:37 - 2011-01-12 13:36 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\mfc71u.dll 2014-08-11 19:37 - 2011-01-12 13:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\mfc71deu.dll 2014-08-11 19:37 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ita.dll 2014-08-11 19:37 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71fra.dll 2014-08-11 19:37 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71esp.dll 2014-08-11 19:37 - 2011-01-12 13:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc71enu.dll 2014-08-11 19:37 - 2011-01-12 13:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc71kor.dll 2014-08-11 19:37 - 2011-01-12 13:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc71jpn.dll 2014-08-11 19:37 - 2011-01-12 13:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc71cht.dll 2014-08-11 19:37 - 2011-01-12 13:25 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc71chs.dll 2014-08-11 19:37 - 2011-01-12 13:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll 2014-08-11 19:37 - 2011-01-12 12:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\atl71.dll 2014-08-11 19:37 - 2009-07-20 13:25 - 00126800 _____ (Microsoft Corporation) C:\Windows\system32\mswinsck.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00659264 _____ (Microsoft Corporation) C:\Windows\system32\mscomct2.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00614992 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00443488 _____ (Microsoft Corporation) C:\Windows\system32\mshflxgd.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00415552 _____ (Microsoft Corporation ) C:\Windows\system32\comct332.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00278352 _____ (Microsoft Corporation) C:\Windows\system32\msdatgrd.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00258880 _____ (Microsoft Corporation) C:\Windows\system32\msflxgrd.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00252240 _____ (Microsoft Corporation) C:\Windows\system32\msdatlst.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00222528 _____ (Microsoft Corporation) C:\Windows\system32\dblist32.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00221504 _____ (Microsoft Corporation) C:\Windows\system32\tabctl32.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00218432 _____ (Microsoft Corporation) C:\Windows\system32\richtx32.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00215880 _____ (Microsoft Corporation) C:\Windows\system32\mci32.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00178512 _____ (Microsoft Corporation) C:\Windows\system32\msmask32.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00170080 _____ (Microsoft Corporation) C:\Windows\system32\comct232.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00155984 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00136008 _____ (Microsoft Corporation) C:\Windows\system32\msinet.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\system32\msstdfmt.dll 2014-08-11 19:37 - 2009-03-24 12:52 - 00119616 _____ (Microsoft Corporation) C:\Windows\system32\mscomm32.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00107840 _____ (Microsoft Corporation) C:\Windows\system32\msstkprp.dll 2014-08-11 19:37 - 2009-03-24 12:52 - 00100160 _____ (Microsoft Corporation) C:\Windows\system32\picclp32.ocx 2014-08-11 19:37 - 2009-03-24 12:52 - 00080208 _____ (Microsoft Corporation) C:\Windows\system32\sysinfo.ocx 2014-08-11 19:37 - 2007-02-01 22:13 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll 2014-08-11 19:37 - 2007-02-01 19:11 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll 2014-08-11 19:37 - 2007-01-30 22:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll 2014-08-11 19:37 - 2006-08-26 00:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70u.dll 2014-08-11 19:37 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ita.dll 2014-08-11 19:37 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70fra.dll 2014-08-11 19:37 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70esp.dll 2014-08-11 19:37 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70deu.dll 2014-08-11 19:37 - 2006-08-26 00:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70enu.dll 2014-08-11 19:37 - 2006-08-26 00:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70kor.dll 2014-08-11 19:37 - 2006-08-26 00:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70jpn.dll 2014-08-11 19:37 - 2006-08-26 00:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc70cht.dll 2014-08-11 19:37 - 2006-08-26 00:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc70chs.dll 2014-08-11 19:37 - 2006-08-26 00:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\system32\mfc70.dll 2014-08-11 19:37 - 2006-08-25 23:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\atl70.dll 2014-08-11 19:37 - 2006-04-10 13:41 - 01066176 _____ (Microsoft Corporation) C:\Windows\system32\mscomctl32.ocx 2014-08-11 19:37 - 2005-01-20 19:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\msvci70.dll 2014-08-11 19:37 - 2002-01-05 05:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\msvcp70.dll 2014-08-11 19:37 - 2001-08-23 00:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm50.dll 2014-08-11 19:37 - 1996-01-12 03:00 - 00935632 _____ (Microsoft Corporation) C:\Windows\system\vb40016.dll 2014-08-11 19:37 - 1996-01-12 03:00 - 00722192 _____ (Microsoft Corporation) C:\Windows\system32\vb40032.dll 2014-08-11 19:37 - 1993-07-23 19:31 - 00210944 _____ () C:\Windows\system32\msvcrt10.dll 2014-08-11 19:37 - 1993-05-11 19:00 - 00398416 _____ (Microsoft Corporation) C:\Windows\system\vbrun300.dll 2014-08-11 19:37 - 1992-10-21 00:00 - 00356992 _____ (Microsoft Corporation) C:\Windows\system\vbrun200.dll 2014-08-11 19:37 - 1991-05-10 01:00 - 00271264 _____ () C:\Windows\system\vbrun100.dll 2014-08-11 19:33 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-08-11 19:33 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-08-11 19:33 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-08-11 19:33 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-08-11 19:33 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_43.dll 2014-08-11 19:33 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-08-11 19:33 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-08-11 19:33 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-08-11 19:33 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2014-08-11 19:33 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2014-08-11 19:33 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2014-08-11 19:33 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2014-08-11 19:33 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2014-08-11 19:33 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2014-08-11 19:33 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-08-11 19:33 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2014-08-11 19:33 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2014-08-11 19:33 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_42.dll 2014-08-11 19:33 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2014-08-11 19:33 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2014-08-11 19:33 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2014-08-11 19:33 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2014-08-11 19:33 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2014-08-11 19:33 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_41.dll 2014-08-11 19:33 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2014-08-11 19:33 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2014-08-11 19:33 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2014-08-11 19:33 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2014-08-11 19:33 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2014-08-11 19:33 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2014-08-11 19:33 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_40.dll 2014-08-11 19:33 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-08-11 19:33 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-08-11 19:33 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2014-08-11 19:33 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2014-08-11 19:33 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2014-08-11 19:33 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2014-08-11 19:33 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_39.dll 2014-08-11 19:33 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2014-08-11 19:33 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2014-08-11 19:33 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2014-08-11 19:33 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2014-08-11 19:33 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2014-08-11 19:33 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_38.dll 2014-08-11 19:33 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2014-08-11 19:33 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2014-08-11 19:33 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2014-08-11 19:33 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2014-08-11 19:33 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2014-08-11 19:33 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_37.dll 2014-08-11 19:33 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2014-08-11 19:33 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2014-08-11 19:33 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2014-08-11 19:33 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_2.dll 2014-08-11 19:33 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2014-08-11 19:33 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_36.dll 2014-08-11 19:33 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2014-08-11 19:33 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2014-08-11 19:33 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-08-11 19:33 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_35.dll 2014-08-11 19:33 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2014-08-11 19:33 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2014-08-11 19:33 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2014-08-11 19:33 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_34.dll 2014-08-11 19:33 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2014-08-11 19:33 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2014-08-11 19:33 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2014-08-11 19:33 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2014-08-11 19:33 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2014-08-11 19:33 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_33.dll 2014-08-11 19:33 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2014-08-11 19:33 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2014-08-11 19:33 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2014-08-11 19:33 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2014-08-11 19:33 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2014-08-11 19:33 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-08-11 19:33 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2014-08-11 19:33 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-08-11 19:33 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-08-11 19:33 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2014-08-11 19:33 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-08-11 19:33 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2014-08-11 19:33 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2014-08-11 19:33 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-08-11 19:33 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-08-11 19:33 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-08-11 19:33 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-08-11 19:33 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2014-08-11 19:33 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-08-11 19:33 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-08-11 19:33 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-08-11 19:32 - 2014-08-21 08:56 - 00000000 ____D () C:\Users\Marcin 2014-08-11 19:32 - 2014-08-14 09:39 - 00000680 _____ () C:\Users\Marcin\AppData\Local\d3d9caps.dat 2014-08-11 19:32 - 2014-08-11 19:32 - 00000020 ___SH () C:\Users\Marcin\ntuser.ini 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Ustawienia lokalne 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Szablony 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Moje dokumenty 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Menu Start 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Documents\Moje wideo 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Documents\Moje obrazy 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Documents\Moja muzyka 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Dane aplikacji 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\AppData\Local\Historia 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\AppData\Local\Dane aplikacji 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 ____D () C:\Windows\system32\ShellExt 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 ____D () C:\Program Files\7-Zip 2014-08-11 19:32 - 2008-01-21 04:42 - 00000000 ___RD () C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-08-11 19:32 - 2008-01-21 04:42 - 00000000 ___RD () C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Public\Documents\Moje wideo 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Public\Documents\Moje obrazy 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Public\Documents\Moja muzyka 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Ustawienia lokalne 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Szablony 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Moje dokumenty 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Menu Start 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Documents\Moje wideo 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Documents\Moje obrazy 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Documents\Moja muzyka 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Dane aplikacji 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historia 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dane aplikacji 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje wideo 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje obrazy 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Moja muzyka 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Historia 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dane aplikacji 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Ulubione 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Szablony 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Pulpit 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Menu Start 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Dokumenty 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Dane aplikacji 2014-08-11 19:27 - 2014-08-11 19:27 - 00000314 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk 2014-08-11 19:25 - 2014-08-11 19:28 - 00346840 _____ () C:\Windows\setupact.log 2014-08-11 19:25 - 2014-08-11 19:25 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-11 19:21 - 2014-09-06 13:57 - 01840504 _____ () C:\Windows\WindowsUpdate.log 2014-08-11 19:19 - 2014-08-22 09:51 - 00212080 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-11 19:19 - 2014-08-11 19:27 - 00001355 _____ () C:\Windows\TSSysprep.log 2014-08-11 19:19 - 2014-08-11 19:19 - 00000516 _____ () C:\Windows\DtcInstall.log 2014-08-11 19:19 - 2014-08-11 19:19 - 00000099 _____ () C:\Windows\SETUPAPI.LOG ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-06 14:14 - 2014-09-06 14:13 - 00009224 _____ () C:\Users\Marcin\Downloads\FRST.txt 2014-09-06 14:13 - 2014-09-06 14:13 - 00000000 ____D () C:\FRST 2014-09-06 14:13 - 2014-09-06 14:12 - 01096704 _____ (Farbar) C:\Users\Marcin\Downloads\FRST.exe 2014-09-06 14:12 - 2014-09-06 10:12 - 00000000 ____D () C:\Users\Marcin\AppData\Local\fabulous_09060812 2014-09-06 14:10 - 2014-09-06 14:10 - 00130028 _____ () C:\Users\Marcin\Downloads\OTL.Txt 2014-09-06 14:10 - 2014-09-06 14:10 - 00032144 _____ () C:\Users\Marcin\Downloads\Extras.Txt 2014-09-06 14:03 - 2014-09-06 14:03 - 00602112 _____ (OldTimer Tools) C:\Users\Marcin\Downloads\OTL.exe 2014-09-06 13:57 - 2014-09-06 13:57 - 06498200 _____ (Microsoft Corporation) C:\Users\Marcin\Downloads\vcredist_x86.exe 2014-09-06 13:57 - 2014-09-06 13:57 - 00000000 ____D () C:\ProgramData\Package Cache 2014-09-06 13:57 - 2014-09-05 12:13 - 00000000 ____D () C:\Users\Marcin\Downloads\LSharp 2014-09-06 13:57 - 2014-08-11 19:21 - 01840504 _____ () C:\Windows\WindowsUpdate.log 2014-09-06 13:26 - 2014-08-14 09:16 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-06 13:21 - 2014-09-06 13:21 - 04435856 _____ () C:\Users\Marcin\Downloads\LSharp (3).rar 2014-09-06 13:21 - 2014-09-06 13:21 - 04435856 _____ () C:\Users\Marcin\Downloads\LSharp (2).rar 2014-09-06 13:16 - 2014-08-11 19:47 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-06 12:17 - 2006-11-02 14:47 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-06 12:17 - 2006-11-02 14:47 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-06 10:22 - 2009-04-13 10:02 - 01613794 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-06 10:22 - 2009-04-13 10:01 - 00714160 _____ () C:\Windows\system32\perfh015.dat 2014-09-06 10:22 - 2009-04-13 10:01 - 00151000 _____ () C:\Windows\system32\perfc015.dat 2014-09-06 10:17 - 2014-09-06 10:17 - 215355532 _____ () C:\Windows\MEMORY.DMP 2014-09-06 10:17 - 2014-08-14 09:16 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-06 10:17 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-06 10:15 - 2014-09-06 10:12 - 00000000 ____D () C:\Program Files\Unlocker 2014-09-06 10:14 - 2014-08-14 09:39 - 00000680 _____ () C:\Windows\PFRO.log 2014-09-06 10:13 - 2006-11-02 15:01 - 00031616 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-09-06 10:12 - 2014-09-06 10:12 - 00402911 _____ () C:\Users\Marcin\Downloads\Unlocker1.9.2 (1).exe 2014-09-06 10:12 - 2014-09-06 10:12 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2014-09-06 10:09 - 2014-09-06 10:09 - 00000622 _____ () C:\Users\Marcin\Downloads\TakeOwnership.zip 2014-09-06 10:09 - 2014-09-06 10:09 - 00000000 ____D () C:\Users\Marcin\Downloads\TakeOwnership 2014-09-06 10:02 - 2014-09-06 10:02 - 00403223 _____ () C:\Users\Marcin\Downloads\kernel32.zip 2014-09-06 10:02 - 2014-09-06 10:02 - 00000000 ____D () C:\Users\Marcin\Downloads\kernel32 2014-09-06 09:56 - 2014-09-06 09:56 - 03530977 _____ () C:\Users\Marcin\Downloads\Leaguesharp 2kelo.rar 2014-09-05 21:23 - 2014-08-11 22:00 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\BoL 2014-09-05 19:07 - 2014-09-05 19:07 - 00016944 _____ () C:\Users\Marcin\Downloads\DeYasuoGodOfLateGame.lua 2014-09-05 18:45 - 2014-09-05 18:45 - 00056405 _____ () C:\Users\Marcin\Downloads\DatYasuo 4.9.9-fix.lua 2014-09-05 16:31 - 2014-09-05 16:30 - 00000000 ____D () C:\Program Files\Resource Hacker 2014-09-05 16:30 - 2014-09-05 16:30 - 00748246 _____ ( ) C:\Users\Marcin\Downloads\reshack_setup.exe 2014-09-05 16:30 - 2014-09-05 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker 2014-09-05 16:20 - 2014-09-05 16:20 - 00102625 _____ () C:\Users\Marcin\Downloads\LeagueSharp-master (1).zip 2014-09-05 16:19 - 2014-09-05 16:19 - 00102625 _____ () C:\Users\Marcin\Downloads\LeagueSharp-master.zip 2014-09-05 16:19 - 2014-09-05 16:19 - 00000000 ____D () C:\Users\Marcin\Downloads\LeagueSharp-master 2014-09-05 16:17 - 2014-09-05 16:17 - 05592697 _____ () C:\Users\Marcin\Downloads\LSharp (1).rar 2014-09-05 12:11 - 2014-09-05 12:11 - 00872699 _____ () C:\Users\Marcin\Downloads\lsharp.zip 2014-09-05 12:01 - 2014-09-05 12:01 - 05592697 _____ () C:\Users\Marcin\Downloads\LSharp.rar 2014-09-04 18:41 - 2014-08-14 09:22 - 00001979 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-09-04 16:32 - 2014-09-04 13:37 - 00000088 _____ () C:\Users\Marcin\Desktop\Nowy Text Document (3).txt 2014-09-03 20:44 - 2014-08-11 19:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-09-03 19:09 - 2014-09-03 19:08 - 06958304 _____ (Microsoft Corporation) C:\Users\Marcin\Downloads\Silverlight.exe 2014-09-03 19:09 - 2014-08-11 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-09-03 08:23 - 2014-09-01 09:20 - 00000027 _____ () C:\Users\Marcin\Desktop\Nowy Text Document (2).txt 2014-08-31 18:17 - 2014-08-31 18:15 - 00000000 ____D () C:\Users\Marcin\Downloads\BoL Studio 2014-08-31 18:01 - 2014-08-29 07:57 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\cloudrop 2014-08-29 07:53 - 2014-08-29 07:53 - 00000653 _____ () C:\Users\Marcin\Desktop\LoL.lnk 2014-08-28 15:09 - 2014-08-11 21:57 - 00000000 ____D () C:\Users\Marcin\Documents\BoL+Studio 2014-08-25 08:37 - 2014-08-11 19:47 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-08-25 08:37 - 2014-08-11 19:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-08-22 10:07 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache 2014-08-22 09:51 - 2014-08-11 19:19 - 00212080 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-22 00:31 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-08-21 10:29 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-08-21 10:20 - 2014-08-21 10:20 - 00012335 _____ () C:\Users\Marcin\AppData\Local\recently-used.xbel 2014-08-21 10:20 - 2014-08-21 09:00 - 00000000 ____D () C:\Users\Marcin\AppData\Local\gtk-2.0 2014-08-21 10:20 - 2014-08-21 08:56 - 00000000 ____D () C:\Users\Marcin\.gimp-2.8 2014-08-21 08:56 - 2014-08-21 08:56 - 00000000 ____D () C:\Users\Marcin\AppData\Local\gegl-0.2 2014-08-21 08:56 - 2014-08-21 08:56 - 00000000 ____D () C:\Users\Marcin\.thumbnails 2014-08-21 08:56 - 2014-08-11 19:32 - 00000000 ____D () C:\Users\Marcin 2014-08-21 08:54 - 2014-08-21 08:54 - 00000882 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2014-08-21 08:54 - 2014-08-21 08:51 - 00000000 ____D () C:\Program Files\GIMP 2 2014-08-21 07:58 - 2014-08-11 20:02 - 00058384 _____ () C:\Users\Marcin\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-21 07:47 - 2006-11-02 14:50 - 00001661 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk 2014-08-21 07:45 - 2014-08-21 07:34 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-21 07:38 - 2014-08-21 07:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-08-21 07:38 - 2014-08-21 07:38 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-08-21 07:38 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-08-21 07:37 - 2014-08-21 07:37 - 00000000 ____D () C:\Windows\PCHEALTH 2014-08-21 07:37 - 2014-08-21 07:34 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-08-21 07:37 - 2014-08-11 20:13 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-08-21 07:36 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\ShellNew 2014-08-21 07:35 - 2014-08-21 07:35 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services 2014-08-21 07:34 - 2014-08-21 07:34 - 00000000 ____D () C:\Users\Marcin\AppData\Local\Microsoft Help 2014-08-21 07:33 - 2014-08-21 07:33 - 00000000 __RHD () C:\MSOCache 2014-08-20 23:16 - 2014-08-20 23:16 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Serif 2014-08-20 23:10 - 2014-08-20 23:10 - 00001866 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif PagePlus Starter Edition.lnk 2014-08-20 23:10 - 2014-08-20 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications 2014-08-20 23:10 - 2014-08-20 23:10 - 00000000 ____D () C:\Program Files\Common Files\MSSoap 2014-08-20 23:09 - 2014-08-20 23:09 - 00000000 ____D () C:\Program Files\Serif 2014-08-20 23:07 - 2014-08-20 23:02 - 00000009 _____ () C:\END 2014-08-20 23:03 - 2014-08-20 22:59 - 00000029 _____ () C:\Users\Marcin\Desktop\Nowy Text Document.txt 2014-08-18 20:54 - 2014-08-18 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-08-18 20:54 - 2014-08-18 20:54 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-08-17 19:29 - 2014-08-17 19:29 - 00000000 ____D () C:\Program Files\EPSON 2014-08-17 19:26 - 2014-08-17 19:26 - 00000000 __RSH () C:\MSDOS.SYS 2014-08-17 19:26 - 2014-08-17 19:26 - 00000000 __RSH () C:\IO.SYS 2014-08-17 19:26 - 2014-08-17 19:26 - 00000000 ____D () C:\epson 2014-08-16 23:29 - 2014-08-16 23:29 - 00000000 ____D () C:\ProgramData\SeriousBit 2014-08-16 23:29 - 2014-08-16 23:27 - 00000000 ____D () C:\Program Files\NetBalancer 2014-08-16 23:27 - 2014-08-16 23:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBalancer 2014-08-16 23:26 - 2014-08-16 23:26 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Locktime Software 2014-08-15 15:41 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-08-14 09:41 - 2014-08-14 09:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Install Manager 2014-08-14 09:40 - 2014-08-14 09:40 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-08-14 09:39 - 2014-08-11 19:32 - 00000680 _____ () C:\Users\Marcin\AppData\Local\d3d9caps.dat 2014-08-14 09:35 - 2014-08-14 09:35 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Intel 2014-08-14 09:34 - 2014-08-14 09:34 - 00006436 _____ () C:\Windows\DPINST.LOG 2014-08-14 09:34 - 2014-08-14 09:34 - 00000000 ____D () C:\ProgramData\Intel 2014-08-14 09:34 - 2014-08-14 09:34 - 00000000 ____D () C:\Program Files\Intel 2014-08-14 09:34 - 2014-08-14 09:34 - 00000000 ____D () C:\Program Files\Common Files\Intel 2014-08-14 09:34 - 2014-08-14 09:34 - 00000000 ____D () C:\Program Files\Cisco 2014-08-14 09:31 - 2014-08-11 20:43 - 00000891 _____ () C:\Windows\system32\secushr.dat 2014-08-14 09:22 - 2014-08-14 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-08-14 09:22 - 2014-08-14 09:16 - 00000000 ____D () C:\Users\Marcin\AppData\Local\Google 2014-08-14 09:22 - 2014-08-14 09:16 - 00000000 ____D () C:\Program Files\Google 2014-08-14 09:19 - 2014-08-14 09:16 - 06010880 _____ () C:\Program Files\GUTC0F0.tmp 2014-08-14 09:16 - 2014-08-14 09:16 - 00000000 ____D () C:\Program Files\GUMC0EF.tmp 2014-08-14 08:44 - 2014-08-11 20:44 - 00000248 _____ () C:\Windows\system32\secustat.dat 2014-08-14 08:44 - 2014-08-11 20:39 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\BITS 2014-08-14 07:54 - 2014-08-13 16:10 - 00000000 ____D () C:\0c87a7da8cfce48ca538bdb9b0 2014-08-11 21:25 - 2014-08-11 19:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-08-11 21:15 - 2014-08-11 20:58 - 00000000 ____D () C:\League of Legends 2014-08-11 21:06 - 2014-08-11 21:06 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\LolClient 2014-08-11 21:06 - 2014-08-11 21:06 - 00000000 ____D () C:\ProgramData\Riot Games 2014-08-11 20:50 - 2014-08-11 20:50 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\ATI 2014-08-11 20:50 - 2014-08-11 20:50 - 00000000 ____D () C:\Users\Marcin\AppData\Local\ATI 2014-08-11 20:49 - 2014-08-11 19:39 - 00000944 _____ () C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\Program Files\ATI 2014-08-11 20:39 - 2014-08-11 20:39 - 00000025 _____ () C:\Windows\emcore.INI 2014-08-11 20:39 - 2014-08-11 20:39 - 00000000 ____D () C:\Program Files\FlashGet Network 2014-08-11 20:30 - 2014-08-11 20:30 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-08-11 20:30 - 2014-08-11 20:30 - 00000000 ____D () C:\Users\Marcin\AppData\Local\SlimWare Utilities Inc 2014-08-11 20:29 - 2014-08-11 20:29 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled 2014-08-11 20:28 - 2014-08-11 20:28 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\IObit 2014-08-11 20:28 - 2014-08-11 20:28 - 00000000 ____D () C:\ProgramData\IObit 2014-08-11 20:17 - 2014-08-11 20:17 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit 2014-08-11 20:16 - 2014-08-11 20:16 - 00050176 ____H () C:\Windows\system32\config\BCD-Template.LOG 2014-08-11 20:16 - 2014-08-11 20:16 - 00008192 ___RS () C:\BOOTSECT.BAK 2014-08-11 20:16 - 2006-11-02 14:37 - 00262144 _____ () C:\Windows\system32\config\BCD-Template 2014-08-11 19:58 - 2014-08-11 19:58 - 00000000 ____D () C:\Users\Marcin\AppData\Local\Macromedia 2014-08-11 19:54 - 2014-08-11 19:54 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\vlc 2014-08-11 19:54 - 2014-08-11 19:54 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Macromedia 2014-08-11 19:53 - 2014-08-11 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-08-11 19:53 - 2014-08-11 19:53 - 00000000 ____D () C:\Program Files\VideoLAN 2014-08-11 19:52 - 2014-08-11 19:52 - 00001804 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-08-11 19:52 - 2014-08-11 19:52 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-08-11 19:52 - 2014-08-11 19:52 - 00000000 ____D () C:\Program Files\Adobe 2014-08-11 19:52 - 2014-08-11 19:51 - 00000000 ____D () C:\ProgramData\Adobe 2014-08-11 19:50 - 2014-08-11 19:50 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Adobe 2014-08-11 19:49 - 2014-08-11 19:49 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-08-11 19:49 - 2014-08-11 19:49 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-08-11 19:49 - 2014-08-11 19:49 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-08-11 19:49 - 2014-08-11 19:49 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\Windows\Sun 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Oracle 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\ProgramData\Sun 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\Program Files\Java 2014-08-11 19:49 - 2014-08-11 19:49 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-08-11 19:47 - 2014-08-11 19:47 - 00000000 ____D () C:\Windows\system32\Macromed 2014-08-11 19:45 - 2014-08-11 19:45 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-08-11 19:45 - 2014-08-11 19:45 - 00000000 ____D () C:\Users\Marcin\AppData\Roaming\Mozilla 2014-08-11 19:45 - 2014-08-11 19:45 - 00000000 ____D () C:\Users\Marcin\AppData\Local\Mozilla 2014-08-11 19:45 - 2014-08-11 19:45 - 00000000 ____D () C:\ProgramData\Mozilla 2014-08-11 19:45 - 2014-08-11 19:45 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-08-11 19:39 - 2014-08-11 19:39 - 00000949 _____ () C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-11 19:39 - 2014-08-11 19:39 - 00000915 _____ () C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk 2014-08-11 19:37 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system 2014-08-11 19:32 - 2014-08-11 19:32 - 00000020 ___SH () C:\Users\Marcin\ntuser.ini 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Ustawienia lokalne 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Szablony 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Moje dokumenty 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Menu Start 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Documents\Moje wideo 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Documents\Moje obrazy 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Documents\Moja muzyka 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\Dane aplikacji 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\AppData\Local\Historia 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 _SHDL () C:\Users\Marcin\AppData\Local\Dane aplikacji 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 ____D () C:\Windows\system32\ShellExt 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-08-11 19:32 - 2014-08-11 19:32 - 00000000 ____D () C:\Program Files\7-Zip 2014-08-11 19:32 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\restore 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Public\Documents\Moje wideo 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Public\Documents\Moje obrazy 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Public\Documents\Moja muzyka 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Ustawienia lokalne 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Szablony 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Moje dokumenty 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Menu Start 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Documents\Moje wideo 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Documents\Moje obrazy 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Documents\Moja muzyka 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\Dane aplikacji 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historia 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dane aplikacji 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje wideo 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje obrazy 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Moja muzyka 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Historia 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dane aplikacji 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Ulubione 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Szablony 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Pulpit 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Menu Start 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Dokumenty 2014-08-11 19:31 - 2014-08-11 19:31 - 00000000 _SHDL () C:\ProgramData\Dane aplikacji 2014-08-11 19:31 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default 2014-08-11 19:31 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Windows NT 2014-08-11 19:29 - 2014-08-11 20:16 - 00000000 ____D () C:\Windows\Panther 2014-08-11 19:28 - 2014-08-11 19:25 - 00346840 _____ () C:\Windows\setupact.log 2014-08-11 19:27 - 2014-08-11 19:27 - 00000314 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk 2014-08-11 19:27 - 2014-08-11 19:19 - 00001355 _____ () C:\Windows\TSSysprep.log 2014-08-11 19:27 - 2006-11-02 13:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-08-11 19:25 - 2014-08-11 19:25 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-11 19:19 - 2014-08-11 19:19 - 00000516 _____ () C:\Windows\DtcInstall.log 2014-08-11 19:19 - 2014-08-11 19:19 - 00000099 _____ () C:\Windows\SETUPAPI.LOG 2014-08-11 18:54 - 2014-08-11 20:16 - 00000120 _____ () C:\Windows\restartexplorer.bat Some content of TEMP: ==================== C:\Users\Marcin\AppData\Local\Temp\bitool.dll C:\Users\Marcin\AppData\Local\Temp\conduitinstaller.exe C:\Users\Marcin\AppData\Local\Temp\ESDPK-PLX4-PagePlusStarterEdition_Setup.exe C:\Users\Marcin\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Marcin\AppData\Local\Temp\gtapi_signed.dll C:\Users\Marcin\AppData\Local\Temp\{6FB7C923-A7B3-4E3A-8BBB-F681AD541499}-36.0.1985.143_chrome_installer.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-06 10:23 ==================== End Of Log ============================[/log] [log]Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-09-2014 Ran by Marcin at 2014-09-06 14:14:36 Running from C:\Users\Marcin\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated) Adobe Reader X (10.1.0) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated) ATI Catalyst Install Manager (HKLM\...\{AFF3E3F2-1F74-3D30-3F2B-87C48FE0E34C}) (Version: 3.0.624.0 - ATI Technologies, Inc.) ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.383.1.1-070621a-049739C-Lenovo - ATI Technologies, Inc.) Definition update for Microsoft Office 2010 (KB982726) (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{2FD3FD50-4D6B-433B-9AB8-83F04675DA44}) (Version: - Microsoft) EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - ) Fabulous discounts (HKCU\...\fabulous_09060812) (Version: - ) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.) Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden HashCheck Shell Extension (x86-32) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) Intel PROSet Wireless (Version: - ) Hidden Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft) Microsoft Office 2010 Service Pack 1 (SP1) (Version: - Microsoft) Hidden Microsoft Office Excel MUI (Polish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Polish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (Polish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Polish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Polish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (Polish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (Polish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Polish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Office Standard 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Polish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6276 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6276 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\{DFAA3D2B-7087-464E-823B-738A23C29C27}) (Version: 2.0.50728 - Microsoft Corporation) Mozilla Firefox 31.0 (x86 pl) (HKLM\...\Mozilla Firefox 31.0 (x86 pl)) (Version: 31.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit) NVIDIA Cg Toolkit 3.1 April 2012 (HKLM\...\Cg Toolkit_is1) (Version: - NVIDIA Corporation) Oprogramowanie Intel(R) PROSet/Wireless WiFi (HKLM\...\{C8005A7B-9638-41DD-B83B-AF277754E211}) (Version: 14.03.0000 - Intel Corporation) Resource Hacker Version 3.6.0 (HKLM\...\ResourceHacker_is1) (Version: - ) Serif PagePlus Starter Edition (HKLM\...\{C675C60B-0CB7-4108-B8CA-C3EC0706DEF0}) (Version: 2.0.2.009 - Serif (Europe) Ltd) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 01-09-2014 08:56:06 Zaplanowany punkt kontrolny 05-09-2014 08:37:55 Zaplanowany punkt kontrolny 06-09-2014 09:29:53 Zaplanowany punkt kontrolny 06-09-2014 11:57:29 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 12:23 - 2014-08-12 08:03 - 00000831 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 255.255.255.255 bolscripts.net 255.255.255.255 www.bolscripts.net ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {5C00C896-6024-4E45-90CF-26365897697D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-25] (Adobe Systems Incorporated) Task: {89194558-47E7-4A9E-B507-6C91CE4E6504} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe Task: {9E4BA7DB-37AA-4D88-8336-E9A618166356} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-14] (Google Inc.) Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries Task: {AA4C51F5-C189-420A-90B1-9DB8CB1B36F1} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {B515D883-C3E0-45A7-B686-94F01E15A135} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-14] (Google Inc.) Task: {DE15D62E-0E1D-44B2-90AD-346EE4EC88E2} - System32\Tasks\Driver Booster SkipUAC (Marcin) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-07-04 23:32 - 2010-07-04 23:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll 2010-07-04 23:32 - 2010-07-04 23:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2007-06-21 17:27 - 2007-06-21 17:27 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll 2010-07-04 21:51 - 2010-07-04 21:51 - 00017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe 2014-09-06 10:12 - 2014-09-06 10:12 - 02715648 _____ () C:\Users\Marcin\AppData\Local\fabulous_09060812\fabulous_09060812.exe 2014-09-04 18:40 - 2014-08-30 04:49 - 08577864 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.103\pdf.dll 2014-09-04 18:40 - 2014-08-30 04:49 - 00331592 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll 2014-09-04 18:40 - 2014-08-30 04:49 - 01660232 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll 2014-08-14 09:55 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2014-08-14 09:55 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Biometric Coprocessor Description: Biometric Coprocessor Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (09/06/2014 01:21:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:33 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 10:18:36 AM) (Source: NetBalancer 8.2.2 140812.1057) (EventID: 0) (User: ) Description: System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: Próba połączenia nie powiodła się, ponieważ połączona strona nie odpowiedziała poprawnie po ustalonym okresie czasu lub utworzone połączenie nie powiodło się, ponieważ połączony host nie odpowiedział 162.243.3.184:443 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetResponse() at ey.b() at ey.a() Error: (09/06/2014 10:15:19 AM) (Source: NetBalancer 8.2.2 140812.1057) (EventID: 0) (User: ) Description: System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: Próba połączenia nie powiodła się, ponieważ połączona strona nie odpowiedziała poprawnie po ustalonym okresie czasu lub utworzone połączenie nie powiodło się, ponieważ połączony host nie odpowiedział 162.243.3.184:443 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetResponse() at ey.b() at ey.a() System errors: ============= Error: (09/06/2014 10:17:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (09/06/2014 10:17:49 AM) (Source: atikmdag) (EventID: 10266) (User: ) Description: Unknown EDID version Error: (09/06/2014 10:17:49 AM) (Source: atikmdag) (EventID: 10266) (User: ) Description: Unknown EDID version Error: (09/06/2014 10:17:52 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 10:15:39 na 2014-09-06 było nieoczekiwane. Error: (09/06/2014 10:14:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (09/06/2014 10:14:42 AM) (Source: atikmdag) (EventID: 10266) (User: ) Description: Unknown EDID version Error: (09/06/2014 10:14:42 AM) (Source: atikmdag) (EventID: 10266) (User: ) Description: Unknown EDID version Error: (09/06/2014 10:12:56 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (09/06/2014 09:53:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (09/06/2014 09:53:28 AM) (Source: atikmdag) (EventID: 10266) (User: ) Description: Unknown EDID version Microsoft Office Sessions: ========================= Error: (09/06/2014 01:21:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 01:21:33 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: YasuoSharp.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException Stack: at Yasuo_Sharpino.YasuoSharp..ctor() at Yasuo_Sharpino.Program.Main(System.String[]) Error: (09/06/2014 10:18:36 AM) (Source: NetBalancer 8.2.2 140812.1057) (EventID: 0) (User: ) Description: System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: Próba połączenia nie powiodła się, ponieważ połączona strona nie odpowiedziała poprawnie po ustalonym okresie czasu lub utworzone połączenie nie powiodło się, ponieważ połączony host nie odpowiedział 162.243.3.184:443 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetResponse() at ey.b() at ey.a() Error: (09/06/2014 10:15:19 AM) (Source: NetBalancer 8.2.2 140812.1057) (EventID: 0) (User: ) Description: System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: Próba połączenia nie powiodła się, ponieważ połączona strona nie odpowiedziała poprawnie po ustalonym okresie czasu lub utworzone połączenie nie powiodło się, ponieważ połączony host nie odpowiedział 162.243.3.184:443 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetResponse() at ey.b() at ey.a() ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz Percentage of memory in use: 59% Total physical RAM: 2045.66 MB Available physical RAM: 828.98 MB Total Pagefile: 4340.38 MB Available Pagefile: 3019.75 MB Total Virtual: 2047.88 MB Available Virtual: 1896.95 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:93.16 GB) (Free:62.77 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 93.2 GB) (Disk ID: 0000E7BC) Partition 1: (Active) - (Size=93.2 GB) - (Type=07 NTFS) ==================== End Of Log ============================[/log] GMER [log]GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-09-06 14:28:44 Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2 HTS721010G9SA00 rev.MCZIC10H 93,16GB Running: vfzl8xce.exe; Driver: C:\Users\Marcin\AppData\Local\Temp\pxdiypog.sys ---- User code sections - GMER 2.1 ---- .text C:\Windows\Explorer.EXE[380] SHELL32.dll!SHFileOperationW 75E468E8 5 Bytes JMP 10001102 C:\Program Files\Unlocker\UnlockerHook.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtCreateFile + 6 775F424A 4 Bytes [28, EC, 59, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtCreateFile + B 775F424F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtMapViewOfSection + 6 775F499A 4 Bytes [28, EF, 59, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtMapViewOfSection + B 775F499F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtOpenFile + 6 775F4A2A 4 Bytes [68, EC, 59, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtOpenFile + B 775F4A2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtOpenProcess + 6 775F4AAA 4 Bytes [A8, ED, 59, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtOpenProcess + B 775F4AAF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtOpenProcessToken + B 775F4ABF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtOpenProcessTokenEx + 6 775F4ACA 4 Bytes [A8, EE, 59, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtOpenProcessTokenEx + B 775F4ACF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtOpenThread + 6 775F4B1A 4 Bytes [68, ED, 59, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtOpenThread + B 775F4B1F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtOpenThreadToken + 6 775F4B2A 4 Bytes [68, EE, 59, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtOpenThreadToken + B 775F4B2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtOpenThreadTokenEx + B 775F4B3F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtQueryAttributesFile + 6 775F4BCA 4 Bytes [A8, EC, 59, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtQueryAttributesFile + B 775F4BCF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtQueryFullAttributesFile + B 775F4C7F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtSetInformationFile + 6 775F515A 4 Bytes [28, ED, 59, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtSetInformationFile + B 775F515F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtSetInformationThread + 6 775F51AA 4 Bytes [28, EE, 59, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtSetInformationThread + B 775F51AF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtTerminateProcess 775F5364 5 Bytes JMP 0095D448 C:\Program Files\Google\Chrome\Application\chrome.exe .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtUnmapViewOfSection + 6 775F544A 4 Bytes [68, EF, 59, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1632] ntdll.dll!NtUnmapViewOfSection + B 775F544F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtCreateFile + 6 775F424A 4 Bytes [28, 0C, 18, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtCreateFile + B 775F424F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtMapViewOfSection + 6 775F499A 4 Bytes [28, 0F, 18, 00] {SUB [EDI], CL; SBB [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtMapViewOfSection + B 775F499F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenFile + 6 775F4A2A 4 Bytes [68, 0C, 18, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenFile + B 775F4A2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenProcess + 6 775F4AAA 4 Bytes [A8, 0D, 18, 00] {TEST AL, 0xd; SBB [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenProcess + B 775F4AAF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenProcessToken + B 775F4ABF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenProcessTokenEx + 6 775F4ACA 4 Bytes [A8, 0E, 18, 00] {TEST AL, 0xe; SBB [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenProcessTokenEx + B 775F4ACF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenThread + 6 775F4B1A 4 Bytes [68, 0D, 18, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenThread + B 775F4B1F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenThreadToken + 6 775F4B2A 4 Bytes [68, 0E, 18, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenThreadToken + B 775F4B2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenThreadTokenEx + B 775F4B3F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtQueryAttributesFile + 6 775F4BCA 4 Bytes [A8, 0C, 18, 00] {TEST AL, 0xc; SBB [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtQueryAttributesFile + B 775F4BCF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtQueryFullAttributesFile + B 775F4C7F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtSetInformationFile + 6 775F515A 4 Bytes [28, 0D, 18, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtSetInformationFile + B 775F515F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtSetInformationThread + 6 775F51AA 4 Bytes [28, 0E, 18, 00] {SUB [ESI], CL; SBB [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtSetInformationThread + B 775F51AF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtTerminateProcess 775F5364 5 Bytes JMP 0095D448 C:\Program Files\Google\Chrome\Application\chrome.exe .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtUnmapViewOfSection + 6 775F544A 4 Bytes [68, 0F, 18, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtUnmapViewOfSection + B 775F544F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtCreateFile + 6 775F424A 4 Bytes [28, D4, 24, 00] {SUB AH, DL; AND AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtCreateFile + B 775F424F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtMapViewOfSection + 6 775F499A 4 Bytes [28, D7, 24, 00] {SUB BH, DL; AND AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtMapViewOfSection + B 775F499F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtOpenFile + 6 775F4A2A 4 Bytes [68, D4, 24, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtOpenFile + B 775F4A2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtOpenProcess + 6 775F4AAA 4 Bytes [A8, D5, 24, 00] {TEST AL, 0xd5; AND AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtOpenProcess + B 775F4AAF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtOpenProcessToken + B 775F4ABF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtOpenProcessTokenEx + 6 775F4ACA 4 Bytes [A8, D6, 24, 00] {TEST AL, 0xd6; AND AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtOpenProcessTokenEx + B 775F4ACF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtOpenThread + 6 775F4B1A 4 Bytes [68, D5, 24, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtOpenThread + B 775F4B1F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtOpenThreadToken + 6 775F4B2A 4 Bytes [68, D6, 24, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtOpenThreadToken + B 775F4B2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtOpenThreadTokenEx + B 775F4B3F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtQueryAttributesFile + 6 775F4BCA 4 Bytes [A8, D4, 24, 00] {TEST AL, 0xd4; AND AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtQueryAttributesFile + B 775F4BCF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtQueryFullAttributesFile + B 775F4C7F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtSetInformationFile + 6 775F515A 4 Bytes [28, D5, 24, 00] {SUB CH, DL; AND AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtSetInformationFile + B 775F515F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtSetInformationThread + 6 775F51AA 4 Bytes [28, D6, 24, 00] {SUB DH, DL; AND AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtSetInformationThread + B 775F51AF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtTerminateProcess 775F5364 5 Bytes JMP 0095D448 C:\Program Files\Google\Chrome\Application\chrome.exe .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtUnmapViewOfSection + 6 775F544A 4 Bytes [68, D7, 24, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2932] ntdll.dll!NtUnmapViewOfSection + B 775F544F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3064] ntdll.dll!NtMapViewOfSection + 6 775F499A 4 Bytes [18, 10, 50, 74] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3064] ntdll.dll!NtMapViewOfSection + B 775F499F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3064] WS2_32.dll!closesocket 7756330C 5 Bytes JMP 04064A54 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3064] WS2_32.dll!recv 7756343A 5 Bytes JMP 040645F3 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3064] WS2_32.dll!WSASend 77564496 5 Bytes JMP 04064573 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3064] WS2_32.dll!send 7756659B 5 Bytes JMP 04064506 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3064] WS2_32.dll!WSAGetOverlappedResult 77568143 5 Bytes JMP 04064900 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3064] WS2_32.dll!WSARecv 77568400 5 Bytes JMP 04064750 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtCreateFile + 6 775F424A 4 Bytes [28, 1C, 20, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtCreateFile + B 775F424F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtMapViewOfSection + 6 775F499A 4 Bytes [28, 1F, 20, 00] {SUB [EDI], BL; AND [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtMapViewOfSection + B 775F499F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtOpenFile + 6 775F4A2A 4 Bytes [68, 1C, 20, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtOpenFile + B 775F4A2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtOpenProcess + 6 775F4AAA 4 Bytes [A8, 1D, 20, 00] {TEST AL, 0x1d; AND [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtOpenProcess + B 775F4AAF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtOpenProcessToken + B 775F4ABF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtOpenProcessTokenEx + 6 775F4ACA 4 Bytes [A8, 1E, 20, 00] {TEST AL, 0x1e; AND [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtOpenProcessTokenEx + B 775F4ACF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtOpenThread + 6 775F4B1A 4 Bytes [68, 1D, 20, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtOpenThread + B 775F4B1F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtOpenThreadToken + 6 775F4B2A 4 Bytes [68, 1E, 20, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtOpenThreadToken + B 775F4B2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtOpenThreadTokenEx + B 775F4B3F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtQueryAttributesFile + 6 775F4BCA 4 Bytes [A8, 1C, 20, 00] {TEST AL, 0x1c; AND [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtQueryAttributesFile + B 775F4BCF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtQueryFullAttributesFile + B 775F4C7F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtSetInformationFile + 6 775F515A 4 Bytes [28, 1D, 20, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtSetInformationFile + B 775F515F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtSetInformationThread + 6 775F51AA 4 Bytes [28, 1E, 20, 00] {SUB [ESI], BL; AND [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtSetInformationThread + B 775F51AF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtTerminateProcess 775F5364 5 Bytes JMP 0095D448 C:\Program Files\Google\Chrome\Application\chrome.exe .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtUnmapViewOfSection + 6 775F544A 4 Bytes [68, 1F, 20, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3200] ntdll.dll!NtUnmapViewOfSection + B 775F544F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtCreateFile + 6 775F424A 4 Bytes [28, 6C, 4D, 00] {SUB [EBP+ECX*2+0x0], CH} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtCreateFile + B 775F424F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtMapViewOfSection + 6 775F499A 4 Bytes [28, 6F, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtMapViewOfSection + B 775F499F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenFile + 6 775F4A2A 4 Bytes [68, 6C, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenFile + B 775F4A2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenProcess + 6 775F4AAA 4 Bytes [A8, 6D, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenProcess + B 775F4AAF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenProcessToken + B 775F4ABF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenProcessTokenEx + 6 775F4ACA 4 Bytes [A8, 6E, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenProcessTokenEx + B 775F4ACF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenThread + 6 775F4B1A 4 Bytes [68, 6D, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenThread + B 775F4B1F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenThreadToken + 6 775F4B2A 4 Bytes [68, 6E, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenThreadToken + B 775F4B2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenThreadTokenEx + B 775F4B3F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtQueryAttributesFile + 6 775F4BCA 4 Bytes [A8, 6C, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtQueryAttributesFile + B 775F4BCF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtQueryFullAttributesFile + B 775F4C7F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtSetInformationFile + 6 775F515A 4 Bytes [28, 6D, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtSetInformationFile + B 775F515F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtSetInformationThread + 6 775F51AA 4 Bytes [28, 6E, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtSetInformationThread + B 775F51AF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtTerminateProcess 775F5364 5 Bytes JMP 0095D448 C:\Program Files\Google\Chrome\Application\chrome.exe .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtUnmapViewOfSection + 6 775F544A 4 Bytes [68, 6F, 4D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtUnmapViewOfSection + B 775F544F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtCreateFile + 6 775F424A 4 Bytes [28, AC, 2C, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtCreateFile + B 775F424F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtMapViewOfSection + 6 775F499A 4 Bytes [28, AF, 2C, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtMapViewOfSection + B 775F499F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtOpenFile + 6 775F4A2A 4 Bytes [68, AC, 2C, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtOpenFile + B 775F4A2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtOpenProcess + 6 775F4AAA 4 Bytes [A8, AD, 2C, 00] {TEST AL, 0xad; SUB AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtOpenProcess + B 775F4AAF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtOpenProcessToken + B 775F4ABF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtOpenProcessTokenEx + 6 775F4ACA 4 Bytes [A8, AE, 2C, 00] {TEST AL, 0xae; SUB AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtOpenProcessTokenEx + B 775F4ACF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtOpenThread + 6 775F4B1A 4 Bytes [68, AD, 2C, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtOpenThread + B 775F4B1F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtOpenThreadToken + 6 775F4B2A 4 Bytes [68, AE, 2C, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtOpenThreadToken + B 775F4B2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtOpenThreadTokenEx + B 775F4B3F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtQueryAttributesFile + 6 775F4BCA 4 Bytes [A8, AC, 2C, 00] {TEST AL, 0xac; SUB AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtQueryAttributesFile + B 775F4BCF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtQueryFullAttributesFile + B 775F4C7F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtSetInformationFile + 6 775F515A 4 Bytes [28, AD, 2C, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtSetInformationFile + B 775F515F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtSetInformationThread + 6 775F51AA 4 Bytes [28, AE, 2C, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtSetInformationThread + B 775F51AF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtTerminateProcess 775F5364 5 Bytes JMP 0095D448 C:\Program Files\Google\Chrome\Application\chrome.exe .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtUnmapViewOfSection + 6 775F544A 4 Bytes [68, AF, 2C, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3360] ntdll.dll!NtUnmapViewOfSection + B 775F544F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtCreateFile + 6 775F424A 4 Bytes [28, 40, C4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtCreateFile + B 775F424F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtMapViewOfSection + 6 775F499A 4 Bytes [28, 43, C4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtMapViewOfSection + B 775F499F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenFile + 6 775F4A2A 4 Bytes [68, 40, C4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenFile + B 775F4A2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenProcess + 6 775F4AAA 4 Bytes [A8, 41, C4, 00] {TEST AL, 0x41; LES EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenProcess + B 775F4AAF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenProcessToken + 6 775F4ABA 4 Bytes CALL 76600F00 C:\Windows\system32\SHELL32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenProcessToken + B 775F4ABF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenProcessTokenEx + 6 775F4ACA 4 Bytes [A8, 42, C4, 00] {TEST AL, 0x42; LES EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenProcessTokenEx + B 775F4ACF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenThread + 6 775F4B1A 4 Bytes [68, 41, C4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenThread + B 775F4B1F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenThreadToken + 6 775F4B2A 4 Bytes [68, 42, C4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenThreadToken + B 775F4B2F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenThreadTokenEx + 6 775F4B3A 4 Bytes CALL 76600F81 C:\Windows\system32\SHELL32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtOpenThreadTokenEx + B 775F4B3F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtQueryAttributesFile + 6 775F4BCA 4 Bytes [A8, 40, C4, 00] {TEST AL, 0x40; LES EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtQueryAttributesFile + B 775F4BCF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtQueryFullAttributesFile + 6 775F4C7A 4 Bytes CALL 766010BF C:\Windows\system32\SHELL32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtQueryFullAttributesFile + B 775F4C7F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtSetInformationFile + 6 775F515A 4 Bytes [28, 41, C4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtSetInformationFile + B 775F515F 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtSetInformationThread + 6 775F51AA 4 Bytes [28, 42, C4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtSetInformationThread + B 775F51AF 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtTerminateProcess 775F5364 5 Bytes JMP 0095D448 C:\Program Files\Google\Chrome\Application\chrome.exe .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtUnmapViewOfSection + 6 775F544A 4 Bytes [68, 43, C4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3596] ntdll.dll!NtUnmapViewOfSection + B 775F544F 1 Byte [E2] ---- EOF - GMER 2.1 ---- [/log]
pawel315 komentarz 6 września 2014 komentarz 6 września 2014 Witaj. Poprzez [b]"Dodaj lub usuń programy"[/b] odinstaluj: Unlocker 1.9.2 Fabulous discounts Jak nie przejdzie to nowe logi daj
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.